Here are some useful commands and scripts for administering Active Directory. 

For more information please see Active Directory Domain Services Command Reference (http://technet.microsoft.com/library/cc771131).


Source reference

http://portal.sivarajan.com/2011/08/searching-active-directory-using.html

Table of Contents

 


User

Identify OCS enabled users in Active Directory

Dsquery * -filter (msRTCSIP-UserEnabled=TRUE) -limit 0 -attr name samaccountname

 

Query Password Last Set (pwdlastset) value

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -limit 0
 -attr name pwdlastset

 

Note: Time can be converted using the w32tm /ntte command.

 

Search Password Never Expires Settings

Dsquery *  -limit 0 "(&(objectCategory=person)(objectClass=user)
(userAccountControl:1.2.840.113556.1.4.803:=65536))" -attr samaccountname name            

 

User accounts with no pwd required

Dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)

userAccountControl:1.2.840.113556.1.4.803:=32))"

 

User accounts that are disabled
Dsquery *domainroot -filter "(&(objectCategory=Person)(objectClass=User)
(userAccountControl:1.2.840.113556.1.4.803:=2))" 

 

Password Expiring information
dsget user 
CN=User1,DC=santhosh,DC=la -acctexpiresdsquery * -limit 0

 

Password Expiring in 30 Days
dsquery * -limit 0 -filter "(&(objectCategory=person)(objectClass=user)
(userAccountControl:1.2.840.113556.1.4.803:=4194304))" -attr name samaccountname 

 

User accounts with "Do not require kerberos preauthentication" enabled

Dsquery * -limit 0 "(&(objectCategory=person)(objectClass=user)
(!userAccountControl:1.2.840.113556.1.4.803:=8388608)
(!userAccountControl:1.2.840.113556.1.4.803:=65536)
(pwdLastSet>=129522420000000000)(pwdLastSet<=129548340000000000))"
-attr samaccountname name

 

List all Roaming Profile users in Active Directory

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)(profilePath=*) 
-limit 0 -name            

 

Generate SIDHistory Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)"
-attr samAccountName sidHistory 

 

Generate SID (ObjectSID) Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)"
-attr samAccountName Object 

 


Group

Identify all Security Groups

dsquery * -filter "(&(objectCategory=group)
groupType:1.2.840.113556.1.4.804:=2147483648))" -attr samAccountName name 

 

Identify all Built-In Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483649))" -attr samAccountName name 

 

Identify all Universal Security Groups

dsquery * -filter "(&(objectCategory=group)
 
(groupType:1.2.840.113556.1.4.803:=2147483656))" -attr samAccountName name 

 

Identify all Global Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483650))" -attr samAccountName name 

 


Computer

Move Computer Objects Based on OS Version

Move Windows 7 Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystemVersion=6.1))" | dsmove -newparent OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab 

 

Move Windows XP Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystemVersion=5.1))" | dsmove -newparent OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab 

 


Site and Subnet

List all Sites in Active Directory

Dsquery site * -name

 

Get Site Name from Subnet IP Address in Active Directory

(For example, Site Name for Subnet 192.168.2.0/24)
 Dsquery Subnet -Name 192.168.2.0/24 | Dsget Subnet -Site

 


Active Directory

When Active Directory installed

Dsquery * "CN=Configuration,DC=Santhosh,DC=lab" -attr Whencreated -Scope Base

 

Find Trusts from specified Domain

 Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)"
-attr TrustPartner FlatName 

 

Find Servers in Active Directory with descriptions

Dsquery * DC=Santhosh,DC=lab -filter "(&(objectCategory=Computer)
(operatingSystem=*server*))"
-limit 0 -attr cn description

 

View all replicated attributes

Dsquery * CN=Schema,CN=Configuration,DC=Santhosg,DC=lab
-filter "(&(objectCategory=attributeSchema)(!systemFlags:1.2.840.113556.1.4.803:=1))" -limit 0

 

Find Tombstone and Garbage Collection

Dsquery *
"CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Santhosh,DC=lab"
-attr GarbageCollPeriod TombstoneLifetime

 

Find Group Policy GUIDs

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"
-filter (objectCategory=groupPolicyContainer) -attr Name DisplayName

 

Existing GPO's  information

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"
-filter "(objectCategory=groupPolicyContainer)"        
-attr displayName cn whenCreated gPCFileSysPath            

 

Enumerate the trusts from the specified domain

 Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)"
-attr TrustPartner FlatName  

 

Active Directory Subnet and Site Information

 Dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"
-attr CN SiteObject Description Location              

 

Active Directory Site Links and Cost Information
 Dsquery * "CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"
-attr CN Cost Description ReplInterval SiteList -filter (objectClass=siteLink)

 

Find Group Policy display name with the GUID

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"
-filter (objectCategory=groupPolicyContainer) -attr Name DisplayName