In an earlier tip, I introduced DSQUERY, an Active Directory command-line tool.

In Tip 7714, What attribute names can I use with the user filtered dsquery command, I introduced the DSQUERY * form of the query, which has the following syntax:

Syntax:     dsquery * \[\{<startnode> | forestroot | domainroot\}\]
            \[-scope \{subtree | onelevel | base\}\] \[-filter <ldapfilter>\]
            \[-attr \{<attrlist> | *\}\] \[-attrsonly\] \[-l\]
            \[\{-s <server> | -d <domain>\}\] \[-u <username>\]
            \[-p \{<password> | *\}\] \[-q\] \[-r\] \[-gc\]
            \[\{-uc | -uco | -uci\}\]</password></username></domain></server></attrlist></ldapfilter></startnode>
The following table shows the DSQUERY * equivalent for the standard DSQUERY Types:

DSQUERY Type          Equivalent
Computer dsquery * domainroot -filter "(&(objectCategory=Computer)(objectClass=Computer)(<Optional Filter>))" -attr <AttrList> -Limit 0
Contact dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=contact)(<Optional Filter>))" -attr <AttrList> -Limit 0
Subnet dsquery * forestroot -filter "(&(objectClass=subnet)(<Optional Filter>))" -attr <AttrList> -Limit 0
Group dsquery * domainroot -filter "(&(objectCategory=Group)(objectClass=group)(<Optional Filter>))" -attr <AttrList> -Limit 0
OU dsquery * domainroot -filter "(&(objectCategory=Organizational-Unit)(objectClass=organizationalUnit)(<Optional Filter>))" -attr <AttrList> -Limit 0
Site dsquery * forestroot -filter "(&(objectClass=site)(<Optional Filter>))" -attr <AttrList> -Limit 0
Server dsquery * forestroot -filter "(&(objectClass=server)(<Optional Filter>))" -attr <AttrList> -Limit 0
User dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(<Optional Filter>))" -attr <AttrList> -Limit 0
quota dsquery * domainroot -filter "(&(objectClass=quota)(<Optional Filter>))" -attr <AttrList> -Limit 0
partition dsquery * forestroot -filter "(&(objectClass=dMD)(<Optional Filter>))" -attr <AttrList> -Limit 0

The names in <AttrList> and <Optional Filter> that you can use vary by DSQUERY Type.

I have scripted DSQuery_Attributes.bat, to display the unique attributes that YOU have maintained in the Active Directory for a specified DSQUERY Type, and the  ObjectClass data values for that DSQUERY Type.

NOTE: Prior to running DSQuery_Attributes.bat, you might want to use the appropriate MMC Snap-in to create a dummy object, and use the GUI to set data into every possible field.

The syntax for using DSQuery_Attributes.bat is:

DSQuery_Attributes \[computer|contact|subnet|group|ou|site|server|user|quota|partition\] \[computer|contact|subnet|group|ou|site|server|user|quota|partition\]

Example

To generate a DSQuery_computer.txt file, a DSQuery_server.txt file,  and a DSQuery_ou.txt file in the current directory, run:

DSQuery_Attributes computer server ou

Using the information from the DSQuery_computer.txt file, you could create a filtered query  that returns only those computers that have a description, showing their distinguishedName, dNSHostName, description, and whenCreated:

<font size="-1"><b>dsquery * domainroot -filter "(&(objectClass=Computer)(description=*))" -attr distinguishedname dNSHostName description whenCreated -limit 0</b></font> Using information from a DSQuery_group.txt file, you could create an unfiltered query to show all groups, using their sAMAccountName and description:

<font size="-1"><b>dsquery * domainroot -filter "(&(objectClass=group))" -attr sAMAccountName description -limit 0</b></font> DSQuery_Attributes.bat contains:
@echo off
<font size="-1">If \{%1\}<h1><a name="_echo_Syntax_DSQuery_Attributes_computer_contact_subnet_group_ou_site_server_user_quota_partition_amp_exit_b_0_font_setlocal_loop_if_1_">\{\} @echo Syntax: DSQuery_Attributes \[computer^|contact^|subnet^|group^|ou^|site^|server^|user^|quota^|partition\]&exit /b 0</a></h1></font>
setlocal
:loop
if \{%1\}\{\} goto finish
set param=%1
shift
if exist DSQuery_%param%.txt del /q DSQuery_%param%.txt
if exist "%TEMP%\dsquery_%param%.tm1" del /q "%TEMP%\dsquery_%param%.tm1"
<font size="-1">for /f "Tokens=*" %%a in ('dsquery %param%') do (
 for /f "Tokens=1* Delims=:" %%b in ('dsquery * forestroot -filter "(&(distinguishedName="%%a"))" -attr * -limit 0') do (
  call :Object %%b "%%c"
 )
)</font>
if not exist "%TEMP%\dsquery_%param%.tm1" @echo NONE>"%TEMP%\dsquery_%param%.tm1"
sort "%TEMP%\dsquery_%param%.tm1" /o "%TEMP%\dsquery_%param%.tm2"
for /f "Tokens=*" %%d in ('type "%TEMP%\dsquery_%param%.tm2"') do (
 call :dups %%d
)
if exist "%TEMP%\dsquery_%param%.tm1" del /q "%TEMP%\dsquery_%param%.tm1"
if exist "%TEMP%\dsquery_%param%.tm2" del /q "%TEMP%\dsquery_%param%.tm2"
goto loop
:finish
endlocal
exit /b 0
:dups
if "%prev%" EQU "%1" goto :EOF
@echo %1>>DSQuery_%param%.txt
set prev=%1
goto :EOF
:Object
if /i "%1" EQU "ObjectClass" goto Objects
@echo %1>>"%TEMP%\dsquery_%param%.tm1"
goto :EOF
:Objects
set objectdata=%2
set objectdata=%objectdata:" =%
set objectdata=%objectdata:"=%
if /i "%objectdata%" EQU "top" goto :EOF
@echo %1:%objectdata%>>"%TEMP%\dsquery_%param%.tm1"