DSQuery
1) How to open DSQUERY GUI Window
rundll32 dsquery,OpenQueryWindow
2) To list all attributes for the specfic user
dsquery * -filter "samaccountname=vkr" -attr *
3) This command will list all DCs are associated with this site
dsquery server -o rdn -site SiteName
4) To List all users in the OU
dsquery user ou=test,dc=AP,DC=SSS,dc=com
5) To List all users and their home folder path in the OU.
dsquery user "ou=test,dc=ap,dc=sss,dc=com" | dsget user –hmdir
6) How to find all groups of a user is memberof without the DN's?
dsquery group -samid "groupname" | dsget group -members | dsget user -samid -c
"-c" will ignore the errors
7) User member of the group and their name
dsquery user -samid "admin" | dsget user -memberof -expand | dsget group -samid
8) How to find if the Domain Controller is a Global Catalog (GC) or not ?
dsquery server -name test1 | dsget server -isgc
9) How to find Schema version?
schupgr
10) How to find Site name by server name ?
dsquery server -name test1 | dsget server -site
11) How to find users logon name by their givenname for bulk users?
for /f %%x in (%1) do dsquery * domainroot -filter
(&(objectcategory=person)(objectclass=user)(givenName=%%x)) -attr sAMAccountName
Copy the above command to notepad save to bat file eg: User.bat
list the users givenname in txt file like user.txt run the bat file below
user.bat user.txt >> C:\report.txt
12) How to find subnet with associated site.
dsquery subnet -name 10.222.88.0/25 | dsget subnet
13) How to find SID of a user?
dsquery user -samid <bbiswas> | dsget user -sid
dsquery * -filter (samaccountname=santhosh) – attr sid
14)To get the members status from the active directory group
dsquery group -samid “Group Pre-Win2k Name” | dsget group -members | dsget user -disabled -display
15) Command to find all the subnets for the given site
dsquery subnet -o rdn -site <site name>
16) Command to find all DCs in the given site
dsquery server -o rdn -site <site name>
17) Command to find all DCs in the Forest
dsquery server -o rdn -forest
18) How to find all attributes for all users?
Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)" -attr * >>output123.txt
19) Find Person name starting with Kum and his SAM Accountname
Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)(name=kum*)" -attr samaccountname
20) Show How Many Times wrong Password has been entered on a specified domain controller.
dsquery * -filter "(sAMAccountName=jsmith)" -s MyServer -attr givenName sn badPwdCount
21) Find out Account Expiry date
dsquery user -name * -limit 0 | dsget user -samid -acctexpires
22) The command displays the DNS host name, the site name, and whether the server is Global Catalog (GC) server for each domain controller
dsquery server | dsget server -dnsname -site -isgc
23) Get all the servers in the forest
dsquery server -forest -limit 0 | dsget server -dnsname -site -isgc
24) Extract the all groups from an OU with Group Scope & Group Type. Find the below snap for your reference.
dsquery group "ou=test,dc=gs,dc=com" -limit 0 | dsget group -samid -scope -secgrp
25) How to find particular user attribute using LDAP Filter?
dsquery * -filter (samaccountname=biz) -attr name whenchanged
26) Get user information doing input file
FOR /F %a IN (C:\file.csv) DO dsquery user -samid "%a" | dsget user -fn –ln >> C:\result.csv
FOR /F %a IN (C:\temp\user.txt) DO dsquery group -samid "%a" | dsget group -members | dsget user -samid >> C:\temp\a.txt
dsquery * domainroot -filter "((objectCategory=Person)(objectClass=User)(sAMAccountName=Jon*))
-attr sAMAccountName userPrincipalName department
27) Add set of groups to user
FOR /F %a IN (C:\group.txt) DO dsquery user -samid apple | dsmod group %a -addmbr
28) Find computers DN
FOR /F %a IN (C:\computer.txt) DO dsquery computer -name %a
29) To get the user home directory
FOR /F %a IN (C:\user.txt) DO dsquery user -samid %a | dsget user -hmdir >> a.txt
30) To export all users in domain
"dsquery * -limit 0 -filter ""(&(objectCategory=person)(objectClass=user)
(!userAccountControl:1.2.840.113556.1.4.803:=2))"" -attr sAMAccountName displayName >>
a.txt"
1) How to open DSQUERY GUI Window
rundll32 dsquery,OpenQueryWindow
2) To list all attributes for the specfic user
dsquery * -filter "samaccountname=vkr" -attr *
3) This command will list all DCs are associated with this site
dsquery server -o rdn -site SiteName
4) To List all users in the OU
dsquery user ou=test,dc=AP,DC=SSS,dc=com
5) To List all users and their home folder path in the OU.
dsquery user "ou=test,dc=ap,dc=sss,dc=com" | dsget user –hmdir
6) How to find all groups of a user is memberof without the DN's?
dsquery group -samid "groupname" | dsget group -members | dsget user -samid -c
"-c" will ignore the errors
7) User member of the group and their name
dsquery user -samid "admin" | dsget user -memberof -expand | dsget group -samid
8) How to find if the Domain Controller is a Global Catalog (GC) or not ?
dsquery server -name test1 | dsget server -isgc
9) How to find Schema version?
schupgr
10) How to find Site name by server name ?
dsquery server -name test1 | dsget server -site
11) How to find users logon name by their givenname for bulk users?
for /f %%x in (%1) do dsquery * domainroot -filter
(&(objectcategory=person)(objectclass=user)(givenName=%%x)) -attr sAMAccountName
Copy the above command to notepad save to bat file eg: User.bat
list the users givenname in txt file like user.txt run the bat file below
user.bat user.txt >> C:\report.txt
12) How to find subnet with associated site.
dsquery subnet -name 10.222.88.0/25 | dsget subnet
13) How to find SID of a user?
dsquery user -samid <bbiswas> | dsget user -sid
dsquery * -filter (samaccountname=santhosh) – attr sid
14)To get the members status from the active directory group
dsquery group -samid “Group Pre-Win2k Name” | dsget group -members | dsget user -disabled -display
15) Command to find all the subnets for the given site
dsquery subnet -o rdn -site <site name>
16) Command to find all DCs in the given site
dsquery server -o rdn -site <site name>
17) Command to find all DCs in the Forest
dsquery server -o rdn -forest
18) How to find all attributes for all users?
Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)" -attr * >>output123.txt
19) Find Person name starting with Kum and his SAM Accountname
Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)(name=kum*)" -attr samaccountname
20) Show How Many Times wrong Password has been entered on a specified domain controller.
dsquery * -filter "(sAMAccountName=jsmith)" -s MyServer -attr givenName sn badPwdCount
21) Find out Account Expiry date
dsquery user -name * -limit 0 | dsget user -samid -acctexpires
22) The command displays the DNS host name, the site name, and whether the server is Global Catalog (GC) server for each domain controller
dsquery server | dsget server -dnsname -site -isgc
23) Get all the servers in the forest
dsquery server -forest -limit 0 | dsget server -dnsname -site -isgc
24) Extract the all groups from an OU with Group Scope & Group Type. Find the below snap for your reference.
dsquery group "ou=test,dc=gs,dc=com" -limit 0 | dsget group -samid -scope -secgrp
25) How to find particular user attribute using LDAP Filter?
dsquery * -filter (samaccountname=biz) -attr name whenchanged
26) Get user information doing input file
FOR /F %a IN (C:\file.csv) DO dsquery user -samid "%a" | dsget user -fn –ln >> C:\result.csv
FOR /F %a IN (C:\temp\user.txt) DO dsquery group -samid "%a" | dsget group -members | dsget user -samid >> C:\temp\a.txt
dsquery * domainroot -filter "((objectCategory=Person)(objectClass=User)(sAMAccountName=Jon*))
-attr sAMAccountName userPrincipalName department
27) Add set of groups to user
FOR /F %a IN (C:\group.txt) DO dsquery user -samid apple | dsmod group %a -addmbr
28) Find computers DN
FOR /F %a IN (C:\computer.txt) DO dsquery computer -name %a
29) To get the user home directory
FOR /F %a IN (C:\user.txt) DO dsquery user -samid %a | dsget user -hmdir >> a.txt
30) To export all users in domain
"dsquery * -limit 0 -filter ""(&(objectCategory=person)(objectClass=user)
(!userAccountControl:1.2.840.113556.1.4.803:=2))"" -attr sAMAccountName displayName >>
a.txt"
