- Find all Computers that are NT4.0 BDCs
(&(objectCategory=computer)(operatingSystemVersion=4*)(userAccountControl:1.2.840.113556.1.4.803:=8192))
- Find all Computers that do not have a Description
Notice the "!" that means "NOT".
(objectCategory=computer)(!description=*)
- Find all Groups that have a Description
(objCategory=group)(description=*)
- Find all Groups that start with QA or HD
Notice the "|" that means "OR".
(objectCategory=group)(|(cn=QA*)(cn=HD*))
- Find all Objects where Department, Company or Description is Sales
Notice the "|" that means "OR".
(|(department=Sales)(company=Sales)(description=Sales))
- Find all Users created after 01.08.2004
(objectCategory=user)(whenCreated>=20040801000000.0Z)
- Find all Users except Sara
Notice the "!" that means "NOT".
(objectCategory=user)(!cn=sara*)
- Find all Users that are almost Locked-Out
Notice the ">=" that means "Greater than or equal to".
(objectCategory=user)(badPwdCount>=2)
- Find all Users that are Disabled
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))
- Find all Users that are Disabled (another option)
(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))
- Find all Users that are members of QA Users Group in the Help Desk OU in the dpetri.net domain
(objectCategory=user)(memberOf=CN=QA Users,OU=Help Desk,DC=dpetri,DC=net)
- Find all Users that have an E-Mail Address (not Exchange related)
(objectClass=user)(mail=*)
- Find all Users that have an E-Mail attribute (Mail Enabled)
(objectClass=user)(email=*)
- Find all Users that have not changed password since 05.02.2004
Note: Download the datetointeger8.zip script to help you generate this date format.
(&(objectCategory=person)(objectClass=user)(pwdLastSet<=127204308000000000))
- Find all Users that have never logged in at all
Notice the "|" that means "OR" and the "!" that means "NOT".
(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))
- Find all Users that must change password at next logon
(objectCategory=user)(pwdLastSet=0)
- Find all Users with Dial-In permissions
(objectCategory=user)(msNPAllowDialin=TRUE)
- Find all Users with First Name of David
(objectcategory=user)(cn=David*)
- Find all Users with First Name of David or Dana
Notice the "|" that means "OR".
(objectcategory=user)(|(cn=David*)(cn=Dana*))
- Find all Users with Mobile numbers 050 or 051
Notice the "|" that means "OR".
(objectcategory=user)(|(mobile=050*)(mobile=051*))
- Find all Users with Password Never Expires set
(objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
- Find all Users, Groups or Contacts where Company or Description is North
Notice the "|" that means "OR".
(|(objectcategory=user)(objectcategory=group)(objectcategory=contact))(|(description=North*)(company=North*))
(&(objectCategory=computer)(operatingSystemVersion=4*)(userAccountControl:1.2.840.113556.1.4.803:=8192))
- Find all Computers that do not have a Description
Notice the "!" that means "NOT".
(objectCategory=computer)(!description=*)
- Find all Groups that have a Description
(objCategory=group)(description=*)
- Find all Groups that start with QA or HD
Notice the "|" that means "OR".
(objectCategory=group)(|(cn=QA*)(cn=HD*))
- Find all Objects where Department, Company or Description is Sales
Notice the "|" that means "OR".
(|(department=Sales)(company=Sales)(description=Sales))
- Find all Users created after 01.08.2004
(objectCategory=user)(whenCreated>=20040801000000.0Z)
- Find all Users except Sara
Notice the "!" that means "NOT".
(objectCategory=user)(!cn=sara*)
- Find all Users that are almost Locked-Out
Notice the ">=" that means "Greater than or equal to".
(objectCategory=user)(badPwdCount>=2)
- Find all Users that are Disabled
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))
- Find all Users that are Disabled (another option)
(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))
- Find all Users that are members of QA Users Group in the Help Desk OU in the dpetri.net domain
(objectCategory=user)(memberOf=CN=QA Users,OU=Help Desk,DC=dpetri,DC=net)
- Find all Users that have an E-Mail Address (not Exchange related)
(objectClass=user)(mail=*)
- Find all Users that have an E-Mail attribute (Mail Enabled)
(objectClass=user)(email=*)
- Find all Users that have not changed password since 05.02.2004
Note: Download the datetointeger8.zip script to help you generate this date format.
(&(objectCategory=person)(objectClass=user)(pwdLastSet<=127204308000000000))
- Find all Users that have never logged in at all
Notice the "|" that means "OR" and the "!" that means "NOT".
(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))
- Find all Users that must change password at next logon
(objectCategory=user)(pwdLastSet=0)
- Find all Users with Dial-In permissions
(objectCategory=user)(msNPAllowDialin=TRUE)
- Find all Users with First Name of David
(objectcategory=user)(cn=David*)
- Find all Users with First Name of David or Dana
Notice the "|" that means "OR".
(objectcategory=user)(|(cn=David*)(cn=Dana*))
- Find all Users with Mobile numbers 050 or 051
Notice the "|" that means "OR".
(objectcategory=user)(|(mobile=050*)(mobile=051*))
- Find all Users with Password Never Expires set
(objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
- Find all Users, Groups or Contacts where Company or Description is North
Notice the "|" that means "OR".
(|(objectcategory=user)(objectcategory=group)(objectcategory=contact))(|(description=North*)(company=North*))