Active Directory: Active Directory Domain Services (AD DS) Commands and Scripts ~ Santhosh Sivarajan's Blog

Friday, November 11, 2011

Active Directory: Active Directory Domain Services (AD DS) Commands and Scripts

Friday, November 11, 2011 10:19 AM Blog-5 8 comments

I have updated the “Active Directory: Active Directory Domain Services (AD DS) Commands and Scripts” TechNet Wiki article with more DS commands. Feel free to update/modify this article. http://social.technet.microsoft.com/wiki/contents/articles/3537.aspx

User

Identify OCS enabled users in Active Directory

Dsquery * -filter (msRTCSIP-UserEnabled=TRUE) –limit 0 –attr name samaccountname

Query Password Last Set (pwdlastset) value

dsquery * -filter "&(objectClass=User)(objectCategory=Person)" -limit 0 -attr name pwdlastset

Note: Time can be convered using the w32tm /ntte command.

Search Password Never Expires Settings

Dsquery * -limit 0 “(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))” –attr samaccoutname name

Password Expiring in 30 Days

dsquery * -limit 0 -filter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=4194304))" -attr name samaccountname

User accounts with “Do not require kerberos preauthentication” enabled

Dsquery * -limit 0 “(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=8388608)(!userAccountControl:1.2.840.113556.1.4.803:=65536)(pwdLastSet>=129522420000000000)(pwdLastSet<=129548340000000000))” –attr samaccountname name

List all Roaming Profile users in Active Directory

dsquery * -filter "&(objectClass=User)(objectCategory=Person)(profilePath=*)" -limit 0 -name

Generate SIDHistory Report

dsquery * -filter "&(objectClass=User)(objectCategory=Person)" –attr samAccountName sidHistory

Generate SID (ObjectSID) Report

dsquery * -filter "&(objectClass=User)(objectCategory=Person)" –attr samAccountName Object

Group

Identify all Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.804:=2147483648))" –attr samAccountName name

Identify all Built-In Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483649))" –attr samAccountName name

Identify all Universal Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483656))" –attr samAccountName name

Identify all Gloabl Security Groups

dsquery * -filter "(&(objectCategory=group)
(groupType:1.2.840.113556.1.4.803:=2147483650))" –attr samAccountName name

Computer

Move Computer Objects Based on OS Version

Move Widnows 7 Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(ObjectClass=computer)(objectCategory=Computer)(operatingSystemVersion=6.1))" | dsmove -newparent OU=Win7,OU=ComputerAccounts,DC=santhosh,DC=lab

Move Windows XP Computers

dsquery * CN=Computers,DC=santhosh,DC=lab -filter "(&(ObjectClass=computer)(objectCategory=Computer)(operatingSystemVersion=5.1))" | dsmove -newparent OU=WinXP,OU=ComputerAccounts,DC=santhosh,DC=lab

Domain Controller

Site and Subnet

List all Sites in Active Directory

Dsquery site * -name

Get Site Name from Subnet IP Address in Active Directory (For example, Site Name for Subnet 192.168.2.0/24)

Dsquery Subnet -Name 192.168.2.0/24 | Dsget Subnet -Site

Posted in: Active Directory,Microsoft,Windows,Windows 2008 R2

8 comments:

Biswajit says:

November 13, 2011 at 11:57 PM

You are rocking Santhosh

Blog-5 says:

November 14, 2011 at 8:45 AM

Thanks Biswajit :)

Robert Welain says:

June 14, 2018 at 3:53 AM

Here are some argumentative essay tips for you, guys. Use them wisely!

Sophie Grace says:

January 2, 2020 at 2:11 AM

Your blog is very informative and helpful for me. I am really excited to find this post. I am so happy to find this post. Are you ready Halloween in game sims 4 skill cheats ? Dress your sims up in spooktacular costumer and build the perfedct haunted house with configurable stair.

Bed Pari Bangalore Escorts says:

October 12, 2020 at 5:58 AM

Bangalore Escorts
Bangalore escorts
Bangalore Escorts
Escorts Bangalore
VIP Escorts Bangalore

Deepika Rai says:

October 17, 2020 at 8:02 AM

Koramangala Escorts
Indira Nagar Escorts
Hosur Road Escorts
Jayanagar Escorts
HSR Layout Escorts
KR Puram Escorts
Marathahalli Escorts
Russian Escorts
Gandhi Nagar Escorts Services

March 17, 2021 at 4:37 AM

Thanks for sharing this brilliant article it was a very useful and helpful article.

chennai escorts
basavanagudi escorts
indiranagar escorts
hyderabad escorts
whitefield escorts
Bangalore Escorts

babli Kumari says:

August 28, 2021 at 7:15 AM

The escorts offer support to customers in the simplest way hyderabad escorts can. These escorts in hyderabad are responsible for providing the best service and protection. They do not take any extra care to provide a high-quality, charitable service for their clients. Independent luxury hyderabad escorts are always in high demand in hyderabad. Many girls think they are high-quality independent hyderabad escorts.
hyderabad escort service
goa escort service
Udaipur escort service

Santhosh Sivarajan's Blog

Friday, November 11, 2011

Active Directory: Active Directory Domain Services (AD DS) Commands and Scripts

I have updated the “Active Directory: Active Directory Domain Services (AD DS) Commands and Scripts” TechNet Wiki article with more DS commands. Feel free to update/modify this article. http://social.technet.microsoft.com/wiki/contents/articles/3537.aspx

User

Group

Computer

Domain Controller

Site and Subnet

8 comments:

Post a Comment

Popular Posts

Share

Email Subscription