I ended up using
oldcmp -report -age 120 -users -f "(&(objectcategory=person)(objectclass=user)(!(ourAttribute=TRUE)))"
And it seemed to work.
Thanks
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 15, 2006 2:50 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OldCmp question
-af "(!(ourProperty=TRUE))"
It would be more efficient and faster for the query to
actually set all of the non-service accounts to FALSE so then you can
do
-af "(ourProperty=FALSE)"
NOT
filters aren't the greatest for efficiency plus you can get false positives
because an account that you can't see the ourProperty value on due to security
will be reported even if it has ourProperty set to TRUE.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ
Sent: Monday, May 15, 2006 3:32 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OldCmp question
I've created a new
boolean schema property to flag all of our service accounts in our AD
domain.
I've gone through
and set the boolean to "TRUE" to all the service accounts.
Now I want to use
oldcmp to go through and find all the ones that aren't "TRUE" and meet other
criteria. I've determined I can do an -af ourProperty=TRUE and show the
accounts that are service accounts, but I want any that are NOT service
accounts. I tried -af ourProperty=" " and "" and -af ourProperty="<not
set>" and nothing seems to work. Any ideas?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of Cameron and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of Cameron and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |