5.2. Enumerating the OUs in a Domain

Problem

You want to enumerate all containers and OUs in a domain, which effectively displays the structure of the domain.

Solution

Using a graphical user interface

  1. Open the Active Directory Users and Computers snap-in.

  2. If you need to change domains, right-click on “Active Directory Users and Computers” in the left pane, select Connect to Domain, enter the domain name, and click OK.

  3. In the left pane, you can browse the directory structure.

Using a command-line interface

The following command will enumerate all OUs in the domain of the user running the command.

> dsquery ou domainroot

Using VBScript

' This code recursively displays all container and organizationalUnit
' objects under a specified base.  Using "" for the second parameter means
' that there will be no indention for the first level of objects displayed.
DisplayObjects "LDAP://<DomainDN>", ""

' DisplayObjects takes the ADsPath of the object to display 
' child objects for and the number of spaces (indention) to
' use when printing the first parameter
Function DisplayObjects( strADsPath, strSpace)
   set objObject = GetObject(strADsPath)
   Wscript.Echo strSpace & strADsPath
   objObject.Filter = Array("container","organizationalUnit")
   for each objChildObject in objObject
      DisplayObjects objChildObject.ADsPath, strSpace & " "
   next 
End Function

Discussion

Using a graphical user interface

If you want to expand all containers and OUs within an OU, you have to manually expand each one within ADUC; there is no ...

Get Active Directory Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial