Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


December 19, 2007

Using Date-Related Attributes in Saved Queries


A Web Exclusive from Windows IT Pro
Jim Turner
Feature
InstantDoc #97710
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
View this exclusive article with VIP access -- click here to join |
See More Active Directory (AD) Articles Here | Reprints | Or sign up for our VIP Monthly Pass!

 Executive Summary:
The Microsoft Management Console (MMC) Active Directory Users and Computers snap-in lets you create reusable Lightweight Directory Access Protocol (LDAP) queries to find Active Directory (AD) objects. You can use three date-related attributes—Account Expiration date, Password Last Set date, and Account Created date—within reusable LDAP queries to search AD for user and account information that is date-related, such as users with passwords that are expired or soon to expire, and accounts that were created before, between, and after specific dates.

Not too long ago, I wrote “Using Saved Queries for Active Directory Management” for Scripting Pro VIP (October, InstantDoc ID 97087). In that article, I covered installing saved queries, importing and exporting saved queries, and using bitwise operators within LDAP queries. I also provided a wide variety of LDAP queries that readers could use to produce some very useful results from within Active Directory (AD). Unfortunately, I couldn’t fit in how to use saved queries to query certain attributes that are date-related—attributes such as Account Expiration date (accountExpires), Password Last Set date (pwdLastSet), and Account Created date (whenCreated). By using these attributes within your LDAP queries, you can do things like search AD for users who haven’t changed their password in more than 90 days, passwords that will soon expire, users who have expired accounts, accounts that will expire soon, and accounts that were created before, after, or between specific dates. These types of queries can come in handy for security reports or when you need to perform proactive actions such as alerting remote users that they need to change their password. You might even want to produce lists of how many accounts were created in a certain month or between specific time periods to make management aware of your growing administration duties. You can also query computers on the whenCreated attribute to produce similar reports about how many computers are added to AD each month. Let’s delve further into how you can use the accountExpires, pwdLastSet, and whenCreated attributes in your saved queries. As we do so, I’ll show you how to work with two different date formats. . . .

Reader Comments
This is certainly a good, by the book way to do it; Even though the base date (year 1601) is icrredibly silly.

Nice work.

arztje December 21, 2007 (Article Rating: )

I agree, it is an unusual starting point.
So Microsoft, why 1601?

jturnervbs December 22, 2007 (Article Rating: )

Believe it or not, there is a reason behind using the year of 1601--and it's not even a reason conjured up by Microsoft. We can blame the American National Standards Institute (ANSI) for this odd starting point. To find out why Microsoft uses the year 1601, see the note in the Scripting Guys article "Dandelions, VCR Clocks, and Last Logon Times: These are a Few of Our Least Favorite Things" at https://www.microsoft.com.nsatc.net/technet/scriptcenter/topics/win2003/lastlogon.mspx. The note appears toward the middle of the article.

KBemowski January 08, 2008 (Article Rating: )

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
Friday at PASS Europe 2006

Kevin talks about the closing day of the event and shares a funny Microsoft film. ...

PsExec

This freeware utility lets you execute processes on a remote system and redirect output to the local system. ...

Escape From Yesterworld

Kevin points you to the funniest SQL Server website ever! ...
Active Directory (AD) Whitepapers Sustainable Compliance: How to reconnect compliance, security and business goals

Managing Unix/Linux with Microsoft System Center Operations Manager 2007 Cross Platform Extensions Beta

Addressing the Insider Threat with NetIQ Security and Administration Solutions
Related Events Concrete Ways to Make Sure Your SharePoint Deployment Doesn't Blow Up

PCI Requirements for Windows and Active Directory: Straight from a Certified Auditor

Check out our list of Free Email Newsletters!
Active Directory (AD) eBooks Keeping Your Business Safe from Attack: Monitoring and Managing Your Network Security

Keeping Your Business Safe from Attack: Encryption and Certificate Services

Windows 2003: Active Directory Administration Essentials
Related Active Directory (AD) Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Register for Orion NPM v9 - Evaluation
Affordable, easy-to-use network performance management with SolarWinds Orion – Free Trial!

Want a Hardware-Independent Image?
Binary Research, the Ghost people, shows you how to clone with 1!

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.

Implement a Successful Archiving Solution
View this web seminar to learn the best practices for creating an email archive that is secure, compliant, and searchable.
Protect Your Company’s Digital Assets
Do you know the risks of sending important files over email or FTP? Read this white paper to learn what you can do to safeguard your company’s data.

Prepare Yourself for Exchange Catastrophe
Read this white paper to learn how you can keep Exchange server healthy, as well as predict and respond to server failure.

Boost Customer Confidence and Satisfaction
Read this eBook to learn how faxing can ease communication with less computer-savvy customers while reducing your security, compliance and support woes.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing