A critical component to successfully closing a lot of the tickets I handle at work is the ability to search for – and find – Active Directory User, Computer, and Group objects. In about eight of ten instances, I’m able to do so using the standard search types (searching for Users, Contacts, and Groups or Computers). Sometimes, however, I need to find each and every object that has a name containing some predefined string. When that string might be found anywhere in the name, the standard search fails me pretty consistently. Luckily, there is another search type: Custom Search. Here’s how to use it:
- Open Active Directory Users and Computers
- Open the search wizard
- Switch the search type from e.g. Users, Contacts, and Groups to Custom Search:
That, however, is only half of the equation. Next, go to the Advanced tab, where you can now search using LDAP queries:
Returning to my original example, let’s look at how I’d format that search. I want to find all AD Objects that contain the string “RGB” in the name of the object. That query would look like this:
If you only want to search for AD Group objects, you would format it like this: (&(objectcategory=group)(name=RGB))
If you only want AD User objects, replace group in the previous example with user, like so: (&(objectcategory=user)(name=RGB))
. LDAP queries are a big field, and there is a LOT you can do with it – this isn’t even scratching the surface. I’ve found LDAPWiki to be a good resource if you want to dig into it.
By posting a comment, you consent to our collecting the information you enter. See privacy policy for more information.