5.2.1 ProblemYou want to enumerate all containers and OUs in a domain, which effectively displays the structure of the domain. 5.2.2 Solution5.2.2.1 Using a graphical user interface
5.2.2.2 Using a command-line interfaceThe following command will enumerate all OUs in the domain of the user running the command. > dsquery ou domainroot 5.2.2.3 Using VBScript' This code recursively displays all container and organizationalUnit ' objects under a specified base. Using "" for the second parameter means ' that there will be no indention for the first level of objects displayed. DisplayObjects "LDAP://<DomainDN>", "" ' DisplayObjects takes the ADsPath of the object to display ' child objects for and the number of spaces (indention) to ' use when printing the first parameter Function DisplayObjects( strADsPath, strSpace) set objObject = GetObject(strADsPath) Wscript.Echo strSpace & strADsPath objObject.Filter = Array("container","organizationalUnit") for each objChildObject in objObject DisplayObjects objChildObject.ADsPath, strSpace & " " next End Function 5.2.3 Discussion5.2.3.1 Using a graphical user interfaceIf you want to expand all containers and OUs within an OU, you have to manually expand each one within ADUC; there is no "expand all" option. 5.2.3.2 Using a command-line interfaceTo enumerate both OUs and containers, you have to a use a more generic dsquery command. The following command will display all containers and OUs in the domain of the user running the command: > dsquery * domainroot -filter "(|(objectcategory=container)(objectcategory=organizationalunit))" -scope subtree -limit 0 5.2.3.3 Using VBScriptWhen iterating over the contents of an OU using a for each loop, paging will be enabled so that all child objects will be returned (instead of only 1,000 per the administrative limit). In order to display all child container objects regardless of depth, I used a recursive function called DisplayObjects. |