- Find all Computers that are NT4.0 BDCs

(&(objectCategory=computer)(operatingSystemVersion=4*)(userAccountControl:1.2.840.113556.1.4.803:=8192))

- Find all Computers that do not have a Description
 Notice the "!" that means "NOT".

(objectCategory=computer)(!description=*)


- Find all Groups that have a Description

(objCategory=group)(description=*)

- Find all Groups that start with QA or HD
Notice the "|" that means "OR".

(objectCategory=group)(|(cn=QA*)(cn=HD*))

- Find all Objects where Department, Company or Description is Sales
Notice the "|" that means "OR".

(|(department=Sales)(company=Sales)(description=Sales))

- Find all Users created after 01.08.2004

(objectCategory=user)(whenCreated>=20040801000000.0Z)

- Find all Users except Sara
Notice the "!" that means "NOT".

(objectCategory=user)(!cn=sara*)

- Find all Users that are almost Locked-Out
Notice the ">=" that means "Greater than or equal to".

(objectCategory=user)(badPwdCount>=2)

- Find all Users that are Disabled

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

- Find all Users that are Disabled (another option)

(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))

- Find all Users that are members of QA Users Group in the Help Desk OU in the dpetri.net domain

(objectCategory=user)(memberOf=CN=QA Users,OU=Help Desk,DC=dpetri,DC=net)

- Find all Users that have an E-Mail Address (not Exchange related)

(objectClass=user)(mail=*)

- Find all Users that have an E-Mail attribute (Mail Enabled)

(objectClass=user)(email=*)

- Find all Users that have not changed password since 05.02.2004
Note: Download the datetointeger8.zip script to help you generate this date format.

(&(objectCategory=person)(objectClass=user)(pwdLastSet<=127204308000000000))

- Find all Users that have never logged in at all
Notice the "|" that means "OR" and the "!" that means "NOT".

(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))

- Find all Users that must change password at next logon

(objectCategory=user)(pwdLastSet=0)

- Find all Users with Dial-In permissions

(objectCategory=user)(msNPAllowDialin=TRUE)

- Find all Users with First Name of David

(objectcategory=user)(cn=David*)

- Find all Users with First Name of David or Dana
Notice the "|" that means "OR".

(objectcategory=user)(|(cn=David*)(cn=Dana*))

- Find all Users with Mobile numbers 050 or 051
Notice the "|" that means "OR".

(objectcategory=user)(|(mobile=050*)(mobile=051*))

- Find all Users with Password Never Expires set

(objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)

- Find all Users, Groups or Contacts where Company or Description is North
Notice the "|" that means "OR".

(|(objectcategory=user)(objectcategory=group)(objectcategory=contact))(|(description=North*)(company=North*))








신고
크리에이티브 커먼즈 라이선스
Creative Commons License

WRITTEN BY
WizCody
WizCody 의 Tistory

받은 트랙백이 없고 , 댓글이 없습니다.
secret