======Microsoft - Active Directory - LDAP - Queries======
[[http://technet.microsoft.com/en-us/library/aa996205(EXCHG.65).aspx|Microsoft TechNet - LDAP Query Basics]] \\
[[http://support.microsoft.com/kb/255602/en-us|Microsoft Support - XADM: Browsing and Querying Using the LDP Utility (KB255602)]] \\
[[http://support2.microsoft.com/kb/305144/en-us|Microsoft Support - How to use the UserAccountControl flags to manipulate user account properties]] \\
[[http://www.netvision.com/ad_useraccountcontrol.php?blog|NetVision - Active Directory UserAccountControl values Quick Reference]] \\
======Examples======
=====All active users with mailbox=====
<code>
(&(objectCategory=user)(homeMDB=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
</code>

=====All disabled users with mailbox=====
<code>
(&(objectCategory=user)(homeMDB=*)(userAccountControl:1.2.840.113556.1.4.803:=2))
</code>

=====All users with Password never expires ON=====
<code>
(&(objectCategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))
</code>

=====All users with Password never expires OFF=====
<code>
(&(objectCategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=65536)))
</code>

=====All Domain Controllers=====
<code>
(&(objectCategory=computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))
</code>
Source:[[http://www.selfadsi.org/extended-ad/search-domain-controllers.htm|SelfADSI - How to search and find Active Directory domain controllers]] \\