Solved

Active Directory Query for All Active, Email-enabled Users

Posted on 2014-04-03
5
3,161 Views
Last Modified: 2014-04-08
I need to find a way to query Active Directory that will give me a list of all users who are NOT disabled and have an email address listed. Dsquery seems to only allow you to search for disabled users, not enabled users only, and I can't seem to find a way to do this using the AD GUI. Any thoughts? Someone must have needed to do this before.
0
Comment
Question by:leatherleaf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39975165
What version of Exchange are you running?
0
 

Author Comment

by:leatherleaf
ID: 39975169
2010
0
 
LVL 16

Assisted Solution

by:Enphyniti
Enphyniti earned 250 total points
ID: 39975219
Forgot to ask, are you looking for AD user objects with email addresses defined, or users that have exchange mailboxes?

If you're looking for the emailaddress attribute of the AD user object, then something like this powershell will give you what you need:

import-module activedirectory
Get-ADUser -filter * -properties emailaddress, enabled| ?{($_.emailaddress -ne $null) -and ($_.enabled -eq "True")}
0
 
LVL 3

Expert Comment

by:chuckmccullough
ID: 39975312
If you want a GUI solution you might consider products like SystemTools Hyena:

http://www.systemtools.com/hyena/

It has a default query for All Disabled Users, but you can copy that query and with one change make an All Enabled Users. You'll be able to customize this query to add any fields you want it to display, such as E-Mail, etc. From there simply run it with a right-click menu option and sort on the E-Mail column.

Better yet, you can add this to your new All Enabled Users query: (mail=*), and when you run it will only return enabled users with a value in the E-Mail attribute.

Full Disclosure: I work for SystemTools Software (which also means I can help if you decide to try it and have any questions).
0
 
LVL 17

Accepted Solution

by:
Premkumar Yogeswaran earned 250 total points
ID: 39975319
Hi,

Run the below command in command prompt from any domain controller orelse any member server have support tool installed.

Dsquery * -filter "&(objectCategory=user)(!UserAccountControl:1.2.840.113556.1.4.803:=2)(mail=*)" -attr name samaccountname mail  > c:\temp\file.txt 

Open in new window


Regards,
Prem
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question