dsquery ldap

DSQuery *

Find objects in the directory using a Lightweight Directory Access Protocol (LDAP) query.

Syntax DSQuery * [{StartNode | forestroot | domainroot}] [-scope {subtree | onelevel | base}] [-filter LDAPFilter] [-attr {AttributeList | *}] [-attrsonly] [-l] [{-s Server | -d Domain}] [-u UserName] [-p {Password | *}] [-q] [-r] [-gc] [-limit NumberOfObjects] [{-uc | -uco | -uci}] Key StartNode | forestroot | domainroot The node in the console tree where the search starts. forestroot = search using the global catalog. -scope The scope of the search: subtree = subtree that is rooted at the start node in the console tree. onelevel = immediate children of the start node only. base = single object that the start node represents. If forestroot is the StartNode, then subtree is the only valid scope. -filter Apply an explicit LDAP search filter e.g. (&(objectCategory=Person)(sn=smith*)) Default = (objectClass=*) -attr Select the Attributes to display - semicolon separated LDAP display names. ( -attr * will display all the attributes in a list.) Default = DN. -attrsonly Display only attribute types, not their values. Default=display both. -l Display entries in a list instead of a table. -s Server to connect to (Default=the domain controller in the logon domain.) -d Domain to connect to. -u Username with which the user logs on to a remote server. -p Password (UserName or Domain\UserName or Username@domain.com) -q Quiet, suppress all output -r Recursive search (follow referrals) -gc Use the AD global catalog during the search. -limit The maximum number of objects to return, default=100. -uc Unicode format -uco Unicode format for output only -uci Unicode format for input only

DS* commands are available on networked machines with the server role A.D. Domain Services installed, Domain Controllers (or for XP users: XP Professional).


Display all the attributes of an object given its distinguished name:

C:\> dsquery * OU=Demo,DC=ss64,DC=Com -scope base -attr *

Display the SAM account name of an object given its distinguished name:

C:\> dsquery * OU=Demo,DC=ss64,DC=Com -scope base -attr sAMAccountName

“Some say Lady Gaga is a lie. And they are right, I am a lie and everyday I kill to make it true” - Lady Gaga

Related commands:

DSAdd - Add object

DSMod - Modify object

DSGet - Display object

DSMove - Move object

DSQuery - Search for objects

DSRM - Delete object

CSVDE - Import or export AD info in CSV format.

LDIFDE - Edit AD Objects, extend schema, import or export AD information.