You are currently offline, waiting for your internet to reconnect

HOWTO: Enumerate locked out user accounts using Saved Queries

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Author:
Simon Geary MVP
COMMUNITY SOLUTIONS CONTENT DISCLAIMER
MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES.
MORE INFORMATION
Follow these step-by-step instructions to list all currently locked out accounts in a Windows Server 2003 domain:
 
1. Log in to a Domain Controller with administrative privileges in the domain and open Active Directory Users & Computers.
2. Right click Saved Queries and select New > Query.
3. Give the query a name and optionally a description. Click on Define Query.
4. Select Custom Search from the drop-down dialogue box.
5. Click on Advanced and enter this LDAP filter in the query box:
 
(&(objectCategory=Person)(objectClass=User)(lockoutTime>=1))
 
6. Click on OK twice and the new query appears under the Saved Queries folder in Active Directory Users & Computers.
Properties

Article ID: 555131 - Last Review: 06/07/2004 06:41:00 - Revision: 1.0

Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems, Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Enterprise Edition

  • kbpubtypecca kbpubmvp kbhowto KB555131
Feedback