Thursday, March 26, 2009

One-liners with dsquery

Get all the members of a group:
dsquery group -name group_name dsget group -members

See all the users with their associated logon script:
dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User))" -limit 0 -attr sAMAccountName sn distinguishedName scriptPath

See the groups from Active Directory that does not have any members:
dsquery * -filter "&(objectCategory=group)(!member=*)" -limit 0 -attr groupType sAMAccountName distinguishedName

See when a group was created, and membership:
dsquery * -filter "&(objectCategory=group)" -limit 0 -attr whenCreated samaccountname memberof

Check the expiration date of all users accounts in an OU:
dsquery user "OU=XXX,DC=test,DC=com" dsget user -dn -acctexpires

P.S. I see that for an unknown reason, the pipe command does not appear in my post. So, i must mention that before every dsget command in the upper scripts there is a pipe sign.

Tuesday, March 24, 2009

How to see the installed updates/fixes on a computer

Before writing this post i was aware of a single method:
systeminfo find "KB"
To do it on a remote computer, i used the combination of psexec and the upper command or
systeminfo /s %computername% find "KB"
But the output of the command is not so easily readable. Recently, i found this great article which revealed me a second method, exporting the results in html format:
So, here is the command:
wmic qfe list full /format:htable > C:\hotfixes.html
To do it on a remote computer:
wmic /node:”computername” qfe list full /format:htable > C:\hotfixes.html

How to recover from the failure of a subdomain single domain controller

Supposing that your unique domain controller from a subdomain had a hardware failure, those are the 2 steps you need to follow to recover:
1) Remove orphaned domain from Active Directory:
2) Restore the server through reinstallation of the operating system and subsequent restore of Active Directory from backup:

Monday, March 16, 2009

Get mac and installed drivers

Here is a command line that will show you the mac address of the network card of a remote computer:
getmac /S
And the following will list all the drivers on your system:
Or on a remote system:
driverquery /S