List all AD user accounts matching a string:
C:>adfind -b DC=Test,DC=com -f “(&(objectcategory=user)(name=*govardhan*))” displayname AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010 Using server: test.domain.com:389 Directory: Windows Server 2008 dn:CN=Govardhan g.,OU=TestUsers,DC=test,DC=com >displayName: Govardhan g. 1 Objects returned C:> — — List all computer (server) accounts whose operating system matching certain string: C:>adfind -b DC=Test,DC=com -f “(&(objectcategory=computer)(OperatingSystem=server*2008*r2))” operatingsystem AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010 Using server: test.domain.com:389 Directory: Windows Server 2008dn:CN=W2K81049,CN=Computers,DC=test,DC=com
>operatingSystem: Windows Server 2008 R2 Enterprise
1 Objects returned
C:> List all members of a AD group:C:>adfind -b DC=Test,DC=com -f “(&(objectcategory=group)(name=*_tech))” member | cut -d”,” -f1 | cut -f2 -d”=”AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010 Using server: test.domain.com:389 Directory: Windows Server 2008
_Tech
Govardhan
Admin
superuser
1 Objects returned
C:>
Get the count of objects in a AD group:
C:>adfind -b DC=Test,DC=com -f “(&(objectcategory=group)(name=testgrp))” member | grep -i -P “^dn|^>” | wc -l
AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010
15
C:>
Get the count of number of AD objects matching LDAP filter criteria:
C:>adfind -default -f “(&(objectcategory=computer)(OperatingSystem=*2008*))” -c
AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010
Using server: test.domain.com:389 Directory: Windows Server 2008Base DN: DC=Test,DC=com
48 Objects returned
C:>
Get the Count of all computer objects in AD.
C:>adfind -default -sc adobjcnt:computer
AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010
Using server: test.domain.com:389 Directory: Windows Server 2008Base DN: DC=Test,DC=com
1498 Objects returned
C:>
List all OU’s matching a specific string.
C:>AdFind.exe -default -f “(&(objectcategory=OrganizationalUnit)(name=*app))” description
AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010
Using server: test.domain.com:389 Directory: Windows Server 2008Base DN: DC=test,DC=com
dn:OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
1 Objects returned
C:>
List all objects under specified OU:
C:>AdFind.exe -default -rb “OU=TestApp1,OU=TestApps,OU=Test-Site” member
AdFind V01.42.00cpp Joe Richards ([email protected]) April 2010
Using server: test.domain.com:389 Directory: Windows Server 2008Base DN: OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:OU=en-us,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:CN=App-user1,OU=en-us,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:CN=App-user2,OU=en-us,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
dn:CN=App-users-G,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
>member: CN=App-user1,OU=en-us,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
>member: CN=App-user2,OU=en-us,OU=User-GRP1,OU=TestApp1,OU=TestApps,OU=Test-Site,DC=test,DC=com
6 Objects returned
C:>
Reference: ADFind Usage
0 thoughts on “Adfind: Querying Active Directory made easy”
Can we connect to a different AD Server using the command adfind.
yes you can. Below is a quick syntax:
adfind -h