A Windows System Admin's Blog

Covering Server Administration, Endpoint Management, Scripting and Network Management

Getting a list of users in Active Directory as well as their Logon Script using dsquery and dsget

,

So I’m preparing on doing a clean-up of our NETLOGON/SYSVOL folder containing about 50 or so different logon scripts (plenty of which I know are no longer used).  I wanted to create a list of all of our active directory users along with what logon script they were assigned (I could then feed this list into excel and play around).  I realised that I could get this information using dsquery, but how exactly do I build a query to get a logon script.  The following command is what I used, I will then break it down for a better understanding.

dsquery user -name * | dsget user -display -loscr > C:\users_script.txt

So we’ve got our dsquery, which is really looking for AD object types of user with a name of anything, so basically ALL user objects in Active Directory (you can also optionally specify a limit using -limit).  We then pass on this list to dsget which will use this information to obtain the objects’ display name (with -display) and logon script (-loscr).  I am then simply piping the output to a text file.

So that is a quick and easy way of getting a list of all users in AD along with their logon script.

Leave a Reply

More Posts

Using LDAPS (Secure LDAP Binding) with Moodle for Sign-In running on IIS in a Windows Active Directory Domain

The process for running LDAP queries via secure channel for Moodle is fairly straight forward. This method is not using a trusted certificate but is encrypting the traffic between Moodle and your Domain Controller to prevent snooping. The first thing you will want to do is install the latest OpenSSL binaries onto your Moodle Server. […]

Windows 10 May 2019 or 1903 Software Update Management Changes for WSUS and Config Manager

We’ve started to deploy the latest release of Windows 10 and it’s interesting to note that Microsoft have released with little fan-fare some changes to the way Updates are deployed for the 1903 release. Microsoft are now pushing updates through what is called the Unified Update Platform (see this RPC Mag article). Anyway, the main […]

Solving the FIM (Forefront Identity Manager 2010 R2) FIMService start timeout (Portal) and getting it to Start

We were recently making changes to our FIM environment where our Forefront Identity Manager boxes required restarts.  With FIM we’re always making changes in our Development kit before moving into production (which is something everyone should try do).  We quickly found that we couldn’t get back into the FIM portal and taking a quick look […]