Active Directory Domain Services (AD DS) Commands and Scripts

Here are some useful commands and scripts for administering Active Directory. 

For more information please see Active Directory Domain Services Command Reference (http://technet.microsoft.com/library/cc771131).

---

Source reference

http://portal.sivarajan.com/2011/08/searching-active-directory-using.html

 

---

User

Identify OCS enabled users in Active Directory

Dsquery * -filter (msRTCSIP-UserEnabled=TRUE) -limit 0 -attr name samaccountname

 

Query Password Last Set (pwdlastset) value

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -limit 0 -attr name pwdlastset

 

Note: Time can be converted using the w32tm /ntte command.

 

Search Password Never Expires Settings

Dsquery *  -limit 0 "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))" -attr samaccountname name

 

User accounts with no pwd required

Dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)userAccountControl:1.2.840.113556.1.4.803:=32))"

 

User accounts that are disabled

Dsquery *domainroot -filter "(&(objectCategory=Person)(objectClass=User) (userAccountControl:1.2.840.113556.1.4.803:=2))"

 

Password Expiring information

dsget user CN=User1,DC=santhosh,DC=la -acctexpiresdsquery * -limit 0

 

Password Expiring in 30 Days

dsquery * -limit 0 -filter "(&(objectCategory=person)(objectClass=user) (userAccountControl:1.2.840.113556.1.4.803:=4194304))" -attr name samaccountname

 

User accounts with "Do not require kerberos preauthentication" enabled

Dsquery * -limit 0 "(&(objectCategory=person)(objectClass=user) (!userAccountControl:1.2.840.113556.1.4.803:=8388608)(!userAccountControl:1.2.840.113556.1.4.803:=65536) (pwdLastSet>=129522420000000000)(pwdLastSet<=129548340000000000))" -attr samaccountname name

 

List all Roaming Profile users in Active Directory

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)(profilePath=*) -limit 0 -name

 

Generate SIDHistory Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -attr samAccountName sidHistory

 

Generate SID (ObjectSID) Report

Dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -attr samAccountName Object

 

---

Group

Identify all Security Groups

dsquery * -filter "(&(objectCategory=group) groupType:1.2.840.113556.1.4.804:=2147483648))" -attr samAccountName name

 

Identify all Built-In Security Groups

dsquery * -filter "(&(objectCategory=group) (groupType:1.2.840.113556.1.4.803:=2147483649))" -attr samAccountName name

 

Identify all Universal Security Groups

dsquery * -filter "(&(objectCategory=group) (groupType:1.2.840.113556.1.4.803:=2147483656))" -attr samAccountName name

 

Identify all Global Security Groups

dsquery * -filter "(&(objectCategory=group) (groupType:1.2.840.113556.1.4.803:=2147483650))" -attr samAccountName name

 

---

Computer

Move Computer Objects Based on OS Version

Move Windows 7 Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer) (operatingSystemVersion=6.1))" | dsmove -newparent OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab

 

Move Windows XP Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(objectCategory=Computer) (operatingSystemVersion=5.1))" | dsmove -newparent OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab

 

---

Site and Subnet

List all Sites in Active Directory

Dsquery site * -name

 

Get Site Name from Subnet IP Address in Active Directory

(For example, Site Name for Subnet 192.168.2.0/24)

Dsquery Subnet -Name 192.168.2.0/24 | Dsget Subnet -Site

 

---

Active Directory

When Active Directory installed

Dsquery * "CN=Configuration,DC=Santhosh,DC=lab" -attr Whencreated -Scope Base

 

Find Trusts from specified Domain

Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)" -attr TrustPartner FlatName

 

Find Servers in Active Directory with descriptions

Dsquery * DC=Santhosh,DC=lab -filter "(&(objectCategory=Computer) (operatingSystem=*server*))" -limit 0 -attr cn description

 

View all replicated attributes

Dsquery * CN=Schema,CN=Configuration,DC=Santhosg,DC=lab -filter "(&(objectCategory=attributeSchema)(!systemFlags:1.2.840.113556.1.4.803:=1))" -limit 0

 

Find Tombstone and Garbage Collection

Dsquery * "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Santhosh,DC=lab" -attr GarbageCollPeriod TombstoneLifetime

 

Find Group Policy GUIDs

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab" -filter (objectCategory=groupPolicyContainer) -attr Name DisplayName

 

Existing GPO's  information

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab"-filter "(objectCategory=groupPolicyContainer)" -attr displayName cn whenCreated gPCFileSysPath

 

Enumerate the trusts from the specified domain

Dsquery * "CN=System,DC=Santhosh,DC=lab" -filter "(objectClass=trustedDomain)"-attr TrustPartner FlatName

Active Directory Subnet and Site Information

Dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"-attr CN SiteObject Description Location

 

Active Directory Site Links and Cost Information

Dsquery * "CN=Sites,CN=Configuration,DC=Santhosh,DC=lab"-attr CN Cost Description ReplInterval SiteList -filter (objectClass=siteLink)

 

Find Group Policy display name with the GUID

Dsquery * "CN=Policies,CN=System,DC=Santhosh,DC=lab" -filter (objectCategory=groupPolicyContainer) -attr Name DisplayName

 

---