Hii all... Hope you can help me with two questions 1)Trying to create a query to find if the target user that set to "password never expirer" is a service user with using ldapsearch main serch =                 index=microsoft-windows-dc EventID=4738 NewUacValue=0x210 I am trying  to run this ldapsearch on the results to remove  users with UserTypeName = service | ldapsearch domain=default search="(sAMAccountName=user)" attrs="sAMAccountName,displayName,sn,UserTypeName" How do I run the ldapsearch on all users from the results obtained after the first search ?   2. ldapsearch run only by admin , how to set Permissions to other roles to run ldapsearch  Thanks ...  ... View more