This setting defines the search query scope.

To improve query performance, limit the scope to a specific container.

IMPORTANT: To test rule configuration, limit the rule scope to a container that contains test accounts or objects.

Query criteria are sent with the query and may improve query performance.

TIP: For additional information on the criteria builder, see the How to use Query Builder dialog for Query Criteria and Filter rule settings.

Other Query Settings

Specify object class for AD LDS accounts. 

To display additional properties for each object found by the query, add those properties to the list.

List of properties required to this rule to be executed correctly.

Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting.

Example: filter by the found object Distinguished Name.

TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible.

Sort result object list.

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

1. Add this initialization script

   Copy

   {$global:DatePeriod = (Get-Date).AddDays(-10)}

2. Use the $DatePeriod variable in the query criteria builder:

Connection Settings