• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2220
  • Last Modified:

Query LDAP: Active Directory

please is what you can help me to make a query (Query LDAP: Active Directory Users & Computers -> Saved Queries)
1- I want all users of the domain "netwan" who are active and where the last logon date is> = 90 days
2. query  all users of the domain  "netwan" that are disabled and for whom the date of last logon is> = 120 days
3. query "users created since the" all users of the domain "netwan" who are active and whose creation date is after a certain date in the query entry
thank you and if possible you can send me the application (XML export of queries).
0
DRRAM
Asked:
DRRAM
1 Solution
 
SuperTacoCommented:
the best way to do this is with a tool called adfind, which can be found on joreware.net.  I have some script put together that I can send you tomorrow, they are on another machine that is not accessible right now.

you can do this with Dsquery or by using VB Script as well.  

For DSquery to find all active users:

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))" | dsget user -display

you can export this to text buy using

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))" | dsget user -display > c:\users.txt

I will post some adfind scripts when i have access to my storage
0
 
DRRAMAuthor Commented:
SuperTaco
but I do not need the list of active users only

1- I want all users of the domain "netwan" who are active and where the last logon date is> = 90 days
2. query  all users of the domain  "netwan" that are disabled and for whom the date of last logon is> = 120 days
3. query "users created since the" all users of the domain "netwan" who are active and whose creation date is after a certain date in the query entry
thank you and if possible you can send me the application (XML export of queries).
0
 
Mike KlineCommented:
adfind was mentioned and it is a tool that I like and think make this easier

http://www.joeware.net/freetools/tools/adfind/index.htm

I want all users of the domain "netwan" who are active and where the last logon date is> = 90 days

adfind -default -bit -binenc -f "&(objectcategory=person)(objectclass=user)(!useraccountcontrol:AND:=2)(lastlogontimestamp>={{current:-60d}})"   samaccountname lastlogontimestamp -tdc

 query  all users of the domain  "netwan" that are disabled and for whom the date of last logon is> = 120 days

adfind -default -bit -binenc -f "&(objectcategory=person)(objectclass=user)(useraccountcontrol:AND:=2)(lastlogontimestamp>={{current:-120d}})"   samaccountname lastlogontimestamp -tdc

query "users created since the" all users of the domain "netwan" who are active and whose creation date is after a certain date in the query entry

adfind -default -bit -binenc -f "&(objectcategory=person)(objectclass=user)(!useraccountcontrol:AND:=2)(whenCreated>=20110701000000.0Z)"   samaccountname whencreated -tdca

I used July 1 for the date, more on that format here http://blog.scottlowe.org/2006/10/11/finding-recently-created-active-directory-accounts/

More info on delta time searches with adfind here   http://blog.joeware.net/2008/11/28/1517/

Thanks

Mike

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
asadqCommented:
you can also you use active directory management tool which fulfills  your requirements

http://www.manageengine.com/products/ad-manager/index.html

0
 
DRRAMAuthor Commented:
Olease Person can answer me at my request exactly query

please is what you can help me to make a query (Query LDAP: Active Directory Users & Computers -> Saved Queries)
1- I want all users of the domain "netwan" who are active and where the last logon date is> = 90 days
2. query  all users of the domain  "netwan" that are disabled and for whom the date of last logon is> = 120 days
3. query "users created since the" all users of the domain "netwan" who are active and whose creation date is after a certain date in the query entry
thank you and if possible you can send me the application (XML export of queries).
0
 
DRRAMAuthor Commented:
THX
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now