Dsquery command-line tool is used to query active directory using the specified search criteria and finds objects of the specific object type. Using the dsquery, we can get a list of all users in the domain controller or list all users in OU.
Use the dsquery user command to list all users in the domain or organizational unit. Use the limit parameter to restrict the user’s count if the active directory contains a large number of users. It may take a while to get a list of all users in a domain.
In this article, we will discuss how to use the dsquery user command to list all users from the domain or list all users in OU using the dsquery user and export all users to a CSV file.
Dsquery list all users in Domain Controller
Use the dsquery user command to list all users in the domain controller using the specified search criteria of the domain name.
dsquery user dc=SHELLPRO,dc=local -limit 0 | dsget user -samid -fn -ln -display > C:\Temp\aduser.csv
In the above command, the dsquery user gets a list of all users in the domain controller using the specified dc=SHELLPRO,dc=local
. -limit 0 will output all users in dc.
If the limit is not provided, it will stop after 100 results and throw the exception,
Dsquery has reached the specified limit on number of results to display; use a different value for the -limit option to display more results.
dsget user command lists user objects properties like samid, first name, last name, and user display name. It will pass the user object properties to export all users in the domain to a CSV file.
The output of the above command to list all users in the domain and export to CSV file is:
samid fn ln display
admin John Paul John Paul
Guest
krbtgt
toms Tom Smith Tom Smith
ErickJ Erick Jones Erick Jones
garyw Gary Willy Gary Willy
chrisd Chris Dore Chris Dore
adam Adam Strauss Adam Strauss
nathan Natha Tim Nathan Tim
Don Don Astle
EshD Esh Deol Esh Deol
Tira.Elsa Tira Elsa Tira Elsa
arons Aron Seth Aron Seth
Dev.NewHouse Dave NewHouse Dave NewHouse
Harsh.Dev Harsh Dev Harsh Dev
Netya.Xu Netya Xu Netya Xu
dsget succeeded
Cool Tip: How to get the list of all users in the group using dsquery!
Using dsquery to list users in ou
The organizational unit in the Microsoft Active Directory domain contains users, groups, and computers.
Using the dsquery user command with the specified search criteria of DN of the OU, it lists users in OU. dsget user command is used to display active directory user object properties like samid, first name, last name, and display name.
dsquery user ou=HR,dc=SHELLPRO,dc=local -limit 0 | dsget user -samid -fn -ln -display
The output of the above command to retrieve all users in the organizational unit is:
Cool Tip: How to use the dsquery * command to get user last logon!
Conclusion
I hope the above article on how to use the dsquery command to list all users in the domain controller and all users in ou (organizational unit) is helpful to you.
You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.