I do work for different doctor’s offices here and there. I was waiting on some server tasks to complete when I had picked up one of those doctor journals type magazines, I’ll never make that mistake again. I read through some of the paragraphs, I understood what each of the words meant, well most of the words. But putting all of it together to understand what it was trying to convey as a whole was a different task entirely.
So even though I was reading, I was definitely not learning anything from that, because I had no background or pretext to what the journal was really about. You might also say the same thing about non-technical people reading this blog. You know who you are! This can apply to anything that you’re unfamiliar with, unless you’re like one of my other friends who reads a book once and can tell you the names of all of the characters that were in it 3 years after he read it.
I had this same issue when first looking over the dsquery tool. The way it was presented to me was more along the line with creating new user accounts en mass. That would be more useful for a corporate environment, so I didn’t really take the time to sink my teeth into it.
Untill I was tasked to list of all the users at one of the businesses I work with. Rather than typing each of the names out, which would have taken quite a while, I’ve done it for other clients, I remembered the dsquery tool. After some trial an error trying to get it to work, I found the best solution is to run it this way:
dsquery ou domainroot
This will give you all the OUs in their correct form on your domain. From there you would just plug it into the dsquery user command:
Dsquery user "OU=Users,OU=Awesome,DC=SomeDomain,DC=com”
It popped out the list in no time flat. Unfortunatly it wasn’t plain text names. Just had to crop the full OU out of the name, which was easy with notepad.
After realizing how neato of a tool this was, I started thinking of other ways I could use this new found power. You can us this for all sorts of great tools. Like finding computers that haven’t checked into the domain for 12 weeks.
dsquery computer -inactive 12
Or a user that the business owner forgot to tell you quit 4 weeks ago.
dsquery user –inactive 4
Last neat trick. I don’t know how many people hate to change their passwords. Some times they’ll get into their own system and set it so they don’t need to change so and so user’s password. You can get a general idea of how many users have gone so many days with out changing their password
dsquery user "OU=Users,OU=Awesome,DC=SomeDomain,DC=com” -stalepwd 60
Now one warning about being able to use this command. You will need a Domain Functional Level of Windows 2003. And that’s a whole different topic.