cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CyberCitizen
Honored Sweeper

Hi Guru's,

I am having some issues with a report.

I have a scheduled report that runs and checks if any users are in our MFA Bypass group. The svc accounts have been ignored as they are service accounts and expected that they do not have MFA. However recently there has been an account added which I also need to exclude but can't rename it to include the svc.

I expected it would be as simple as a Not Like sysaid as an OR statement so its Not Like svc% OR sysaid but that doesn't seem to work. Any assistance would be appreciated.

CyberCitizen_0-1667181505068.png

 

Select Top 1000000 tblADusers.Username,
  tblADusers.Firstname,
  tblADusers.Lastname,
  tblADGroups.Name As ADGroupName,
  Case tblADGroups.GroupType
    When -2147483646 Then 'Security - Global'
    When -2147483644 Then 'Security - Local'
    When -2147483643 Then 'Built-in'
    When -2147483640 Then 'Security - Universal'
    When 2 Then 'Distribution - Global'
    When 4 Then 'Distribution - Local'
    When 8 Then 'Distribution - Universal'
  End As ADGroupType
From tblADusers
  Left Join tblADMembership On tblADMembership.ChildAdObjectID =
      tblADusers.ADObjectID
  Left Join tblADGroups On tblADMembership.ParentAdObjectID =
      tblADGroups.ADObjectID
Where tblADusers.Username Not Like 'svc%' And
  tblADGroups.Name Like 'Azure-MFA-Bypass'
Order By tblADusers.Userdomain,
  tblADusers.Username,
  ADGroupName

 

1 ACCEPTED SOLUTION
rom
Champion Sweeper II
1 REPLY 1
rom
Champion Sweeper II

try AND.. ?