Active Directory toolbox


This article demonstrates how to use the tools for AD testing and troubleshooting, from the perspective of AD use with Aspera products (Enterprise Server, Faspex, etc).


  • Operating System: Windows


These commands need to be executed from a Windows computer that is member of the domain and logged in as a domain user (doesn't have to be a domain administrator in normal cases).

Find a user's DN

dsquery user -name "luke"
dsquery group -name "Aspera Users"


Find a user/group SID

dsquery user -name "luke"  |  dsget user -sid
dsquery group -name "Aspera Users"  | dsget group -sid
  • Other attributes:  -email


Find groups a user is a member of

dsquery user -name "luke"  |  dsget user -memberof -expand
  • -expand (shows the "expanded" list of groups)


Find members of a group

dsquery group -name "Aspera Users" |  dsget group -members -expand
  • -expand (shows the "expanded" list of members)

Check user login

runas  /user:king\luke  cmd   


Then in the new cmd run:

 whoami /ALL 

then exit.

