Using the excellent (and free) ADFind utility to search Windows Active Directory

While not scripting per say, there are many times when you just need to do a quick lookup or dump from your Windows Active Directory installation. You could write a script in vbscript, .NET, vb6, Java, PHP, and almost any other language, but save your time for something else.

ADFind available at Joeware.net provides a powerful commandline interface for Windows where you can run any LDAP query you can think of.

Here’s a sample…

AdFind.exe -s subtree -nodn -t 900 -csv -b “dc=corp,dc=com” -f “(&(objectCategory=person)(objectclass=contact)(mail=*))” displayname mail >contacts_displaynames.csv

Running this against your AD will provide you with a nice comma-separated dump of all your Contact object’s displaynamesa and primary e-mail address’. As you can see you can use ADFind to point to a particular BaseDN (-b) and run any LDAP query (-f), along with dumping your choice of properties. The “>contacts_displaynames.csv” piece is a DOS command to dump the results to a new file.

Some more examples…

Dump Global Security Groups
AdFind.exe -s subtree -t 900 -b “dc=corp,dc=com” -nodn -csv -bit -f “(&(objectcategory=group)
(grouptype:1.2.840.113556.1.4.803:=2147483650))”
name samaccountname >global_security_groups.csv

Count of Global Security Groups
AdFind.exe -s subtree -t 900 -b “dc=corp,dc=com” -bit -c -f “(&(objectcategory=group)
(grouptype:1.2.840.113556.1.4.803:=2147483650))”

Find the SidHistory of an object
AdFind.exe -s subtree -nodn -t 900 -csv -b “dc=corp,dc=com” -f “(&(objectCategory=person)(samaccountname=myuserid))” objectsid SidHistory

Search by Primary E-Mail address
AdFind.exe -s subtree -nodn -t 900 -b “dc=corp,dc=com” -f “(&(objectcategory=person)(mail=my.mail@corp.com))” displayname samaccountname