Table 1: A Breakdown of the LDAP Query
Item |
Description |
<LDAP://baseDN> |
Specifies the starting point for the search. |
&(objectCategory=person)(objectClass=user)(mail=*) |
Searches for user accounts that have a mail attribute. |
!(userAccountControl:1.2.840.113556.1.4.803:=2) |
Returns accounts that aren't disabled. |
!(userAccountControl:1.2.840.113556.1.4.803:=65536) |
Returns accounts with passwords that expire. |
distinguishedName, sAMAccountName, givenName,sn,mail |
Specifies the attributes to return. |
subtree or onelevel |
Subtree searches the specified location and subcontainers; onelevel searches only the specified location. |