Paul Hill | itFlee.

com

The goal of this lesson is to show you how you can create Saved Queries to make redundant tasks much easier. For
example, you can create a saved query that will list all the users who have not logged in in the last 30 days.

We will start by creating a new query that will list all users who have not logged in within the last 30 days. To do this,
you need to right-click on Saved Queries and choose New > Query.

On the New Query window and type in the desired Name and Description of the query.

Click Define Query to create the query string.

Paul Hill | PaulH@itflee.com | itFlee.com

 Paul Hill | itFlee.com

Under the Find dropdown list you have 7 options; Users, Contacts and Groups, Computers, Printers, Shared Folders,
Organizational Units, Custom Search and Common Queries.

The first 5 options are self-explanatory and act just like a normal AD search. The custom search allows you to create
searches based on an object’s properties. For example, you could only show users from a certain office location:

You can also select the Advanced tab and enter a specific LDAP query. In order to be able to create LDAP queries, you
will need to understand basic LDAP syntax. You can find a link to that information under the resources section of this
lesson.

Common Queries allow you to easily create a query for users, computes and groups. Select this option under the
dropdown list for Find, then under the Days since last logon drop box, select 30, then click OK. Click OK again to close
the New Query window.

Paul Hill | PaulH@itflee.com | itFlee.com

 Paul Hill | itFlee.com

Now any users who have not logged in within the last 30 days will be listed when we select this saved query. Since this is
a lab and I do not have any user accounts that meet this saved query query nothing will be listed here. For those of you
who are following along in a real world environment with a lot of users you will probably find some users listed here.

The next Saved Query we want to make will show us all user accounts that are locked out. Right-click on Saved Queries
and choose New Query. I am going to name this query “Locked User Accounts”. Type in a description if you want and
then click Define Query and choose Custom Search. Under Advanced, enter the following LDAP query then click OK:

(objectCategory=Person)(objectClass=User)(lockoutTime>=1)

Click OK to close the New Query window.

For this lesson I locked out the user account paul.hill so we can see that it is listed here under the saved query:

Now every time I get a call about a user being locked out I will be able to locate them more easily assuming I do not have
several user accounts who are locked out.

In this lesson we mainly focused on finding user accounts, but saved queries can be used to locate any object within
Active Directory! So don’t think that you can only use Saved Queries for users!

Paul Hill | PaulH@itflee.com | itFlee.com