JSI Tip 7336. How do I retrieve a user's distinguished name by using their User Principal Name (UPN)?

The glossary defines User Principal Name as:

A user account name (sometimes referred to as the user logon name) and a domain name identifying the domain in which the user account is located. This is the standard usage for logging on to a Windows domain. The format is: [email protected] (as for an e-mail address).

Using dsquery, I have scripted GetDNbyUPN.bat to return the distinguished name (DN) of a user, by using their UPN, like [email protected], or "%UserName%@%USERDNSDOMAIN%".

The syntax for using GetDNbyUPN.bat is:

call GetDNbyUPN UPN DN

where DN is a call directed environment variable that will contain the DN of the UPN. If the UPN is NOT found, DN will be set to N.

GetDNbyUPN.bat contains:

@echo off
if \{%2\}==\{\} @echo Syntax: GetDNbyUPN UPN DN&goto :EOF
set dn=N
for /f "Tokens=*" %%u in ('dsquery user -upn %1') do set dn=%%u
endlocal&set %2=%dn%
NOTE: See How do I retrieve the distinguished name of a user?

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.