Active Directory Users and Computers Saved Queries

Wow, check out these great ADUC saved queries from   Ron Crumbaker at myITforum.com

Does anyone use the Saved Queries with in the ADUC?

I do, and I love them.

Here are some that might help you out.

Just Right Click on Saved Queries and Choose New and then Query.

Name the Query accordingly and then click on Define Query…

Then Find the Custom Search and click on the Advanced tab.

Paste each of these in the <add criteria from above to this list> area and then click OK.

Locked Out Users

(&(&(&(&(objectCategory=person)(objectClass=user)(lockoutTime:1.2.840.113556.1.4.804:=4294967295)))))

Dial In Access

(&(&(&(&(objectCategory=person)(objectClass=user)(msNPAllowDialin=TRUE)))))

Disabled User Accounts

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

No Expiring Accounts

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))

Active Accounts

(&(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)))

Hidden Mailboxes

(&(objectCategory=person)(objectClass=user)(msExchHideFromAddressLists=TRUE))

Windows 2000 SP4

(&(&(&(objectCategory=Computer)(operatingSystem=Windows 2000 Professional)(operatingSystemServicePack=Service Pack 4))))

Windows XP SP3

(&(&(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 3))))))))

Vista SP1 Machines

(&(&(&(&(sAMAccountType=805306369)(objectCategory=computer)(operatingSystem=Windows Vista*)(operatingSystemServicePack=Service Pack 1)))))

All Workstations

(sAMAccountType=805306369)

2003 Servers Non-DCs

(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2003*)))

2003 Servers – DCs

(&(&(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server 2003*)))

Server 2008

(&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2008*))))

Depending on how you have your AD Structure, you might need to edit each query and point it to the OU you desire…but hopefully this will get you started.

As I find a need to create more queries, I will post them to my blog.  Enjoy!

Active Directory Users and Computers Saved Queries
rcrumbaker
Thu, 07 Aug 2008 19:39:07 GMT

[tags]activedirectory[/tags]

6 thoughts on “Active Directory Users and Computers Saved Queries

  1. 2008 SP1 broke this one due to addition of a copyright symbol. This will fix it (note the added asterix)

    before:
    (&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2008*))))

    after:
    (&(&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server* 2008*)))))

  2. 2008 Servers – DCs

    (&(&(&(&(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server* 2008*)))))

  3. Disabled Computers

    (&(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=2)))

  4. Enabled computers

    (&(&(&(objectCategory=computer)(!userAccountControl:1.2.840.113556.1.4.803:=2))))

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.