I’'m running active directory and have some accounts that are disabled but not deleted. Is there a way I can search, based on the ‘‘userAccountControl’’ field to filter them out? I found this as a reference:
It appears as though having the 0x0002 bit set indicates that the account is disabled, (I doubled checked this and it’‘s true in my system.) Unfortunately, I can’'t just check for values of 512 vs. 514 since some users have other flags set. How do I do a bitwise AND?