IOW, there is not point-in-time group or listing which would show you * All-of-the-user-accounts-that-are-authenticated-this-very-second*.
What is the real objective you are trying to reach, Mark? (Or, for what broader purpose are you trying to reach this specific objective?) * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Wed, Nov 9, 2011 at 4:38 PM, Michael B. Smith <[email protected]>wrote: > Like I said, every user that can authenticate CAN BE an Authenticated > User. But it’s a dynamic token not a static token.**** > > ** ** > > So, if they are logged on, the answer is yes, they are an Authenticated > User.**** > > ** ** > > If you want a list of everyone who could potentially be an Authenticated > User, something like this is the filter you would want to search on:**** > > ** ** > > $ldapFilter = "(&" +*** > * > > > "(objectCategory=Person)" +**** > > > "(userAccountControl:1.2.840.113556.1.4.803:=512)" +**** > > > "(!userAccountControl:1.2.840.113556.1.4.803:=2)" +**** > > > "(!userAccountControl:1.2.840.113556.1.4.803:=65536)" +**** > > > "(!userAccountControl:1.2.840.113556.1.4.803:=32)" +**** > > ")"**** > > ** ** > > Regards,**** > > ** ** > > Michael B. Smith**** > > Consultant and Exchange MVP**** > > http://TheEssentialExchange.com**** > > ** ** > > *From:* Mark Boeck [mailto:[email protected]] > *Sent:* Wednesday, November 09, 2011 4:29 PM > > *To:* NT System Admin Issues > *Subject:* Re: "Authenticated Users" List**** > > ** ** > > I want to know if a certain logged-on user is seen by AD as an > AUTHENTICATED USER. **** > > **** > > I simply want a list of AUTHENTICATED USERS in my domain.**** > > **** > > > > **** > > On Wed, Nov 9, 2011 at 3:20 PM, Michael B. Smith <[email protected]> > wrote:**** > > Every user that can authenticate CAN BE an Authenticated User. But it’s a > dynamic token not a static token.**** > > **** > > What are you actually trying to accomplish?**** > > **** > > Regards,**** > > **** > > Michael B. Smith**** > > Consultant and Exchange MVP**** > > http://TheEssentialExchange.com**** > > **** > > *From:* Mark Boeck [mailto:[email protected]] > *Sent:* Wednesday, November 09, 2011 4:11 PM > *To:* NT System Admin Issues > *Subject:* "Authenticated Users" List**** > > **** > > Greets.**** > > **** > > Other than using WHOAMI or GPRESULT against each user 1 at a time, how can > I get a list of who is currently an "AUTHENTICATED USER" on my domain(s)?* > *** > > **** > > TIA!**** > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
