Using dsquery computer

dsquery computer searches Active Directory for computers that match specified credentials. You can use dsquery computer to find groups and then send a list of those computers to another command. For example, you can use dsquery computer to query AD for all disabled computer accounts and have those results imported into dsmod to change the computers' description to disabled. dsquery computer uses the following syntax.Table 4.18 explains all the syntax in detail.

dsquery computer [{<StartNode> | forestroot | domainroot}] [-o {dn | rdn | samid}] [-scope {subtree | onelevel | base}] [-name <Name>] [-desc <Description>] [-samid <SAMName>] [-inactive <NumWeeks>] [-stalepwd <NumDays>] [-disabled] [{-s <Server> | -d <Domain>}] [-u <UserName>] [-p {<Password> | *}] [-q] [-r] [-gc] [-limit <NumObjects>] [{-uc | -uco | -uci}]

Table 4.18 Understanding the dsquery computer Syntax

Value

Description

{<StartNode> | forestroot | domainroot}

-scope {subtree | onelevel | base}

-name <Name> -desc <Description> -samid <SAMName> -inactive <NumWeeks> -stalepwd <NumDays>

-disabled

The node where the search starts: forest root, domain root, or a node whose DN is <StartNode>. Can be "forestroot," "domainroot," or an object DN. If "forestroot" is specified, the search is done via the global catalog. Default: domainroot.

Specifies the output format. Default: DN.

Specifies the scope of the search: subtree rooted at start node (subtree); immediate children of start node only (onelevel); the base object represented by start node (base). Note that subtree and domain scope are essentially the same for any start node unless the start node represents a domain root. If forestroot is specified as <StartNode>, subtree is the only valid scope. Default: subtree.

Finds computers whose names match the value given by <Name>; e.g., "jon*" or "*ith" or "j*th."

Finds computers whose descriptions match the value given by <Description>; e.g., "jon*" or "*ith" or "j*th."

Finds computers whose SAM account names match the filter given by <SAMName>.

Finds computers that have been inactive (stale) for at least <NumWeeks> number of weeks.

Finds computers that have not changed their password for at least <NumDays> number of days.

Finds computers with disabled accounts.

-s <Server> connects to the domain controller(DC) with name <Server>.

-d <Domain> connects to a DC in domain <Domain>. Default: a DC in the log-on domain.

Connect as <UserName>. Default: the logged-on user. Username can be: username, domain\username, or user principal name (UPN).

Table 4.18 Understanding the dsquery computer Syntax

Value

Description

-limit <NumObjects>

Password for the user <UserName>. If *, then prompt for password.

Quiet mode: suppresses all output to standard output.

Recurses or follows referrals during search. Default: do not chase referrals during search.

Searches in the Active Directory global catalog.

Specifies the number of objects matching the given criteria to be returned, where <NumObjects> is the number of objects to be returned. If the value of <NumObjects> is 0, all matching objects are returned. If this parameter is not specified, by default the first 100 results are displayed.

-uc specifies that input from or output to pipe is formatted in Unicode.

-uco specifies that output to pipe or file is formatted in Unicode.

-uci specifies that input from pipe or file is formatted in Unicode.

Was this article helpful?

0 0
Computer Hard Drive Data Recovery

Computer Hard Drive Data Recovery

Learn How To Recover Your Hard Drive Data After A Computer Failure.

Get My Free Ebook


Responses

  • Demsas
    What is a start node dsquery?
    11 months ago

Post a comment