Finding users in large Active Directory forests

1Feb/05

Finding users in large Active Directory forests

As I have been getting in and doing more stuff with ADSI programming from .NET, C# and VBScript, its a frequent need to lookup the users after I make changes to them. Also, finding their dn in the directory can sometimes be tricky, especially when you are working in a forest with 10,000 items, and multiple OU's where users can be hidden. Most of the GUI based browsers of Active Directory (like Softerra's LDAP Browser) have issues with returning all the objects in an OU. Fun to watch it scroll then choak. To that end, I found several nice command line utilities for querying Active Directory, and updating it for that matter.

If you install the Windows 2003 Administrator Tool Kit, you will find that several new tools are installed. dsmod, dsget, dsadd, dsmove,dsquery, dsrm. I won't go into the details of each of these handy little utilities, but its much easier to do common things with these tools than learning how to do LDIF export and imports.

One thing I do alot is:

dsquery user -name bsmith

"CN=bsmith,OU=Users,OU=San Diego,DC=company,DC=com"

And you can chain the commands together so you can query for wild card values and perform multiple actions on them by feeding it into dsmod.

Enjoy!

Trackbacks are disabled.

CinemaNow to Offer Television Episode Downloads » « Programatically assigning Delegates in Outlook / Exchange

Sig of the Week

Butters go buy World of Warcraft, install it on your computer, and join the online sensation before we all murder you.

Finding users in large Active Directory forests

Sig of the Week

Previous Posts

Blogroll