Posts

Showing posts from April, 2017

Where’s my enabled Users?

Image
Where’s my enabled Users? I’m going through and fine tuning our Proodpoint Spam solution and noticed one of the filters needs to be updated. This filter finds users in ADUC and does a push to our Spam Solution out on the internets. This filter should have an end result that finds active mail enabled users.




Filter:
(&(msExchHomeServerName=*)(!(objectclass=contact))(!(objectclass=group))(!(cn=systemmailbox*))(!(cn=healthmailbox*)))

See the problem? It’s grabbing all users. Because we have thousands and thousands of disabled AD objects (I have no control over this), this is altering our number of users in the system. To correct this we needed to query on something in AD that would filter out disabled users.

Instead of giving you the answer right away I am going to show you my thought process. First thing was to figure out the attributes I could query off. I need to do a Get-Adobject but first need my DN to run that command. So I run:

Get-AdUser –Identity keith.smith


To get the DN I just …