Latest posts by Wolfgang Sommergut (see all)
- Solution for "The requested certificate template is not supported by this CA" - Wed, Nov 20 2019
- Windows 10 1909: The most important changes for professional users - Mon, Nov 18 2019
- Virtualize user profiles with Microsoft's FSLogix Profile Container - Wed, Nov 6 2019
Say you want to find out which computers will be affected if you link a GPO to a certain OU. You could run the following dsquery command:
dsquery computer "OU=IT,DC=contoso,DC=com" -o rdn
The result would be a list of computer names. If you omit the -o switch with the rdn value, you receive a list of Distinguished Names.
If you need further properties in addition to the name, or if you want to add a filter to the query, the Get-ADcomputer cmdlet is helpful. Like its counterpart Get-ADUser (which allows you to read user objects), you have to pass either the object name or a filter as parameter. If you want to display all computers, you can use -Filter with a wildcard:
Get-ADComputer -Filter *
As usual, you can add conditional statements to the filter to restrict the output. The following example would display all Windows 8.1 PCs provided you named the computers accordingly:
Get-ADComputer -Filter "Name -like 'Win81*'"
To limit the query to a particular OU, you need the additional parameter -SearchBase:
Get-ADComputer -Filter * -SearchBase "OU=IT, DC=contoso, DC=com"
The search in a particular group follows a similar pattern:
Get-ADComputer -Filter * -SearchBase "CN=Workstations, DC=contoso, DC=com"
If you want to list not only the default computer object attributes, you have to add -Properties * to the command.