Home » Dsquery » Dsquery Find User by Attribute in Active Directory

Dsquery Find User by Attribute in Active Directory

User object in the active directory has many attributes associated with it like cn, displayname, ou, name, distinguishedname, samaccountname and so many…

Using the dsquery command, we can find the user by attribute and display user object information.

In this tutorial, we will discuss how to use dsquery to find the user by email address, distinguishedname (dn), displayname, name, userprincipalname, and samaccountname.

Dsquery find user by email address

Using the general version of dsquery * with filter parameter to search the user by email address, it retrieves the user object and lists all attributes for the user.

dsquery * -filter "[email protected]" -attr *

The output of the above command to get a user by email address using dsquery is:

dsquery find user by email address
dsquery find user by email address

Dsquery find user by distinguishedName

Using the dsquery * command with filter parameter to find the user by dn (distinguishedName), it retrieves the user object and displays attributes for the user.

dsquery * -filter "distinguishedName=CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL" -attr *

The output of the above command to retrieve the user by distinguishedName is:

C:\Windows\system32>dsquery * -filter "distinguishedName=CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL" -attr *
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Tom Smith
sn: Smith
l: Houston
givenName: Tom
distinguishedName: CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL
instanceType: 4
whenCreated: 07/30/2021 13:08:57
whenChanged: 05/12/2022 17:46:32
displayName: Tom Smith
uSNCreated: 20509
memberOf: CN=SALESLeader,OU=SALES,DC=SHELLPRO,DC=LOCAL

Dsquery find user by displayName

Use the dsquery * command with filter parameter to specify the user displayName to find the user in the active directory.

dsquery * -filter "displayName=Tom Smith" -attr *

The output of the above command to search the user by displayName in the active directory using the dsquery command is:

C:\Windows\system32>dsquery * -filter "displayName=Tom Smith" -attr *
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Tom Smith
sn: Smith
l: Houston
givenName: Tom
distinguishedName: CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL
instanceType: 4
whenCreated: 07/30/2021 13:08:57
whenChanged: 05/12/2022 17:46:32
displayName: Tom Smith
uSNCreated: 20509
memberOf: CN=SALESLeader,OU=SALES,DC=SHELLPRO,DC=LOCAL
uSNChanged: 381048
company: ShellGeek
directReports: CN=Chris Dore,OU=SALES,DC=SHELLPRO,DC=LOCAL
employeeNumber: 1
name: Tom Smith

Dsquery find user by userprincipalName

Use the dsquery * command with filter parameter to specify userprincipalname to get the user object in the active directory.

dsquery * -filter "[email protected]" -attr *

The output of the above command to find user by userprincipalname using dsquery is:

C:\Windows\system32>dsquery * -filter "[email protected]" -attr *
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Tom Smith
sn: Smith
l: Houston
givenName: Tom
distinguishedName: CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL
instanceType: 4
whenCreated: 07/30/2021 13:08:57
whenChanged: 05/12/2022 17:46:32
displayName: Tom Smith
uSNCreated: 20509
memberOf: CN=SALESLeader,OU=SALES,DC=SHELLPRO,DC=LOCAL
uSNChanged: 381048
company: ShellGeek
directReports: CN=Chris Dore,OU=SALES,DC=SHELLPRO,DC=LOCAL
employeeNumber: 1
name: Tom Smith
objectGUID: {1F3A2572-2621-4E47-9BDF-81D1F8172F69}
userAccountControl: 66048
badPwdCount: 1
codePage: 0
countryCode: 0
employeeID: 1
badPasswordTime: 132971674857344847

Dsquery find user by samaccountName

Using the dsquery * command with filter parameter to specify samaccountName to find the user in the directory.

dsquery * -filter "samaccountname=toms" -attr *

The output of the above command to find a user by samaccountName using the dsquery command is:

C:\Windows\system32>dsquery * -filter "samaccountname=toms" -attr *
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Tom Smith
sn: Smith
l: Houston
givenName: Tom
distinguishedName: CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL
instanceType: 4
whenCreated: 07/30/2021 13:08:57
whenChanged: 05/12/2022 17:46:32
displayName: Tom Smith
uSNCreated: 20509
memberOf: CN=SALESLeader,OU=SALES,DC=SHELLPRO,DC=LOCAL
uSNChanged: 381048
company: ShellGeek
directReports: CN=Chris Dore,OU=SALES,DC=SHELLPRO,DC=LOCAL
employeeNumber: 1
name: Tom Smith
objectGUID: {1F3A2572-2621-4E47-9BDF-81D1F8172F69}
userAccountControl: 66048
badPwdCount: 1
codePage: 0
countryCode: 0
employeeID: 1
badPasswordTime: 132971674857344847
lastLogoff: 0
lastLogon: 0
pwdLastSet: 132721241372821181
primaryGroupID: 513
objectSid: S-1-5-21-1326752099-4012446882-462961959-1103
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: toms
sAMAccountType: 805306368
managedObjects: CN=SALESLeader,OU=SALES,DC=SHELLPRO,DC=LOCAL
userPrincipalName: [email protected]o.com
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=SHELLPRO,DC=LOCAL
dSCorePropagationData: 07/30/2021 13:08:57
dSCorePropagationData: 01/01/1601 00:00:00
lastLogonTimestamp: 132721265985339875
mail: [email protected]
deskLocation: B1D001
ADsPath: LDAP://ENGG-PRO.SHELLPRO.LOCAL/CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL

Conclusion

I hope the above article on how to find the user by attribute using the dsquery command is helpful to you.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.

Leave a Comment