Page 1 of 1

Differentiating in the Server/Workstation Reports

Posted: Mon Sep 17, 2012 5:54 am
by bobsully
When I pull in any server report, all I get are the Domain Controllers. When I pull up workstation reports they include all my 90 or so, other servers as well. What is differentiating servers from workstations in the application, and what can I change, either in the report or in my AD, to sucessfully get these reports to work as I expect.

Re: Differentiating in the Server/Workstation Reports

Posted: Wed Sep 26, 2012 9:10 pm
by IgorMax
The difference between workstations and servers is based on bits set in UserAccountControl attribute:

To load only workstations we check WORKSTATION_TRUST_ACCOUNT (4096 or 0x100) bit set in UserAccountControl attribute.
For server this is SERVER_TRUST_ACCOUNT (8192 or 0x2000).
That is how AD Reports distinguishes workstations from servers (regardless of Operating system installed.)
I would suggest to check LDAP attributes of the questionable accounts, see if those bits are set or not
ad create custom reports with different LDAP filters.

I hope this will help.

Re: Differentiating in the Server/Workstation Reports

Posted: Thu Sep 27, 2012 4:05 am
by bobsully
Thank you for your response. That is exactly my problem. I see that all my servers have the userAccountControl set to 4096, rather than 8192, but even in the article you reference is states "•SERVER_TRUST_ACCOUNT - This is a computer account for a domain controller that is a member of this domain." So it does not appear that this is a default setting I should expect. Could you give me a little more information as to why AD Reports would choose to use this attribute to distinguish workstations from servers.

Re: Differentiating in the Server/Workstation Reports

Posted: Thu Sep 27, 2012 9:46 am
by bobsully
After speaking with a few folks, I was advised not to make any changes to the our servers to make them identified as domain controllers. I am attempting to create a custom query, but I can't seem to find where I would eliminate that attribute parameter that is built in to the standard report, Servers in this case.