Update with the answer
Finally constructed a working query pasted exactly this (but with my DC.domain.local)
LDAP://dc01.domain.local/??sub?(&(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(lastLogonTimestamp>=133000000000000000))
Key was to know to search for words "ldap url syntax" so I could find the descriptions of explaining what would go between the question marks if they were given, or just the question marks next to each other if not, and the fact that the word 'sub' is for the scope.
ldap://host:port/dn?attributes?scope?filter
becomes this after deleting the dn, attributes, and putting sub in for scope, and (filter)
ldap://dc01.mydomain.local/??sub?(filter between parenthesis)
Previous reploy
VAMT is the specific problem here for me - I also have a working LDAP query very similar that I can paste into DSA.msc or PowerShell Get-ADObject and they work great but I cannot get them to work in the VAMT GUI
e.g. this works in PowerShell
Get-ADObject -LDAPFilter '(&(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(lastLogonTimestamp>=133000000000000000))'
but pasting the same text from between the single quotes above into the LDAP filter box in VMAT Discover Products GUI says invalid LDAP filter:
(&(objectClass=computer)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(lastLogonTimestamp>=133000000000000000))
( lastLogonTimeStamp happens to be about a few months back ~2022-06-18 )