لطفا منتظر باشید ...
Publisher| dsquery | new in WS2003 |
Directory.
Syntax
dsquery command switches [{-s Server|-d Domain}] [-u UserName]
[-p {Password|*}] [-desc Description] [-q] [-r] [-gc] [-limit N]Options
- command
Any dsquery command (see below)- switches
Various switches that go with each command (see below)- {-s Server | -d Domain}
Connects to a specified server or domain to run the command (if
omitted, defaults to domain controller in logon domain).- [-u UserName] [-p {Password | *}]
Credentials for running the command. Specify
UserName as
domain\user or
user@domain. If -p *,
prompts for password.- -desc Description
Description for the object.- -q
Runs in quiet mode to suppress standard output of command.- -r
Performs recursive search or follows referrals during search.- -gc
Performs the search using the global catalog.- -limit N
Number of results to be returned (default is 1000).
Commands
Here is a list of supported dsquery commands
together with a brief description of their syntax (only the most
commonly used switches are described).
- dsquery computer [{StartNode | forestroot | domainroot}] [-o {dn | rdn | samid}] [-scope {subtree | onelevel | base}] [-name Name] [-samid SAMName] [-inactive Weeks] [-stalepwd Days] [-disabled]
Searches for computers within Active Directory. The switches here are:- {StartNode | forestroot | domainroot}
Where to begin the search (default is domainroot)- -o {dn | rdn | samid}
Output search results by distinguished name, relative distinguished
name, or SAM account name of each object- -scope {subtree | onelevel | base}
Scope of search to be entire subtree of start node, immediate
children of start node, or start node only- -name Name
Searches for computers with specified name (wildcards supported)- -samid SAMName
Searches for computer accounts with specified SAM account name- -inactive Weeks
Searches for computer accounts that have been stale (inactive) for a
certain number of weeks- -stalepwd Days
Searches for computers whose password has not been modified for a
certain number of weeks- -disabled
Searches for disabled computer accounts
- dsquery contact [{StartNode | forestroot | domainroot}] [-o {dn | rdn}] [-scope {subtree | onelevel | base}] [-name Name]
Searches for contacts within Active Directory. See dsquery
computer earlier in this list for an explanation of
switches.- dsquery group [{StartNode | forestroot | domainroot}] [-o {dn | rdn | samid}] [-scope {subtree | onelevel | base}] [-name Name] [-samid SAMName]
Searches for groups within Active Directory. See dsquery
computer earlier in this list for an explanation of
switches.- dsquery ou [{StartNode | forestroot | domainroot}] [-o {dn | rdn}] [-scope {subtree | onelevel | base}] [-name Name]
Searches for organizational units within Active Directory. See
dsquery computer earlier in this list for an
explanation of switches.- dsquery partition [-o {dn | rdn}] [-part PartitionCN]
Searches for partitions matching the common name
PartitionCN.- dsquery quota [{domainroot | ObjectDN}] [-o {dn | rdn}] [-acct Name] [-qlimit Filter]
Searches for quota specifications within Active Directory. The
switches here are:- domainroot | ObjectDN
Specifies the starting point for the search, either the root of the
domain or the distinguished name of a specified container- -o {dn | rdn | samid}
Output search results by distinguished name, relative distinguished
name, or SAM account name of each object- -acct Name
The security principal to which the quota specifications queried are
assigned- -qlimit Filter
Searches for quota specifications matching the filter condition, for
example, "=100" or "<=75"
percent
- dsquery server [-forest] [-domain DomainName] [-site SiteName] [-o {dn | rdn}] [-name Name] [-hasfsmo {schema | name | infr | pdc | rid}] [-isgc]
Searches for domain controllers within Active Directory. See
dsquery computer earlier in
this list for an explanation of some switches. Other switches
include:- -forest
Searches for domain controllers in the forest- -domain DomainName
Searches for domain controllers in the specified domain- -site SiteName
Searches for domain controllers in the specified site- -hasfsmo {schema | name | infr | pdc | rid}
Searches for domain controllers with a specific FSMO role assigned- -isgc
Searches for domain controllers that are global catalog servers
- dsquery site [-o {dn | rdn}] [-name Name]
Searches for sites within Active Directory. See dsquery
computer earlier in this list for an explanation of
switches.- dsquery user [{StartNode | forestroot | domainroot}] [-o {dn | rdn | samid | upn}] [-scope {subtree | onelevel | base}] [-name Name] [-upn UserPrincipalName] [-samid SAMName] [-inactive Weeks] [-stalepwd Days] [-disabled]
Searches for user accounts within Active Directory. See
dsquery computer earlier in this list for an
explanation of these switches.- dsquery * [{StartNode | forestroot | domainroot}] [-scope {subtree | onelevel | base}] [-filter LDAPFilter] [-attr {AttributeList | *}] [-attrsonly] [-l]
Searches for objects in Active Directory by using an LDAP query.
Examples
Search for all computer accounts in the forest:
dsquery computer forestroot -o dn
"CN=ESRV210D,OU=Sales,DC=mtit,DC=local"
"CN=ESRV230D,CN=Computers,DC=mtit,DC=local"
"CN=DESK155,OU=Sales,DC=mtit,DC=local"
"CN=DESK156,OU=Sales,DC=mtit,DC=local"
"CN=DESK157,OU=Sales,DC=mtit,DC=local"
Restrict search to computers whose name begins with
D and which reside in the Sales OU, displaying
results as SAM account names:
dsquery computer OU=Sales,DC=mtit,DC=local -o samid -name d*
"DESK155$"
"DESK156$"
"DESK157$"
Search for the PDC Emulator in the local domain:
dsquery server -hasfsmo pdc
"CN=ESRV210D,CN=Servers,CN=Default-First-
Site,CN=Sites,CN=Configuration,DC=mtit,DC=local"
Display all partitions in Active Directory:
dsquery partition
"DC=TAPI3Directory,DC=mtit,DC=local"
"DC=DomainDnsZones,DC=mtit,DC=local"
"DC=ForestDnsZones,DC=mtit,DC=local"
"CN=Configuration,DC=mtit,DC=local"
"DC=mtit,DC=local"
"CN=Schema,CN=Configuration,DC=mtit,DC=local"
See Also
Active Directory , dsadd,
dsget, dsmod,
dsmove, dsrm,
Groups , Users
