I am using FreeIPA for Identity access management, i have to provide an active user list (audit requirement). I am using a ldapsearch but i am getting all the user (active+disabled) in the list. Kindly help me to get a user list which exclude disabled users from the list.
Query used:
ldapsearch -h -b "cn=users,cn=accounts,dc=example,dc=com" -D "uid=,cn=users,cn=accounts,dc=example,dc=com" -W -x "uid" "gecos" "ntUserLastLogon" "displayName" "employeeType=ENABLED"
Best Answer
Try with
"(nsaccountlock=TRUE)"
instead of"employeetype=enabled"