monicai
asked on
dsquery to retrieve all computers that is permissioned with an active directory group
Hello all!
can someone give me a dsquery syntax where I can pull all computer names that are permissioned with a particular active directory group?
Thanks!
can someone give me a dsquery syntax where I can pull all computer names that are permissioned with a particular active directory group?
Thanks!
Could you explain it a little bit more (some example) ? :) Thank you in advance.
That was going to be my suggestion :-)
ASKER
for example, I have an AD group called ADGroup1. ADGroup1 is permissioned to server01, server02, server03, etc. All these servers belongs to a single domain controller called contoso.com. I want to run a query which will retrieve all servers in contoso.com where ADgroup1 is permissioned.
ASKER
i know this can be quite ambitious but no harm asking. I got like a gazillion servers and it is tedious to open each one of them to check if the group is permissioned to it.
I don't know exaclt what you mean :) You want to check where this group is attached on each server, right? If so, dsquery won't help you.
Do You want group members ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Display the list of all groups, to which pc64 belongs:
C:\> dsget computer cn=pc64,ou=computers,dc=ss 64,dc=com -memberof -expand
Display the descriptions of all computers in an organizational unit (OU) named France whose name starts with "pari"
C:\> dsquery computer OU=France,DC=ss64,DC=Com -name pari* | dsget computer -desc
C:\> dsget computer cn=pc64,ou=computers,dc=ss
Display the descriptions of all computers in an organizational unit (OU) named France whose name starts with "pari"
C:\> dsquery computer OU=France,DC=ss64,DC=Com -name pari* | dsget computer -desc