Solved

Active Directory Query for All Active, Email-enabled Users

Posted on 2014-04-03
5
2,991 Views
Last Modified: 2014-04-08
I need to find a way to query Active Directory that will give me a list of all users who are NOT disabled and have an email address listed. Dsquery seems to only allow you to search for disabled users, not enabled users only, and I can't seem to find a way to do this using the AD GUI. Any thoughts? Someone must have needed to do this before.
0
Comment
Question by:leatherleaf
5 Comments
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39975165
What version of Exchange are you running?
0
 

Author Comment

by:leatherleaf
ID: 39975169
2010
0
 
LVL 16

Assisted Solution

by:Enphyniti
Enphyniti earned 250 total points
ID: 39975219
Forgot to ask, are you looking for AD user objects with email addresses defined, or users that have exchange mailboxes?

If you're looking for the emailaddress attribute of the AD user object, then something like this powershell will give you what you need:

import-module activedirectory
Get-ADUser -filter * -properties emailaddress, enabled| ?{($_.emailaddress -ne $null) -and ($_.enabled -eq "True")}
0
 
LVL 3

Expert Comment

by:chuckmccullough
ID: 39975312
If you want a GUI solution you might consider products like SystemTools Hyena:

http://www.systemtools.com/hyena/

It has a default query for All Disabled Users, but you can copy that query and with one change make an All Enabled Users. You'll be able to customize this query to add any fields you want it to display, such as E-Mail, etc. From there simply run it with a right-click menu option and sort on the E-Mail column.

Better yet, you can add this to your new All Enabled Users query: (mail=*), and when you run it will only return enabled users with a value in the E-Mail attribute.

Full Disclosure: I work for SystemTools Software (which also means I can help if you decide to try it and have any questions).
0
 
LVL 17

Accepted Solution

by:
Premkumar Yogeswaran earned 250 total points
ID: 39975319
Hi,

Run the below command in command prompt from any domain controller orelse any member server have support tool installed.

Dsquery * -filter "&(objectCategory=user)(!UserAccountControl:1.2.840.113556.1.4.803:=2)(mail=*)" -attr name samaccountname mail  > c:\temp\file.txt 

Open in new window


Regards,
Prem
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question