Latest posts by Wolfgang Sommergut (see all)
- Migrate a WSUS database from WID to SQL Server - Mon, Jan 13 2020
- Audit changes in the Windows registry - Wed, Jan 8 2020
- Move WSUS database and content (updates) to a different drive or folder - Wed, Dec 11 2019
Say you want to find out which computers will be affected if you link a GPO to a certain OU. You could run the following dsquery command:
dsquery computer "OU=IT,DC=contoso,DC=com" -o rdn
The result would be a list of computer names. If you omit the -o switch with the rdn value, you receive a list of Distinguished Names.
If you need further properties in addition to the name, or if you want to add a filter to the query, the Get-ADcomputer cmdlet is helpful. Like its counterpart Get-ADUser (which allows you to read user objects), you have to pass either the object name or a filter as parameter. If you want to display all computers, you can use -Filter with a wildcard:
Get-ADComputer -Filter *
As usual, you can add conditional statements to the filter to restrict the output. The following example would display all Windows 8.1 PCs provided you named the computers accordingly:
Get-ADComputer -Filter "Name -like 'Win81*'"
To limit the query to a particular OU, you need the additional parameter -SearchBase:
Get-ADComputer -Filter * -SearchBase "OU=IT, DC=contoso, DC=com"
The search in a particular group follows a similar pattern:
Get-ADComputer -Filter * -SearchBase "CN=Workstations, DC=contoso, DC=com"
If you want to list not only the default computer object attributes, you have to add -Properties * to the command.