Tuesday, September 20, 2011

Command AD Queries

Locked Out Users - Displays all the user accounts that are locked out
(&(&(&(&(objectCategory=person)(objectClass=user)(lockoutTime:1.2.840.113556.1.4.804:=4294967295)))))
Dial In Access - Displays all the user accounts with Dial In Access
(&(&(&(&(objectCategory=person)(objectClass=user)(msNPAllowDialin=TRUE)))))
Disabled User Accounts - Displays all the user accounts that are currently disabled
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))
Non Expiring Accounts - Displays all the user accounts that are set to not expire
(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))
Active Accounts - Displays all the users account that are active
(&(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)))
Hidden Mailboxes - Displays all accounts with hidden Mailboxes
(&(objectCategory=person)(objectClass=user)(msExchHideFromAddressLists=TRUE))
Windows XP Computers - Displays all computers running Windows XP
(&(&(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows XP Professional)(operatingSystemServicePack=Service Pack 3))))))))
Vista Machines – Displays all computers running Windows Vista
(&(&(&(&(&(&(sAMAccountType=805306369)(objectCategory=computer)(operatingSystem=Windows Vista*)))))))
Vista Machines – SP1
(&(&(&(&(sAMAccountType=805306369)(objectCategory=computer)(operatingSystem=Windows Vista*)(operatingSystemServicePack=Service Pack 1)))))
All Computers - Displays all computers
(sAMAccountType=805306369)
Windows Server 2000 - Displays all computers running Windows Server 2000 (not including DC’s)
(&(&(&(&(&(objectCategory=Computer)(operatingSystem=Windows 2000 Professional))))))
Windows Server 2003 - Displays all computers running Windows Server 2003 (not including DC's)
(&(&(&(samAccountType=805306369)(primaryGroupID=516)(objectCategory=computer)(operatingSystem=Windows Server 2003*))))
Windows Server 2008 - Displays all computers running Windows Server 2008 (not including DC's)
(&(&(&(&(samAccountType=805306369)(!(primaryGroupId=516)))(objectCategory=computer)(operatingSystem=Windows Server 2008*))))
All Windows Server Domain Controllers - Displays all computers that are Domain Controllers
(&(&(&(sAMAccountType=805306369)(useraccountcontrol:1.2.840.113556.1.4.804:=67117056))))

Find all users whose email address contains …

(objectClass=user)(mail=*@afl.maori.nz)


http://www.petri.co.il/ldap_search_samples_for_windows_2003_and_exchange.htm


Basic LDAP Syntax

• = (EQUAL TO)

This LDAP argument means a certain attribute must be equal to a certain value to be true. For example, if you want to find all objects that have the first name of John, you would use:

Copy Code

(givenName=John)

This would return all objects that have the first name of John. Parentheses are included to emphasize the beginning and end of the LDAP statement.

• & (logical AND)

You use this syntax when you have more than one condition, and you want all conditions in the series to be true. For example, if you want to find all of the people that have the first name of John and live in Dallas, you would use:

Copy Code

(&(givenName=John)(l=Dallas))

Notice that each argument is in its own set of parentheses. The entire LDAP statement must be encompassed in a main set of parentheses. The & operator means that each argument must be true for this filter to apply to your object in question.

• ! (logical NOT)

This operator is used to exclude objects that have a certain attribute. Suppose you need to find all objects except those that have the first name of John. You would use the following statement:

Copy Code

(!givenName=John)

This statement would find all objects that do not have the first name of John. Notice that the ! operator goes directly in front of the argument and inside the argument's set of parentheses. Because there is only one argument in this statement, it is surrounded with parentheses for illustration.

• * (wildcard)

You use the wildcard operator to represent a value that could be equal to anything. One such situation might be if you wanted to find all objects that have a value for title. You would then use:

Copy Code

(title=*)

This would return all objects that have the title attribute populated with a value. Another example might be if you know an object's first name starts with Jo. Then, you could use the following to find those:

Copy Code

(givenName=Jo*)

This would apply to all objects whose first name starts with Jo.

• The following are more advanced examples of LDAP syntax:

• You need a filter to find all objects that are in Dallas or Austin, and that have the first name of John. This would be:

Copy Code

(&(givenName=John)(|(l=Dallas)(l=Austin)))

• You have received 9,548 events in the Application log, and you need to find all of the objects that are causing this logging event. In this case, you need to find all of the disabled users (msExchUserAccountControl=2) that do not have a value for msExchMasterAccountSID. This would be:

Copy Code

(&(msExchUserAccountControl=2)(!msExchMasterAccountSID=*))

• Note:


The ! operator in conjunction with the wildcard operator will look for objects where that attribute is not set to anything.


Posted by at No comments:
Labels: , ,

Check server last reboot time

Commands:

net stats srv

or systeminfo
Posted by at No comments:
Labels: , , , ,

NK 2 File Location

The location of the NK2 file of Outlook

The location of the NK2 AutoCompelete file created by Outlook might be different from one computer to another, depending on the operating system and the version of Outlook.

Here's the rules for finding the location of your NK2 file:

  • For Outlook 2003/2007 with Windows 2000, Windows XP, or Windows Server 2003:
    The location of the nk2 file is C:\Documents and Settings\[User Profile]\Application Data\Microsoft\Outlook
    The name of the NK2 file is identical to the Outlook profile name, with .nk2 extension.
  • For Outlook 2003/2007 with Windows Vista, Windows 7, or Windows server 2008:
    The location of the nk2 file is C:\Users\[User Profile]\AppData\Roaming\Microsoft\Outlook
    The name of the NK2 file is identical to the Outlook profile name, with .nk2 extension.
  • For Outlook 2010 with Windows Vista, Windows 7, or Windows server 2008:
    The nk2 file is located in C:\Users\[User Profile]\AppData\Local\Microsoft\Outlook\RoamCache
    The name of the NK2 file is in the following format: Stream_Autocomplete_X_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.dat The X is the file index (usually 0) and AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA is a random 16-byte key in hexadecimal format.
  • For Outlook 2010 with Windows XP:
    The nk2 file is located in C:\Documents and Settings\[User Profile]\Local Settings\Application Data\Microsoft\Outlook\RoamCache
    The name of the NK2 file is in the following format: Stream_Autocomplete_X_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.dat The X is the file index (usually 0) and AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA is a random 16-byte key in hexadecimal format.
Posted by at No comments:
Labels: , , ,

Commands to find out the CAS Server on Exchange

get-clientaccessserver | fl

CAS server provides POP/IMAP, OWA, autodiscover,availibility,OAB services.

run get-clientaccessserver | fl, look at autodiscoverinternalurl, this is the SPN for autodiscover service, Outlook connects on this URL for autodiscover and then retrieves the URL for other services.

run get-webservicesvirtualdirectory | fl, look at internalurl, this is the uri outlook will connect for availibility services.

run get-oabvirtualdirectory | fl, look at internalurl, this is the uri outlook will connect for OAB services.
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)