There are normally many ways to accopmlished task. This tip presents 3 scripts to convert a user name (sAMAccountName) to a distinguished name (distinguishedName).
The three methods used are:
DSQuery
DSQuery is an Active Directory command-line tool.
NOTE: See tip 7714 » What attribute names can I use with the user filtered dsquery command?
NOTE: See tip 7992 » How do I know what attribute names to use when performing a 'DSQUERY *'?
I have scripted SAMID2DN.bat to convert a user's sAMAccountName to their distinguishedName.
The syntax for using SAMID2DN.bat is:
call SAMID2DN UserName
Where UserName is the NetBIOS user name, like Jerry. Wild cards are supported, so using J* will return the distinguished name of all users whose UserName starts with J. The output is displayed on the console, but can be redirected to a file, or processed in a FOR command.
SAMID2DN.bat contains:
@echo off if \{%1\}Back to the top\{\} @echo Syntax: SAMID2DN Samid &goto :EOF setlocal ENABLEDELAYEDEXPANSION set user=%1 set user=%user:"=% set qry=dsquery * domainroot -filter "(&(objectCategory=Person)(objectClass=User)(sAMAccountName=%user%))" -attr distinguishedName -L -limit 0 set dn=NONE for /f "Tokens=*" %%u in ('%qry%') do ( set dn=%%u @echo "!dn!" ) endlocal
ADFind
ADFind.exe freeware, I have scripted SAMID2DNadf.bat to convert a user's sAMAccountName to their distinguishedName.The syntax for using SAMID2DNadf.bat is:
call SAMID2DNadf UserName
Where UserName is the NetBIOS user name, like Jerry. Wild cards are supported, so using J* will return the distinguished name of all users whose UserName starts with J. The output is displayed on the console, but can be redirected to a file, or processed in a FOR command.
SAMID2DNadf.bat contains:
@echo off if \{%1\}\{\} @echo Syntax: SAMID2DNadf Samid &goto :EOF setlocal ENABLEDELAYEDEXPANSION set user=%1 set user=%user:"=% set qry=adfind -default -f "&(objectcategory=person)(samaccountname=%user%)" -ps 1000 -nodn -noctl set dn=NONE for /f "Tokens=*" %%u in ('%qry%^|findstr /b /l /c:">distinguishedName: "') do ( set dn=%%u set dn=!dn:^>distinguishedName: =! @echo "!dn!" ) endlocalBack to the top
NameTranslate
Richard Mueller describes NameTranslate, the IADsNameTranslate interface, which can be used to convert the names of Active Directory objects from one format to another: