I introduced Saved Queries in tip 6733 » How do I create Saved Queries
in Windows Server 2003 Active Directory Users and Computers?
To define a Saved Query that will list locked out user accounts, perform the following tasks a Windows XP domain member that has the Windows Server 2003 Administrative Tools installed.
01. Start / Run / dsa.msc / OK.
02. In the Active Directory Users and Computers snap-in, right-click Saved Queries and press New and Query.
03. Type LockedUsers into Name and List Locked Out User Accounts into Description.
04. Pressed the Define Query button.
05. Toggle the Find drop-down box to Custom Search.
06. Selected the Advanced tab.
07. In the Enter LDAP query box, enter:
(objectCategory=Person)(objectClass=User)(lockoutTime>=1)
08. Press OK.
09. The Query string box should now contain:
(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))
10. Press OK.
NOTE: Locked out accounts will appear in the query until they have been unlocked and the user has successfully logged on.
