So I’m preparing on doing a clean-up of our NETLOGON/SYSVOL folder containing about 50 or so different logon scripts (plenty of which I know are no longer used). I wanted to create a list of all of our active directory users along with what logon script they were assigned (I could then feed this list into excel and play around). I realised that I could get this information using dsquery, but how exactly do I build a query to get a logon script. The following command is what I used, I will then break it down for a better understanding.
dsquery user -name * | dsget user -display -loscr > C:\users_script.txt
So we’ve got our dsquery, which is really looking for AD object types of user with a name of anything, so basically ALL user objects in Active Directory (you can also optionally specify a limit using -limit). We then pass on this list to dsget which will use this information to obtain the objects’ display name (with -display) and logon script (-loscr). I am then simply piping the output to a text file.
So that is a quick and easy way of getting a list of all users in AD along with their logon script.