Home » Dsquery » Dsquery User – Find users in the Active Directory

Dsquery User – Find users in the Active Directory

The Dsquery user command is used to find the users in the active directory that matches the specified search criteria.

dsquery user command retrieves user information from the active directory. The result can be piped as input to the other directory service command-line tools like dsget, Dsmod, Dsmove, or Dsrm.

dsquery user command is available on Microsoft Windows Server 2009, Windows Server 2008 R2, and Windows 8. It can be available if RSAT (Remote Server Administration Tools) features are installed on the latest operating system like Windows Server 2019.

To run the dsquery user command in command prompt (cmd) or PowerShell, use open cmd or PowerShell terminal with an elevated or administrator privileges.

In this tutorial, we will learn about dsquery user command, syntax, and dsquery user examples to retrieve user information from the active directory.

Dsquery User Syntax

To use the dsquery user command, see the dsquery user syntax and parameters details.

dsquery user [{<StartNode> | forestroot | domainroot}] [-o {dn | rdn | upn | samid}] [-scope {subtree | onelevel | base}] [-name <Name>] [-desc <Description>] [-upn <UPN>] [-samid <SAMName>] [-inactive <NumberOfWeeks>] [-stalepwd <NumberOfDays>] [-disabled] [{-s <Server> | -d <Domain>}] [-u <UserName>] [-p {<Password> | *}] [-q] [-r] [-gc] [-limit <NumberOfObjects>] [{-uc | -uco | -uci}]

Parameters

ParameterDescription
StartNode | forestroot | domainrootSpecifies the node in the console tree where the search starts.
forestroot = search using the global catalog
-o {dn|rdn|upn|samid}Specify the format used to display the search results.
-scope {subtree | onelevel |base}Specifies the scope for search.
-nameSearches for users whose name attribute match <Name>
-descSearches for users whose description attributes match <Description>
-upnSearches for users whose UPN attribute matches <UPN>
-samidSearches for users whose SAM account matches <SAMName>.
-inactive <numberOfWeeks>Searches for the user who has been inactive for at least the specified number of weeks.
-stalepwd <numberOfDays>Searches for the user who has not changed their password for the specified number of days.
-disabledSearches for the users who have disabled accounts.
-sSpecify the remote server to connect to.
-dSpecify the domain to connect to.
-uSpecify the username with which the user logs on to the remote server.
-pSpecify the password
-qSuppress all output to standard output.
-rSpecify the search to use recursive or follow referrals.
-gcSpecify the search to use the Active Directory global catalog.
-limit <numberOfObjects>Specified maximum number of objects to return, the default value is 100, use value 0 to return all objects.
-ucUnicode format
-ucoUnicode format for output only
-uciUnicode format for input only
Dsquery user parameters description

Let’s understand how to find user objects in the active directory using dsquery user examples.

Dsquery User Examples

Find User Account Expiry Date

Using the dsquery user command with search criteria specified in the name parameter, it finds the user object in the directory. Result object piped to the dsget user command to display the user account expiry date.

dsquery user -name "Tom*" -limit 0 | dsget user -display -acctexpires

In the above dsquery user example, it uses a limit parameter with the value 0 to return all the objects that match the specified search criteria.

The output of the above command displays the user account set to never expires.

Dsquery user account expiry date
Dsquery user account expiry date

Find all the sAmId in the directory

Use the dsquery user command with the -o parameter to specify the format to display the results.

dsquery user -o samid -limit 0

The output of the above dsquery user example is:

C:\Windows\system32>dsquery user -o samid -limit 0
"admin"
"Guest"
"krbtgt"
"toms"
"ErickJ"
"garyw"
"chrisd"
"adam"
"nathan"
"Don"
"EshD"
"Tira.Elsa"
"arons"
"Dev.NewHouse"
"Harsh.Dev"
"Netya.Xu"

C:\Windows\system32>

Get all the disabled users in the DC

dsquery user command has a disabled parameter to search for users whose account has been disabled in the directory.

dsquery user "dc=shellpro,dc=local" -disabled

The output of the above dsquery command finds all disabled user accounts in the directory.

"CN=Guest,CN=Users,DC=SHELLPRO,DC=LOCAL"
"CN=krbtgt,CN=Users,DC=SHELLPRO,DC=LOCAL"
"CN=nathan,CN=Users,DC=SHELLPRO,DC=LOCAL"
"CN=Esh Deol,OU=HR,DC=SHELLPRO,DC=LOCAL"

Using dsquery get user mobile number

Use the dsquery user command to find the user objects in the directory and piped the results to the dsget user command.

dsget user command has a mobile parameter to display user’s mobile number.

dsquery user -name "Tom*" -limit 0 | dsget user -mobile

The output of the above dsquery user example is:

C:\Windows\system32>dsquery user -name "Tom*" -limit 0 | dsget user -mobile
  mobile
  +1012392922323
dsget succeeded

C:\Windows\system32>

Find all users in ou using dsquery

To get all users in OU using the dsquery user command, use the distinguishedname of the OU in the dsquery command.

See the below example which finds all the users in OU using the dsquery user command.

dsquery user OU=SALES,DC=ShellPro,DC=Local | dsget user -samid -display

The output of the above dsquery user in OU example is:

C:\Windows\system32>dsquery user OU=SALES,DC=ShellPro,DC=Local | dsget user -samid -display
  samid     display
  toms      Tom Smith
  chrisd    Chris Dore
dsget succeeded

C:\Windows\system32>

Find the SID of the user using dsquery

Use the user name to find the SID of the user in the directory using dsquery.

dsquery user -name tom* | dsget user -SID

The output of the above dsquery command gets the SID of the user in the directory.

C:\Windows\system32>dsquery user -name tom* | dsget user -SID
  sid
  S-1-5-21-1326752099-4012446882-462961959-1103
dsget succeeded

Find the stale user account using dsquery stalepwd

Dsquery user command has a stalepwd parameter that searches for the users who have not changed their password for the specified number of days.

The following command identifies the stale user accounts in the active directory that have not changed their password in the last 60 days and exports the stale user accounts to the txt file.

dsquery user "dc=shellpro,dc=local" -stalepwd  60 > stalepwd.txt

The output of the above command gets stale user accounts in the domain controller (DC) and exports them to the stale.txt file.

Find all users in OU using dsquery

Using the dsquery user command with the specified OU name, we can find all users in OU.

The following command uses dsquery to find all users in OU and uses the dsget user command to display user names.

dsquery user "ou=sales,dc=shellpro,dc=local" | dsget user -display

The output of the above command is:

C:\>dsquery user "ou=sales,dc=shellpro,dc=local" | dsget user -display
  display
  Tom Smith
  Chris Dore
dsget succeeded

C:\>

Conclusion

I hope the above article on how to use the dsquery user command, and dsquery user syntax is helpful to you.

dsquery user examples help you to understand querying the active directory to find the user objects in the active directory.

You can find additional references for using the dsquery user command.

Dsquery all users in the group

Dsquery to find Disabled user accounts

Get User Display name using the dsquery

Get user last logon using the dsquery

Find the user’s last password change using the dsquery

Use dsquery to find user group membership

Find user all attributes using the dsquery

Find the user by attribute

Use dsquery to get inactive users

Use dsquery to list all users

Dsquery user email address

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.

Leave a Comment