Saved Queries in Windows Server 2003 AD Users & Computers
How can I use the new Saved Queries capabilities in Windows Server 2003 AD Users & Computers?
Windows Server 2003 AD Users and Computers has a new built-in feature called "Saved Queries". With the Saved Queries feature we can now create our LDAP-based search strings and have them saved for future use, either in the DSA.MSC snap-in itself, or as XML files that can be used in other computer (no, the saved queries you’ve just created are not replicated to any other computer or DC, they’re local to the computer you’ve created them on).
Before this new feature, Windows 2000 Active Directory administrators had the option to create LDAP search strings via the AD Users and Computers tool, however these queries could not saved for future use. This wouldn’t have been a great disaster had the built-in find tool been totally customizable, but unfortunately, that was (and still is) not the case.
As seen in my LDAP Search Samples for Windows Server 2003 and Exchange 2000/2003 article, most regular LDAP searches can be easily done via the provided GUI (such as in a new Address List filter), however there are instances where the provided GUI does not give us the needed flexibility. For example, you cannot use the GUI to create a search that uses the Boolean word "OR", you can only create searches that use "AND" as their filter. In those cases, if you wanted to create a filter that finds users that are either in the Sales department OR in the Development department – you’d need to use a manual search string.
Since the Windows 2000 AD Users and Computers tool did not allow you to save your work – it all went to the trash the moment you had to close the search applet.
Enter the Windows Server 2003 AD Users and Computers tool with its’ new Saved Queries feature.
To create a saved query perform the following steps:
In the Windows Server 2003 AD Users and Computers right-click Saved Queries and choose New > Query.
In the New Query window, give the query you’re creating a proper name and click Define Query.
In the Find window click on the drop-down list to select the type of query you want to create. In this example I’ve used a simple query of users, groups or computers.
You can use some of the built-in attributes or create your own set of attribute-based query. In this example I’ve used a query based upon the Department attribute of a user.
When you’re satisfied with your search configuration click Ok.
In the New Query window click Ok if you’re done. You can also limit the scope of your query by clicking on the Browse button and selecting a different OU.
You can also choose to manually enter your query string based upon LDAP syntax.
See my LDAP Search Samples for Windows Server 2003 and Exchange 2000/2003 article for many LDAP search samples you can use.
After you click Ok the results of the query will be displayed in the right pane. The results can be easily managed from the results pane.
You can also easily export your queries to XML files and transfer these files to other DCs where they can be imported.
See my Import Saved Queries in Windows Server 2003 AD Users & Computers article for more info on that issue.
You might also want to read the following related articles: