18 May, 2012

What Got Created In My Active Directory

NTDS.DIT is the home for all the objects in Active Directory. But do we know who all live in that home... Or which all members have been recently added in that home?

The answer is Yes.... There is a way to know which all objects are there in NTDS.SIT or which all objects were added in NTDS.DIT after a certain date

The Command

dsquery * -filter "(whenCreated>=20120420000000.0Z)" -limit 10000 >abc.txt

20120420000000 : Date after which the Objects which were created in AD will be displayed
                             : 2012 04 20 --> 20th April 2012

Lets go back further.... Lets make it 20120202 (02nd Feb 2012)

Wow... So many objects in NTDS.DIT... (Must be a big house :))