Table of Contents

  • Starting time DSQuery
    • Open up DSQUERY GUI Window
  • Querying Users & Groups
    • Find out Account Decease appointment
    • Go all sAMAccount names
    • Call back the DN of all users in the domain that are not directly members of a specified group
    • Find all contacts in the organizational unit (OU)
    • List of all users with primary group "Domain Users"
    • Find all members for a particular grouping.
    • Notice all groups for a item member (including nested groups)
    • Get the Groups name form Users container
    • Go the members from a Group
    • Find disabled users
    • Discover all the active users
    • Find users logon name past their mail accost for bulk users
      • For Single user
      • For bulk users
    • Observe all groups of a user is memberof without the DN'due south
    • Observe all members for a OU.
    • Find all groups for a OU.
    • To get the members status from the active directory group
    • Excerpt the all groups from an OU with Group Scope & Group Blazon.
    • Display a list of users from the OU "Customer Support",
  • Find User Attributes
    • Displays properties of users or other objects.
    • find lastLogonTimestamp for all users for a domain
    • Inactive users are go to disable state
    • Observe all attributes for all users
    • Find memberof , lastlogontimestamp , homemta(Mail server) , Samaccountname & then on(Repadmin /showattr <DCname> <"DN">)
    • Find memberof , lastlogontimestamp , homemta(Mail server) , Samaccountname & and so on for "n" number of users
    • Find particular user attribute using LDAP Filter
    • Notice SID of a user
    • Find sIDHistory of a user
  • Update users
    • Modify user last proper noun
    • Expire apply business relationship.
  • Computers
    • Find enabled computer accounts in an OU
    • Count enabled estimator accounts in an OU
    • Find DN for n number of computers
    • Observe all groups of a reckoner account without giving the DNs
  • Computer attributes
    • Find OS
  • Servers & DC
    • Find the GCs
    • Become all the servers in the forest
  • AD DS Settings
    • Display all attributes of the contoso.com domain object
    • ADDS existing connectedness indicate objects
    • Become tombstonelifetime
    • Detect the DNS servers from all the DNS partitions.
    • Observe Forestprep , domainprep & RodcPrep is done or not
    • Notice the Functional Levels of Active Directory
    • To list the distinguished names of all directory partitions in the electric current woods
  • AD Subnet & sites
    • Observe Subnet with associated site
    • Find site
    • Find Site proper name by server name
    • To list the relative distinguished names of all sites that are defined in the directory
  • Advert Schema
    • Detect Schema version
  • AD Replication
  • AD Roles
    • Brandish the DNS host name, the site name, and whether the server is Global Itemize (GC) server for each domain controller
    • Notice RODC
    • Find if the Domain Controller is a Global Itemize (GC) or not
    • Observe PDC role holder for the existing domain
    • Find Infrastructure Chief role holder existing domain
    • Observe RID master role holder for existing domain
    • Find Schema master role holder in a Woods
    • Find Domain Naming Principal in a Forest
    • Find all the subnets for the given site
    • Command to find all DCs in the given site
    • Command to observe all DCs in the Wood
    • Show How Many Times wrong Password has been entered on a specified domain controller.
  • Fine Granted Password Policy
    • discover the 'PSO Applies to'
    • Detect the PSO settings
    • The output of the dsquery command can be used as input for the dsget command by using a pipe ( | ).
  • Exchange server
    • Find mail box
    • discover the Schema Version for Substitution Servers.
  • Hyper-V
    • Find all Hyper-5 hosts in your forest
    • Detect all windows virtual machine in your woods
  • DNS application division
    • Find the DNS servers from DomainDNSZones & ForestDNSzones
    • Find the object for DES-But-Encryption
  • See too
    • More on Active Directory: LDAP Syntax Filters
  • References
    • For more than switch come across the below link.
    • See the below link for custom filters:
    • DSQuery info
    • Technet Link
    • DSQuery, And Then Some

Commencement DSQuery

Open DSQUERY GUI Window

rundll32 dsquery,OpenQueryWindow

Querying Users & Groups

Find out Account Death engagement

dsquery user -proper noun * -limit 0 | dsget user -samid -acctexpires

Go all sAMAccount names

dsquery user -o rdn -limit 0

Retrieve the DN of all users in the domain that are non straight members of a specified group

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(!(memberOf=Groupname,ou=West,

dc=Contoso,dc=com))) -limit 0 > NotInGroup.txt

Find all contacts in the organizational unit (OU)

dsquery contact OU=Sales,DC=Contoso,DC=Com

List of all users with master grouping "Domain Users"

dsquery * -filter "(primaryGroupID=513)" -limit 0

(You can alter the "primaryGroupID" as per your requirement)

513:Domain Users

514:Domain Guests

515:Domain Computers

516:Domain Controllers

Find all members for a detail grouping.

dsget group "<DN of the group>" -members

Find all groups for a particular member (including nested groups)

dsget user "<DN of the user>" -memberof -expand
dsquery user -samid "username" | dsget user -memberof -aggrandize

Get the Groups name form Users container

dsquery group -o rdn cn=users,dc=contoso,dc=com

Get the members from a Group

dsquery group -samid "CS_CLUB_ACCOUNTS" | dsget group -members -expand | dsget user -samid

Observe disabled users

dsquery user "dc=ssig,dc=com" -disabled

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.ane.4.803:=2))"

Notice all the agile users

dsquery * -filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.ii.840.113556.ane.iv.803:=2))"

Notice users logon name past their post address for bulk users

For Unmarried user

dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(mail=e-mailaddress))" -attr name

For bulk users

for /f %%ten in (%i) practice dsquery * domainroot -filter "(&(objectcategory=person)(objectclass=user)(mail=%%x))" -attr name

Detect all groups of a user is memberof without the DN'south

dsquery user -samid anthony | dsget user -memberof | dsget grouping -samid

dsquery user -samid (provide the samaccount name of the user) | dsget user -memberof | dsget group -samid

Observe all members for a OU.

dsquery user ou=targetOU,dc=domain,dc=com

Detect all groups for a OU.

dsquery group ou=targetOU,dc=domain,dc=com

To get the members status from the active directory group

dsquery group -samid "Group Pre-Win2k Name" | dsget group -members | dsget user -disabled -brandish

Extract the all groups from an OU with Group Telescopic & Group Blazon.

 Find the below snap for your reference.

C:\>dsquery group "ou=examination,dc=gs,dc=com" -limit 0 | dsget group -samid -telescopic -secgrp

Brandish a list of users from the OU "Customer Back up",

This listing tin can so be forwarded to dsget that tin can provide detailed information near objects.

In the case, the requested user list is headed by the pipe symbol after dsget that

  • -outputs then the sAMAccountName for all users and e-mail address.

If we wanted to carry out modifications to the information returned by DSQuery user listing,

nosotros could send the result to dsmod, which for us is making changes to all users.

In beneath snap shows the change in the control ensures that all users of DSQuery

  • -user list must change their passwords at side by side logon.

Some other way to get the user attributes from an OU. Find the below snap & dsquery for that.

C:\>dsquery * "ou=examination,DC=contoso,DC=com" -filter "(&(objectcategory=person) (objectclass=user))" -limit 0

-attr samaccountname clarification department championship

Find User Attributes

Displays properties of users or other objects.

In this example, information technology displays the half dozen groups that explicitly list the Administrator as member

Notation: The -memberof -aggrandize combination recursively expands the list of groups of which the user is a fellow member. In this example, the Users grouping is added to the list because Domain Users is a member of the Users grouping.

dsget user cn=Administrator,cn=Users,dc=contoso,dc=com -memberof

notice lastLogonTimestamp for all users for a domain

dsquery * -filter "&(objectClass=person)(objectCategory=user)" -attr cn lastLogonTimestamp -limit 0

Inactive users are go to disable state

dsquery * <ou> -filter "(&(objectCategory=Person)(objectClass=User)(!accountExpires=0)(!accountExpires=9223372036854775807))" | dsmod user -disabled yes

Observe all attributes for all users

Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)" -attr * >>output123.txt

Find memberof , lastlogontimestamp , homemta(Post server) , Samaccountname & so on(Repadmin /showattr <DCname> <"DN">)

dsquery * "<DN>" -telescopic base -attr lastlogontimestamp memberoff

repadmin /showattr <DCNAME> <"DN"> /attrs:lastlogon,homemta,whencreated,lastlogontimestamp,samaccountname

Find memberof , lastlogontimestamp , homemta(Mail server) , Samaccountname & so on for "northward" number of users

Create a batch file(for /f "eol= tokens=* delims= usebackq" %%x in (%1) do dsquery * %%ten -scope base of operations -attr sAMAccountName objectsid whencreated lastlogontimestamp mail homeMTA memberof) e.g ds.bat

Create a text file (All users DN e.g:dn.txt)

Open cmd & run ds.bat dn.txt >> c:\attr.txt

Notice particular user attribute using LDAP Filter

C:\>dsquery * -filter (samaccountname=biz) -attr name whenchanged

name whenchanged

biz 01/03/2014 07:02:14

Observe SID of a user

dsquery user -samid <bbiswas> | dsget user -sid

dsquery * -filter (samaccountname=santhosh) – attr sid

Detect sIDHistory of a user

Dsquery * -filter (samaccoutname=santhosh) – attr siDhistory

Update users

Modify user last proper name

dsmod user <dn> -ln "<last name>"

Elapse apply account.

dsquery * "dc=contoso,dc=com" -filter "(&(objectCategory=Person)(objectClass=User)(!accountExpires=0)(!accountExpires=9223372036854775807)) " -attr sAMAccountname displayName

Computers

Find enabled reckoner accounts in an OU

dsquery figurer OU=Test,DC=sivarajan,DC=com -limit 5000 | dsget figurer -dn -disabled | find /i " no"

Count enabled estimator accounts in an OU

dsquery computer OU=Test,DC=sivarajan,DC=com -limit 5000 | dsget computer -dn -disabled | find /c /i " no"

Find DN for n number of computers

for /f %%ten in (%1) do dsquery estimator -name %%ten

(Create a batch file with line & create a txt file computer.txt

open cmd >>>>>>batchfile computer.txt >> c:\dn.txt

Find all groups of a calculator account without giving the DNs

dsquery estimator -name test1 | dsget computer -memberof | dsget group -samid

Figurer attributes

Find Os

dsquery * <"DN"> -scope base of operations -attr operatingSystem

Servers & DC

Find the GCs

DsQuery Server -domain contoso.com -isgc

Get all the servers in the wood

dsquery server -forest -limit 0 | dsget server -dnsname -site -isgc

AD DS Settings

Display all attributes of the contoso.com domain object

dsquery * -filter (dc=contoso) -attr *

ADDS existing connection point objects

dsquery * forestroot -filter (objectclass=serviceconnectionpoint)

Get tombstonelifetime

dsquery * "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=yourdomain,DC=com" -telescopic base -attr tombstonelifetime

Find the DNS servers from all the DNS partitions.

dsquery * "CN=Configuration,DC=contoso,DC=com" -filter "(&(objectClass=crossRef)(objectCategory=crossRef)(systemFlags=5))" -attr NcName msDS-NC-Replica-Locations

Find Forestprep , domainprep & RodcPrep is washed or not

C:\>dsquery * CN=ActiveDirectoryUpdate,CN=ForestUpdates,cn=configuration,dc=msft ,dc=net -scope base -attr revision revision 5

C:\>dsquery * CN=ActiveDirectoryRodcUpdate,CN=ForestUpdates,cn=configuration,dc= msft,dc=cyberspace -scope base of operations -attr revision revision 2

Find the Functional Levels of Active Directory

dsquery * "DC=contoso,DC=com" -telescopic base -attr msDS-Behavior-Version ntMixedDomain

0, 0 Windows 2000 Native domain Level
0, 1 Windows 2000 Mixed domain Level
two, 0 Windows 2003 Domain Level
3, 0 Windows 2008 Domain Level
four, 0 Windows 2008 R2 Domain Level

To list the distinguished names of all directory partitions in the current forest

dsquery partition

Beneath example for unmarried domain

Below example for parent/kid domain

Ad Subnet & sites

Find Subnet with associated site

dsquery subnet -proper noun <CIDR> | dsget subnet

Find site

dsquery site -proper noun * -limit 0

dsquery server -south <server> | dsget server -site

Find Site name by server proper name

dsquery server -name test1 | dsget server -site

dsquery server -proper noun (provide the server name for DN) | dsget server -site

To list the relative distinguished names of all sites that are divers in the directory

dsquery site -limit 0

Ad Schema

Discover Schema version

dsquery * cn=schema,cn=configuration,dc=domainname,dc=local -telescopic base -attr objectVersion

or

schupgr

Shortest control for finding the schema version

AD Replication

Displays the names of all attributes (150) that Windows Server 2003 replicates to Global Catalog servers.

(If the command displays no attributes, ensure that you typed True in capital letters

>dsquery * cn=Schema,cn=Configuration,dc=contoso,dc=com -filter "(&(objectCategory=attributeSchema)(isMemberOfPartialAttributeSet=Truthful))" -limit 0 -attr proper noun

AD Roles

Display the DNS host name, the site name, and whether the server is Global Catalog (GC) server for each domain controller

dsquery server | dsget server -dnsname -site -isgc

Discover RODC

dsquery server -isreadonly

Observe if the Domain Controller is a Global Catalog (GC) or not

dsquery server -proper name test1 | dsget server -isgc

Find PDC part holder for the existing domain

dsquery server -hasfsmo PDC

Observe Infrastructure Master office holder existing domain

dsquery server -hasfsmo INFR

Find RID master role holder for existing domain

dsquery server -hasfsmo RID

Detect Schema main function holder in a Forest

dsquery server -woods -hasfsmo Schema

Discover Domain Naming Primary in a Forest

dsquery server -forest -hasfsmo Name

Find all the subnets for the given site

dsquery subnet -o rdn -site <site proper noun>

Command to detect all DCs in the given site

dsquery server -o rdn -site <site name>

Command to observe all DCs in the Woods

dsquery server -o rdn -forest

Show How Many Times wrong Password has been entered on a specified domain controller.

dsquery * -filter "(sAMAccountName=jsmith)" -s MyServer -attr givenName sn badPwdCount

The badPwdCount attribute is not replicated, so a different value is saved for each user on each domain controller.

Fine Granted Password Policy

find the 'PSO Applies to'

i)dsget user <user DN> -effectivepso

Instance:

C:\>dsget user "CN=bshwjt,OU=pso,DC=contoso,DC=com" - effectivepso

effectivepso

"CN=test,CN=Password Settings Container,CN=System,DC=contoso,DC=com"

dsget succeeded

("bshwjt" is the user and test is the "PSO" as well encounter the below snap)

Observe the PSO settings

C:\>dsquery * "<CN=your pso name>,CN=Countersign Settings Container,CN=System,DC=contoso,DC=com" -telescopic base -attr *

The output of the dsquery control tin can be used equally input for the dsget command by using a piping ( | ).

In this example, the SAM account name and the security ID (SID) of each user is displayed.

dsquery user | dsget user -samid -sid -limit 0 >> c:\Allusers-samid-sid.txt

Substitution server

Detect mail box

dsquery * -filter "samaccountname=biswajit" -attr homemdb

detect the Schema Version for Commutation Servers.

dsquery * CN=ms-Exch-Schema-Version-Pt,cn=schema,cn=configuration,dc=domain,dc=local -scope base of operations -attr rangeUpper

Hyper-Five

Detect all Hyper-V hosts in your wood

C:\>dsquery * forestroot -filter "&(cn=Microsoft Hyper-V)(objectCategory=serviceconnectionpoint)" -attr servicebindinginformation >> c:\hyper-v.txt

Find all windows virtual auto in your wood

C:\>dsquery * forestroot -filter "&(cn=windows virtual machine)(objectCategory=serviceconnectionpoint)" -limit 0 -attr * >> c:\allvirtualPCs.txt

DNS awarding partition

Find the DNS servers from DomainDNSZones & ForestDNSzones

C:\>dsquery * DC=DomainDnsZones,DC=contoso,DC=com -scope base -attr msDs-masteredBy
C:\>dsquery * DC=forestDnsZones,DC=contoso,DC=com -scope base of operations -attr msDs-masteredBy

Detect the object for DES-Only-Encryption

dsquery * -filter "(UserAccountControl:1.two.840.113556.i.4.803:=2097152)"

See likewise

More than on Active Directory: LDAP Syntax Filters

http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx

References

For more switch see the beneath link.

http://technet.microsoft.com/en-u.s.a./library/cc732535.aspx

See the beneath link for custom filters:

http://world wide web.rlmueller.net/ADOSearchTips.htm

DSQuery info

Find the Blogs for more DSQUERY, those are very helpful and constructive.

  • http://social.technet.microsoft.com/wiki/contents/articles/3537.aspx
  • http://social.technet.microsoft.com/Forums/en-AU/winserverDS/thread/bf5bce23-c1d5-43ac-a47f-8a0585792903

Technet Link

http://technet.microsoft.com/en-us/library/cc754232%28WS.10%29.aspx#BKMK_examplesDSQuery

DSQuery, So Some

http://mcpmag.com/articles/2007/08/01/dsquery-and-and so-some.aspx