NIST's guidance for a Zero Trust Architecture

Active Directory Objects

How to locate Active Directory Objects

What you’ll learn: 

Active Directory administrators have had to come up with unique ways of finding objects in Active Directory. In a small environment, locating the required object can be quite straightforward. However, in large environments, there are tools and techniques to help with the search. Manually digging through thousands of users, groups, and computers to find the required objects can be quite time-consuming. In this article, we’ll look into how AD objects can be located in detail.

Locating Active Directory Objects 

Objects in AD can be traced using two methods.

1. The DSquery command-line tool

2. The Find dialogue box in Active Directory Users & Computers console

Let us look in detail at these two methods of locating Active Directory Objects.

How to locate an AD object

The DSquery Command Line Tool 

DSquery is a directory service search command-line tool. It can be used with the appropriate parameters to search objects in Active Directory. The following is a list of various parameters that can be used with Dsquery and their purpose.

  • DSquery user – To find a user
  • DSquery contact –To find a contact
  • DSquery group – To find a group
  • DSquery computer – To find a computer
  • DSquery OU – To find an OU
  • DSquery site – To find a site
  • DSquery subnet – To find a subnet
  • DSquery server – To find a server
  • DSquery partition – To find partition objects
  • DSquery quota – To find quota specifications

DSquery – To find any object using a generic LDAP query.

DSQuery to locate OU in Active Directory
Dsquery to locate OUs.

The figure above shows the resultant set for a Dsquery to locate OUs.

 The Find box in Active Directory Users & Computers  

Alternatively, you can also use the Find dialogue box from Active Directory Users and Computers (ADUC). Listed below are the steps you can follow to use the Find dialogue box.

  • Start ->Administrative Tools ->Active Directory Users and Computers.
  • In the ADUC console tree, right-click the container object in which the search should be made.
  • Click on Find from the shortcut menu.
  • The Find dialog box appears within which you should choose the object type to be searched and the container on which the search should be carried out.
The Find Wizard to locate Active Directory Objects
The Find Wizard to locate Active Directory Objects
  • Additionally, you can use the Advanced tab to streamline the search.
  • Clicking on the Advanced tab will pop a dialogue box as shown below.
Advanced Search tab to locate Active Directory Objects
Advanced Search tab to locate Active Directory Objects
  • Choose the attribute to search in the field list box.
  • Use the Conditions drop down list box to refine your search.
  • Value for the conditional search can be given in the Value box
  • Use the Add button to add more conditions to the search.
  • Finally, click on Find. The search results will be displayed from which you can identify the object.

People also read

Creating objects in Active Directory

AD object classification

Ownership of objects in Active Directory

Related posts
Active Directory Objects

Active Directory User properties – General tab

Active Directory Objects

AD computer object security tab

Active Directory Objects

Active Directory Computer Objects Tabs

Active Directory Objects

Active Directory Computer Object Management

Leave a Reply

Your email address will not be published. Required fields are marked *