The Attribute Scope Query (ASQ) provides a specific query function, with the scope of the query is based on the list of values stored in an attribute with an Object(DS-DN) format. For ease of reference within these instructions we will reference this attribute as the Search Attribute.
The query input fields have specific roles for ASQ based queries, The BaseDN must be the DN of the object containing the Search Attribute for the basis of searched, the Search Scope must be Base Level, the Filter is applied to the objects in the Search Attribute, with the Attributes field, the first attribute named must be the name of the Search Attributes, followed by the list of attributes that are required.
In the above example, we are using the member attribute as the Search Attribute of the group object and its returns the last time the user logged on and when they last changed their password.
The filter field can be used to limit\filter the records that are returned, the filter is applied to the objects in the Search Attribute and will only return the objects that match the filter, i.e. setting the filter to (&(objectclass=*)(!userAccountControl|=2)) only accounts that are enabled will be returned. This filter is using the subst feature in the filter to simplify the entry of complicated filters, see Substitutions
Advanced operations - it’s possible to combine the Input Mode and ASQ options to query the Search Attribute of multiple objects in a single operation.
To do this first enable the Input Mode, by selecting the Table Input option, and select the Create Multiples option, and then paste a list of object DNs to be queried into the table view. Update the BasedDN to be ##input and click go. The results for DN in the Search Attribute will be displayed on an individual line.