Hope you can help me with two questions
1)Trying to create a query to find if the target user that set to "password never expirer" is a service user with using ldapsearch
main serch = index=microsoft-windows-dc EventID=4738 NewUacValue=0x210
I am trying to run this ldapsearch on the results to remove users with UserTypeName = service
| ldapsearch domain=default search="(sAMAccountName=user)" attrs="sAMAccountName,displayName,sn,UserTypeName"
How do I run the ldapsearch on all users from the results obtained after the first search ?
2. ldapsearch run only by admin , how to set Permissions to other roles to run ldapsearch
... View more