Due to the recent SQL injection attacks on our firewalls, we are taking the precaution of changing all of our local passwords. We don't have a whole lot on there, but the trouble is they are mixed in with AD users. There are over 900 users on our main firewall. According to KB 135419 - yes I can go into each user and look at a field. With any large amount of users this is totally impractical. It looks like all the users that came over from AD have the domain appended to the end of the username. I've sorted those out with the filter for now, but this doesn't necessarily mean they are AD accounts. They could still be local.
How can I filter on only my local accounts?