Wednesday, December 17, 2014

LDAP Queries for Users, Computers, Groups and Service Connection Points



Find attached a lot of ldap queries. An example how to use this queries using ADUC, see this post.

Computer accounts


Computer accounts starting with WS
(objectcategory=computer)(samaccountname=WS*)

Computer accounts with "COP" in the attribute "description"
(&(objectCategory=computer)(description=*COP*))
or
(&(objectCategory=computer)(description=*COP)) -->for only COP in the description

Computer accounts with MS-SQL installed
(&(objectCategory=computer)(servicePrincipalName=MSSQLSvc*))

Computer accounts with a Server OS
(&(objectCategory=computer)(operatingsystem=*server*))

Find all Computers that do not have a Description
(objectCategory=computer)(!description=*)

Find All Workstations
(sAMAccountType=805306369)
or
(&(objectCategory=computer)(objectClass=computer))

Find all 2003 Servers Non-DCs
(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2003*)))

Find all 2003 Servers – DCs
(&(&(&(samAccountType=805306369)(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server 2003*))))

Find all Server 2008
(&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2008*))))

Find all 2008 Servers – DCs
(&(&(&(&(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server* 2008*)))))

Disabled Computer Acounts
(&(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=2)))

Enabled Computer Acounts
(&(&(&(objectCategory=computer)(!userAccountControl:1.2.840.113556.1.4.803:=2))))

SQL Servers any Windows Server OS
(&(objectCategory=computer)(servicePrincipalName=MSSQLSvc*)(operatingSystem=Windows Server*))

Exchange Servers any Windows Server OS
(&(objectCategory=computer)(servicePrincipalName=exchangeMDB*)(operatingSystem=Windows Server*))

Find all Windows XP SP3 computers
(&(&(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 3))))))))

Find all Windows Vista SP1 computers
(&(objectCategory=computer)(operatingSystem=Windows Vista*)(operatingSystemServicePack=Service Pack 1))

Find all Windows Server 2008 Enterprise computers
(&(objectCategory=computer)(operatingSystem=Windows Server® 2008 Enterprise)(operatingSystemServicePack=Service Pack 1))

Find all Windows Server 2008 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows Server® 2008*))

Find all Windows 8.0 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows 8*)(operatingSystemVersion=6.2 (9200))) 

Find all Windows 8.1 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows 8.1*))

Find all computer accounts for whom a manager is specified
(&(&(objectCategory=computer)(objectClass=computer))
(managedBy=*))


Find all Windows Server 2012 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows Server 2012*))

Find all Windows Server 2012 no R2 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows Server 2012*)
(operatingSystemVersion=6.2 (9200))) 

 Find all Windows Server 2012 R2 (all versions) computers
(&(objectCategory=computer)(operatingSystem=Windows Server 2012 R2*)) 


User accounts


Find all user accounts
(&(objectCategory=person)(objectClass=user))

Find all user accounts for whom a password is not required
(&(&(objectCategory=person)(objectClass=user))
(UserAccountControl:1.2.840.113556.1.4.803:=32))

Find all user accounts that do not require a SmartCard for logon
(&(&(objectCategory=person)(objectClass=user))
(!(UserAccountControl:1.2.840.113556.1.4.803:=262144)))

Find users that have non-expiring passwords
(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)

To find all user accounts that have the name “Mueller” in them
(objectcategory=person)(samaccountname=*Mueller*)

Locked out user accounts
(&(objectCategory=person)(objectClass=user)(lockoutTime>=1))

Useraccounts starting with "A" in the Attribute "Common Name"
(&(objectCategory=user)(cn=A*))

Diabled user accounts
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

Useraccounts without an value in Attribute "Mail"
(&(objectCategory=person)(objectClass=user)(!mail=*))

Useraccounts with Mail Enabled
(objectClass=user)(mail=*)

Useraccounts that have never logged on
(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))

Users that have been given dial-in permissions
(objectCategory=user)(msNPAllowDialin=TRUE)
Users find who have admin in description field
(objectcategory=person)(description=*admin*)

Find user accounts with no log on script
(objectcategory=person)(!scriptPath=*)

Find user accounts with no profile path
(objectcategory=person)(!profilepath=*)

Find non disabled accounts that must change their password at next logon
(objectCategory=person)(objectClass=user)(pwdLastSet=0)(!useraccountcontrol:1.2.840.113556.1.4.803:=2)

Find all Users that need to change password on next login
(&(objectCategory=user)(pwdLastSet=0))

Finds all locked out accounts
(objectCategory=person)(objectClass=user)(useraccountcontrol:1.2.840.113556.1.4.803:=16)

Finds all Users with Email Address set
(objectcategory=person)(mail=*)

Finds all Users with no Email Address
(objectcategory=person)(!mail=*)

Find all Users with Dial-In permissions
(objectCategory=user)(msNPAllowDialin=TRUE)

Finds all disabled accounts in active directory
(objectCategory=person)(objectClass=user)(useraccountcontrol:1.2.840.113556.1.4.803:=2)

Find all Users that are almost Locked-Out
Notice the “>=” that means “Greater than or equal to”.
(objectCategory=user)(badPwdCount>=2)

Find all mail-enabled groups hidden from the Global Address list (GAL)
(&(&(objectCategory=group)(objectClass=group))
(&(mailnickname=*)(msExchHideFromAddressLists=TRUE)))

Find all mail-enabled security groups
(&(&(objectCategory=group)(groupType:1.2.840.113556.1.4.804:=2147483648))
(mailnickname=*))

Find all mailbox-enabled accounts
(&(&(objectCategory=person)(objectClass=user))
(&(mailnickname=*)(|(msExchhomeServerName=*)(homeMDB=*))))

Find all mailbox-enabled accounts with Outlook Web Access (OWA) disabled
(&(&(objectCategory=person)(objectClass=user))
(&(mailnickname=*)(|(msExchhomeServerName=*)(homeMDB=*))
(|(protocolSettings=*HTTP§0*)(protocolSettings=*OWA§0*))))

Find all users with Hidden Mailboxes
(&(objectCategory=person)(objectClass=user)(msExchHideFromAddressLists=TRUE))

(&(&(objectCategory=person)(objectClass=user))(lastLogon>=129772445240000000))



Groups


To find all groups that have no members
(objectCategory=group)(!member=*)

Find Groups that contains the word admin
(objectcategory=group)(samaccountname=*admin*)

Find all Universal Groups
(groupType:1.2.840.113556.1.4.803:=8)

Find all global security groups
(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483650))

Finds Domain Local Groups
(groupType:1.2.840.113556.1.4.803:=4)

Find all distribution groups
(&(|(&(objectCategory=Group)(objectClass=Group)(|(groupType=8)(groupType=4)(groupType=2)))(objectCategory=ms-Exch-Dynamic-Distribution-List)(objectClass=msExchDynamicDistributionList)))

List all groups with sec- prefix convention
(&(objectCategory=group)(name=*sec-*))

Find all security groups with members
(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.804:=2147483648)(member=*))



Service connection Points


Find all service connection points
(objectCategory=serviceConnectionPoint)

Find all service connection points that do not have service bindings specified
(&(objectCategory=serviceConnectionPoint)(!(serviceBindingInformation=*)))

Find all service connection points that do not have a service DNS name specified
(&(objectCategory=serviceConnectionPoint)(!(serviceDNSName=*)))

4 comments:

  1. I and also my friends were actually checking out the nice guidelines
    on your website and quickly came up with an awful feeling I never thanked the site owner for
    them. All the ladies became absolutely very interested to see them and now have absolutely been tapping into those
    things. Appreciation for indeed being quite accommodating as well as for picking out some excellent topics
    millions of individuals are really desirous to be informed on. My personal honest
    apologies for not saying thanks to earlier.

    ReplyDelete
  2. Excellent post. I'm dealing with many of these issues as well..

    ReplyDelete
  3. I genuinely enjoy looking through on this internet site,
    it has great content.

    ReplyDelete