Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / Active Directory / Searching AD Groups, Users, and Computers using Wildcards

March 15, 2024

Searching AD Groups, Users, and Computers using Wildcards

The task of searching for objects in Active Directory (users, groups, or computers) by name using some pattern, regular expression, or wildcard is not as obvious as it seems. The matter is that by default the standard ADUC (Active Directory  Users and Computers) snap-in doesn’t allow to use of wildcards in the beginning or the middle of a search phrase.

For example, you want to search in Active Directory for all groups that contain the keyword “SQL” in their name. If you open the AD search console (Find User, Contacts, and Groups) in ADUC and perform a basic search for the SQL keyword, you will most likely not be happy with the results. ADUC will display only groups and users with the specified keyword at the beginning of their name. The rest of the objects with the keyword sql will not be found. Searching on the *sql* pattern will also give no results (wildcards just don’t work).

search active directory from ADUC console

You can quickly open the Active Directory search form using the command:

%SystemRoot%\SYSTEM32\rundll32.exe dsquery,OpenQueryWindow

Contents:
  • How to Find Active Directory Users or Groups with ADUC
  • Searching Computers in Active Directory
  • How to Find Active Directory Groups, Users, or Computers Using PowerShell

How to Find Active Directory Users or Groups with ADUC

You can find the objects you need in the graphical ADUC console (dsa.msc) using simple LDAP queries.

  1. To do it, open the Find menu, and select Custom Search in the dropdown list;
  2. Go to the Advanced tab;
  3. Type name=*sql* in the Enter LDAP query field.
Note. This LDAP query defines that you want to find all AD objects that contain sql keyword in their name. To do this, use the wildcard character * on both sides.

If you only want to search for AD group objects, use the following LDAP query.

(&(objectcategory=group)(name=*sql*))

search Active Directory object using wildcard LDAP filter

As you can see, all types of AD objects (groups, computers, users, gMSA service accounts) were found using this LDAP query.

You can use advanced filters in the AD Search console. To do this, enable the Filter option in the View menu and use advanced filters to refine your search.

advanced filtering in active directory search results

If you are using the Active Directory Administrative Center (dsac.exe) console for searching AD objects, you can also use LDAP queries for searches. Select Global Search and switch to Convert to LDAP mode. Enter your query in the LDAP query field.

global search in Active Directory Administrative Center

Tip. In some cases, it is convenient to use saved LDAP queries in the Active Directory console to find objects.

Searching Computers in Active Directory

To search for computers and servers in Active Directory by an exact match, select Computers in the Find field and specify the name of the computer to search for.

active directory computer searching

If you need to find computers in AD using a wildcard, you need to use such an LDAP query in the Custom Search -> Advanced section of ADUC.

(&(objectcategory=computer)(name=*sql*))

How to Find Active Directory Groups, Users, or Computers Using PowerShell

You can also use the ActiveDirectory PowerShell module to find objects in AD. You can use the appropriate cmdlet to search Active Directory for a specific type of object.

  • Get-ADGroup – group search
  • Get-ADUser – user search
  • Get-ADComputer – searching for computers

First, you need to import the PowerShell module:

Import-Module ActiveDirectory

To search for groups in AD using a wildcard, you can use the following PowerShell command:

Get-ADGroup -Filter {name -like "*sql*"} -Properties Description,info | Select Name,samaccountname,Description,info | Sort Name

powershell search ad groups wildcard

Similarly, you can search by computer name or username:

Get-ADUser -Filter {name -like "*sql*"}
Get-ADComputer -Filter {name -like "*sql*"}

If you want to perform a global search across all types of AD objects, use the Get-ADObject cmdlet:

Get-ADObject -Filter {name -like "*sql*"} –Properties * | select sAMAccountName, ObjectClass, userPrincipalName, DisplayName, Description | FT

As you can see, the command returned all object classes in AD: computer, user, group, msDS-GroupManagedServiceAccount.

Get-ADObject search in active directory objects

You can use the LDAP filter directly in the Get-ADObject command (I also added a search scope using the SearchBase option):

Get-ADObject -LdapFilter "(&(objectCategory=person)(objectClass=user)(cn=*sql*))" -SearchBase "OU=DE,DC=woshub,DC=com"

You can use the dedicated Search-ADAccount cmdlet to find disabled, inactive users or computers.

If you need to find all AD Group Managed Service Accounts (MSA and gMSA), use the command:

Get-ADServiceAccount -Filter {name -like "*sql*"}

I hope these easy ways will make it easier for you to find objects in Active Directory.

0 comment
7
Facebook Twitter Google + Pinterest
Active DirectoryPowerShell
previous post
Run a Script (Program) When a Specific Program Opens/Closes in Windows
next post
Checking Hard Drive Health (SMART) in Windows

Related Reading

How to Refresh (Update) Group Policy Settings on...

August 13, 2024

Configuring Windows Firewall Rules Using Group Policy

March 15, 2024

Repairing the Domain Trust Relationship Between Workstation and...

May 16, 2024

Updating Group Policy Administrative Templates (ADMX)

January 24, 2025

Checking Active Directory Domain Controller Health and Replication

May 15, 2025

Troubleshooting: Group Policy (GPO) Not Being Applied to...

March 15, 2024

Configuring Password Policy in Active Directory Domain

March 12, 2024

Display System Info on Desktop with BGInfo

February 6, 2025

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025
  • AD Domain Join: Computer Account Re-use Blocked

    March 11, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • Configure Google Chrome Settings with Group Policy
  • Get-ADUser: Find Active Directory User Info with PowerShell
  • How to Find the Source of Account Lockouts in Active Directory
  • How to Disable or Enable USB Drives in Windows using Group Policy
  • Get-ADComputer: Find Computer Properties in Active Directory with PowerShell
  • Configuring Proxy Settings on Windows Using Group Policy Preferences
  • Adding Domain Users to the Local Administrators Group in Windows
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top