How can I specify only users that are enabled in an LDAP query?

A. There are numerous filters you can apply when you perform an LDAP query. To check a user’s enabled status, you must check the user account flags. To check for a disabled user, you can use

useraccountcontrol:1.2.840.113556.1.4.803:=2

To check for a non-disabled user, you can add not (!) to the start of the query. For example,

!(useraccountcontrol:1.2.840.113556.1.4.803:=2)

When used as part of a query, this will result in a listing of only enabled users.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish