Solved

DSquery AD comand line tool

Posted on 2011-03-18
3
820 Views
Last Modified: 2012-05-11
Been trying to get the AD tool called DSquery to work today with out success on Windows 2003 EE DC Server.  What we are trying to achieve with dsquery is ...... to extend the capability of Advanced Find in AD users&computers, where we want to find contents (eg. xyz) within long string group names. I could not not get the syntax in the Microsoft help to work. Basically I am looking for syntax assistance in utilising dsquert for this contents search.

0
Comment
Question by:kgeddes
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 35171596
dsquery group dc=example,dc=com -name "Domain Admins"

Find All users in current domain and all their attributes:
    dsquery * domainroot -filter "(&(objectClass=User)(sAMAccountName=*))" -attr * -limit 0
You can use the same command and only grab certain attributes like name only
    dsquery * domainroot -filter "(&(objectClass=User)(sAMAccountName=*))" -attr name -limit 0
or if you want to search for a specific user in a specific domain
dsquery * dc=example,dc=com -filter "(sAMAccountName=kgeddes)" -attr *
or something like this to list the users name, description and CN data
dsquery * dc=example,dc=com -filter "(sAMAccountName=kgeddes)" -attr name description cn

You can change the filter section to do a wide range of things
All users und contacts:
     (objectClass=user)

All security groups (local, global and universal):
     (groupType:1.2.840.113556.1.4.803:=2147483648)

All empty groups:
     (&(objectClass=group)(!member=*))

All groups which were changed since Dec 31 2008:
     (&(objectClass=group)(whenChanged>=20081231000000.0Z))

All users which didnt logon since Dec 31 2008:
     (&(&(objectCategory=person)(objectClass=user))(lastLogonTimestamp<=128752108510000000))

All users with the account configuration 'Password never expires':
     (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))

All computer accounts which are disabled:
     (&(objectClass=computer)(userAccountControl:1.2.840.113556.1.4.803:=2))

All objects which can't be deleted:
     (systemFlags:1.2.840.113556.1.4.803:=-2147483648)

All objects which can't be renamed:
     (systemFlags:1.2.840.113556.1.4.803:=134217728)

All users with mailboxes on Exchange server 'KUNGUR':
     (msExchangeHomeserverName=/o=MAILOrg/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=KUNGUR)

All users whose account is disabled:
     (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))

All hidden Exchange mail recipients:
     (msExchHideFromAddressLists=TRUE)

All hidden Exchange mail recipients (without public folder objects):
     (&(msExchHideFromAddressLists=TRUE)(!objectClass=publicFolder))

All mail recipients with fax adress:
     (proxyAddresses=FAX:*)

All domain controllers:
     (&(objectCategory=computer)(userAccountControl=532480))

All global catalog servers (LDAP search in the configuration partition):
     (&(objectCategory=nTDSDSA)(options:1.2.840.113556.1.4.803:=1))
-rich
0
 

Assisted Solution

by:kgeddes
kgeddes earned 0 total points
ID: 35171771
Cheers Rich ,  will give it a go next week and get back to you but, this looks good, thanks.
0
 

Author Closing Comment

by:kgeddes
ID: 37043492
got to what I wanted thru this answer thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting Windows 2012 RDS farm. 1 55
Trust relationship SBS2011 - > Windows 2003 3 37
ADMT Intra Forest migration questions 7 123
shadow copies 7 68
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

939 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

1 Experts available now in Live!

Get 1:1 Help Now