Sunday, April 14, 2013

How to Search in Active Directory

There come a time you want to search your active directory for something not exist in the standard search, or you want to make a query that can not be done using the standard search that come with Active Directory console.
Like if you want to make a query that display only the active users and exclude the disabled user, or if you want to see the users how had log in to their computers for 2 times.
So in this case you may need a third party software to accomplish this, in fact you don't need anything
here is the tip:
Lets say you want to search for all the users that had log in to their computer for 2 times.
We need to know the Keyword that will represent the log in count and we can get these values from the user properties it self
Check the pic (I am using Windows 2008)

So as we see that the value we should use to build our search criteria is logonCount
Lets navigate to the search box 
Using Active Directory users and computers:
Right Click on the Domain and Click Find... , the search dialog box will appear.
Make sure that you select a Custom Search from the Find dropbox
Now type the following (logonCount=2) and press Find Now
you will get the result with all the users that had logon to their computer for 2 time or what ever time you specified.
So the steps are easy:
  • Get the keyword you want to search from from AD
  • Create your search criteria (Keyword=Value you want )(Another Keyword= Value)...

Hope you like the article

Update: Check this site it contain a great information about each number
http://support.microsoft.com/kb/305144/en-us

No comments: