'); } ?>

Active Directory Command-Line Tools-netdom,dsquery,gpupdate and more

windows server active directory tools

In this post I will be showing some of the more commonly used tools via command line administration of active directory domain services. Many of the operations that can be performed with these command line tools can NOT be performed in a graphical environment, so their use is of great importance to the administration of the Windows server Active Directory (AD ) domain services.

1 – Quickly list all the groups in domain, along with members of the groups,  run this command:

dsquery group -limit 0 | gsget -members -expand

2 – Find all users that have set their account with a non-expiring password, run this command:

dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0

3 – Check Active Directory replication on a domain controller, with this command line:

repadmin /replsummary

4 – Force replication from a domain controller without Active Directory Sites and Services console, run this command:

repadmin /syncall

5 – List all FSMO ( Flexible Single Master Operations ) role holders in the forest, run this command:

netdom query fsmo

Tip: for more netdom command line tools look at this image:

netdom command line tool

6 – Refresh group policy settings, with this command:

gpupdate ( gpupdate /force  -  force updating group policy )

7 – See the account that you are logged on as, with this command:


8 – See what server authenticated you ( or you can see if you are logged on with cached credentials ), you can run one of the following commands:

set l

echo %logonserver%

9 – See what security groups you belomg to, with this command:

whoami /groups

10 – See the domain account policy ( password requirements, lockout duration, lockout thresholds, etc ) with this command:

net accounts

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>