Using Saved Queries to filter Active Directory Users and Computers


imageJust a quick article here for a late Friday afternoon article.

If you managed Microsoft Windows Active Directory based domains you should be very familiar with the management console Active Directory Users and Computers (ADUC). When you have a sprawling OU design it can be difficult to find the user, computer or group that needs your attention. I set up a few saved queries to give me an easy to read list view of certain object types. If you can’t figure out how to create a new saved query then you may be in the wrong job but the is a comprehensive guide over at the Petri IT Knowledgebase. The 3 I use most often are set up as follows

  • All Devices
    • A simple query where just the computer object must have a value to display
  • All Users
    • Same as above, just make sure you are focussing on Users not Computers
  • Locked accounts
    • My most useful time saver. This one is only slightly more tricky as you need to enter a custom search string. Credit goes to an article on WinodwsNetworking.com for this one. By using the string below, when somebody calls to say they have been locked out, I can quickly bring up this saved query and unlock them in a matter of seconds
    • (&(&(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))))

You can really go to town on these queries and there is a great list already created for you, back over on the Petri IT Knowledgebase

Advertisements

One thought on “Using Saved Queries to filter Active Directory Users and Computers

What do you think?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s