Solved

Active Directory Query for All Active, Email-enabled Users

Posted on 2014-04-03
5
2,741 Views
Last Modified: 2014-04-08
I need to find a way to query Active Directory that will give me a list of all users who are NOT disabled and have an email address listed. Dsquery seems to only allow you to search for disabled users, not enabled users only, and I can't seem to find a way to do this using the AD GUI. Any thoughts? Someone must have needed to do this before.
0
Comment
Question by:leatherleaf
5 Comments
 
LVL 16

Expert Comment

by:Enphyniti
ID: 39975165
What version of Exchange are you running?
0
 

Author Comment

by:leatherleaf
ID: 39975169
2010
0
 
LVL 16

Assisted Solution

by:Enphyniti
Enphyniti earned 250 total points
ID: 39975219
Forgot to ask, are you looking for AD user objects with email addresses defined, or users that have exchange mailboxes?

If you're looking for the emailaddress attribute of the AD user object, then something like this powershell will give you what you need:

import-module activedirectory
Get-ADUser -filter * -properties emailaddress, enabled| ?{($_.emailaddress -ne $null) -and ($_.enabled -eq "True")}
0
 
LVL 3

Expert Comment

by:chuckmccullough
ID: 39975312
If you want a GUI solution you might consider products like SystemTools Hyena:

http://www.systemtools.com/hyena/

It has a default query for All Disabled Users, but you can copy that query and with one change make an All Enabled Users. You'll be able to customize this query to add any fields you want it to display, such as E-Mail, etc. From there simply run it with a right-click menu option and sort on the E-Mail column.

Better yet, you can add this to your new All Enabled Users query: (mail=*), and when you run it will only return enabled users with a value in the E-Mail attribute.

Full Disclosure: I work for SystemTools Software (which also means I can help if you decide to try it and have any questions).
0
 
LVL 17

Accepted Solution

by:
Premkumar Yogeswaran earned 250 total points
ID: 39975319
Hi,

Run the below command in command prompt from any domain controller orelse any member server have support tool installed.

Dsquery * -filter "&(objectCategory=user)(!UserAccountControl:1.2.840.113556.1.4.803:=2)(mail=*)" -attr name samaccountname mail  > c:\temp\file.txt 

Open in new window


Regards,
Prem
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now