• State Verified Answer
  • Replies 5 replies
  • Subscribers 62 subscribers
  • Views 1689 views
  • Users 0 members are here
Options
Related

Managed Unit Disabled Accounts

craig mcfarlane
over 2 years ago

Hi Guys. 

I have a need to have a Managed Unit which just shows me disabled accounts. 

I cant see edsaAccountIsDisabled attribute when i build the query on the MU. Using the below LDAP query works for some accounts but not all

 (&(sAMAccountType=805306368)(userAccountControl:1.2.840.113556.1.4.803:=2))

Any ideas why or is there a better way to get a MU with just disabled accounts? 

Cheers

Craig 

Parents
  • 0 over 2 years ago

    Even if i change the LDAP query to this. I have an OU that has two accounts and both were deprovisioned via the deprov process. Account is disabled but the LDAP query does not seem to finds them. If i run the same query in the native Active Directory and Computers it does find both accounts. 

    (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

Reply
  • 0 over 2 years ago

    Even if i change the LDAP query to this. I have an OU that has two accounts and both were deprovisioned via the deprov process. Account is disabled but the LDAP query does not seem to finds them. If i run the same query in the native Active Directory and Computers it does find both accounts. 

    (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

Children