LDAP Query
Active Directory is an implementation of LDAP directory services. LDAP (Lightweight Directory Access Protocol) allows for the dynamic storage and retrieval of a huge number of specific attributes about your users and computers.
Lucky for you, Argent interacts with this vast repository. Argent can run custom queries to extract specific attributes contained within Active Directory.
Example:
Your Help Desk regularly gets calls from users, “My account is locked out.”
Use Argent to find accounts that could soon be locked.
Here’s an example of a useful LDAP Query to pull the badPwdCount attribute from the User class.
Some other useful attributes of the User class:
| Attribute | Value | Meaning |
| PwdLastSet | 0 | Must Change Password At Next Logon |
| WhenCreated | Date | In Format YYYYMMDDHHmmss.0Z |
| MsExchUserAccountControl | 2 | Account Disabled |
| MsExchUserAccountControl | 65536 | Password Never Expires |