Share via


Active Directory Domain Services (AD DS) Commands and Scripts

Here are some useful commands and scripts for administering Active Directory. 

For more information please see Active Directory Domain Services Command Reference (http://technet.microsoft.com/library/cc771131).


Source reference

http://portal.sivarajan.com/2011/08/searching-active-directory-using.html

 


User

Identify OCS enabled users in Active Directory

Dsquery * -filter (msRTCSIP-UserEnabled=TRUE) -limit 0 -attr name samaccountname

 

Query Password Last Set (pwdlastset) value

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -limit 0
 -attr name pwdlastset

 

Note: Time can be converted using the w32tm /ntte command.

 

Search Password Never Expires Settings

Dsquery *  -limit 0 "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))" -attr samaccountname name            

 

User accounts with no pwd required

Dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)userAccountControl:1.2.840.113556.1.4.803:=32))"             

 

User accounts that are disabled

Dsquery *domainroot -filter "(&(objectCategory=Person)(objectClass=User)
(userAccountControl:1.2.840.113556.1.4.803:=2))" 

 

Password Expiring information

dsget user 
CN=User1,DC=santhosh,DC=la -acctexpiresdsquery * -limit 0

 

Password Expiring in 30 Days

dsquery * -limit 0 -filter "(&(objectCategory=person)(objectClass=user)
(userAccountControl:1.2.840.113556.1.4.803:=4194304))" -attr name samaccountname 

 

User accounts with "Do not require kerberos preauthentication" enabled

Dsquery * -limit 0 "(&(objectCategory=person)(objectClass=user)
(!userAccountControl:1.2.840.113556.1.4.803:=8388608)(!userAccountControl:1.2.840.113556.1.4.803:=65536)
(pwdLastSet>=129522420000000000)(pwdLastSet<=129548340000000000))"
-attr samaccountname name

 

List all Roaming Profile users in Active Directory

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)(profilePath=*) -limit 0 -name            

 

Generate SIDHistory Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)"
-attr samAccountName sidHistory 

 

Generate SID (ObjectSID) Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)"
-attr samAccountName Object 

 


Group

Identify all Security Groups

dsquery * -filter "(&(objectCategory=group)
groupType:1.2.840.113556.1.4.804:=2147483648))" -attr samAccountName name 

 

Identify all Built-In Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483649))" -attr samAccountName name 

 

Identify all Universal Security Groups

dsquery * -filter "(&(objectCategory=group)
 
(groupType:1.2.840.113556.1.4.803:=2147483656))" -attr samAccountName name 

 

Identify all Global Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483650))" -attr samAccountName name 

 


Computer

Move Computer Objects Based on OS Version

Move Windows 7 Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystemVersion=6.1))" | dsmove -newparent OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab 

 

Move Windows XP Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystemVersion=5.1))" | dsmove -newparent OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab 

 


Site and Subnet

List all Sites in Active Directory

Dsquery site * -name

 

Get Site Name from Subnet IP Address in Active Directory

(For example, Site Name for Subnet 192.168.2.0/24)

 Dsquery Subnet -Name 192.168.2.0/24 | Dsget Subnet -Site

 


Active Directory

When Active Directory installed

Dsquery * "CN=Configuration,DC=Santhosh,DC=lab" -attr Whencreated -Scope Base

 

Find Trusts from specified Domain

 Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)"
-attr TrustPartner FlatName 

 

Find Servers in Active Directory with descriptions

Dsquery * DC=Santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystem=*server*))"
-limit 0 -attr cn description

 

View all replicated attributes

Dsquery * CN=Schema,CN=Configuration,DC=Santhosg,DC=lab
-filter "(&(objectCategory=attributeSchema)(!systemFlags:1.2.840.113556.1.4.803:=1))" -limit 0

 

Find Tombstone and Garbage Collection

Dsquery *
"CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Santhosh,DC=lab"
-attr GarbageCollPeriod TombstoneLifetime

 

Find Group Policy GUIDs

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"
-filter (objectCategory=groupPolicyContainer) -attr Name DisplayName

 

Existing GPO's  information

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"-filter "(objectCategory=groupPolicyContainer)"        
-attr displayName cn whenCreated gPCFileSysPath            

 

Enumerate the trusts from the specified domain

 Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)"-attr TrustPartner FlatName  

Active Directory Subnet and Site Information

 Dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"-attr CN SiteObject Description Location              

 

 Dsquery * "CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"-attr CN Cost Description ReplInterval SiteList -filter (objectClass=siteLink)

 

Find Group Policy display name with the GUID

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"
-filter (objectCategory=groupPolicyContainer) -attr Name DisplayName