Latest posts by Wolfgang Sommergut (see all)
- Install an SSL certificate in Windows Admin Center - Tue, Sep 17 2019
- Feature update for Windows 10 failed: find blocking components - Tue, Sep 3 2019
- Hands-on review of Microsoft Edge (Chromium) business features: GPO support, IE mode, offline installer - Mon, Jul 29 2019
Say you want to find out which computers will be affected if you link a GPO to a certain OU. You could run the following dsquery command:
dsquery computer "OU=IT,DC=contoso,DC=com" -o rdn
The result would be a list of computer names. If you omit the -o switch with the rdn value, you receive a list of Distinguished Names.
If you need further properties in addition to the name, or if you want to add a filter to the query, the Get-ADcomputer cmdlet is helpful. Like its counterpart Get-ADUser (which allows you to read user objects), you have to pass either the object name or a filter as parameter. If you want to display all computers, you can use -Filter with a wildcard:
Get-ADComputer -Filter *
As usual, you can add conditional statements to the filter to restrict the output. The following example would display all Windows 8.1 PCs provided you named the computers accordingly:
Get-ADComputer -Filter "Name -like 'Win81*'"
To limit the query to a particular OU, you need the additional parameter -SearchBase:
Get-ADComputer -Filter * -SearchBase "OU=IT, DC=contoso, DC=com"
The search in a particular group follows a similar pattern:
Get-ADComputer -Filter * -SearchBase "CN=Workstations, DC=contoso, DC=com"
If you want to list not only the default computer object attributes, you have to add -Properties * to the command.