Solved: How to list user accounts with domain? - Page 2

brpsingara · ‎03-14-2019

Hi,

Splunk Enterprise.

I am trying to get the list of all user accounts using below code, but the result showing only Splunk console users list instead of all Active Directory User Account List.

Code:

| rest splunk_server=local /servicesNS/-/-/authentication/users count=0 | table title email real name type

Output

Admin admin@xyz.com administrator splunk
babu babu@xyz.com babu LDAP

like this result is showing only 10 lines, all these are splunk console users. I dont know why all Active Directory User Accounts not showing.

Could anyone help me & guide me on this.

Thanks in advance.

alonsocaio · ‎03-14-2019

To get a list of users or computers from your Active Directory you could use the Splunk Supporting Add-on for Active Directory. It allows you to use the ldapsearch command on your searches.

To get a simple list of your AD uses and output this list to a csv file you could use the search below:

| ldapsearch domain=YOUR_DOMAIN search="(&(objectClass=user)(!(objectClass=computer)))" attrs="sAMAccountName,displayName,mail"
| table sAMAccountName,displayName,mail
| outputlookup AD_Users.csv

View solution in original post

brpsingara · ‎03-14-2019

Any luck ?

How to list user accounts with domain?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!