LDAP_query_without_PowerShell

Posted onAuthorStormAdminLeave a comment

Snippet Name: LDAP_query_without_PowerShell

Tags:

Created Date: 2025-06-16 13:12:47
Last Modified Date: 2025-05-31 10:32:02

Dependencies:

DBA Notes:

Sample Output: 

Title: LDAP query without PowerShell
Author: user
if i am in an environment where powershell is blocked, but i want to do an LDAP query to find what groups my login Lowell.Izaguirre belongs to, how can i do that in a command window

Author: ChatGPT
If PowerShell is unavailable, you can use the **`dsquery`** and **`dsget`** commands (if you are on a system with the Active Directory Tools installed) or use a more generic LDAP query with **`ldapsearch`** (if you have a utility like that installed).

Here???s how you can do it from a command window:

---

### Using `dsquery` and `dsget`:
These tools are part of the **RSAT (Remote Server Administration Tools)**. If they are available, you can query Active Directory.

1. Open the command prompt.
2. Run the following command to find groups for your user:

   ```cmd
   dsquery user -name "Lowell.Izaguirre" | dsget user -memberof -expand
   ```

   - **`dsquery user -name "Lowell.Izaguirre"`**: Finds the user object by name.
   - **`dsget user -memberof -expand`**: Lists the groups the user is a member of, including nested groups.

---

### Using `ldapsearch`:
If you have access to the `ldapsearch` tool (common in environments using OpenLDAP or similar utilities):

1. Run a command similar to this:

   ```cmd
   ldapsearch -h <domain_controller> -x -b "dc=yourdomain,dc=com" -LLL "(sAMAccountName=Lowell.Izaguirre)" memberOf
   ```

   Replace:
   - `<domain_controller>` with the hostname or IP of your domain controller.
   - `yourdomain,dc=com` with your domain's DN (distinguished name).

   This will return all `memberOf` attributes for the user.

---

### Using `whoami` Command:
The `whoami` command can provide your direct group memberships but won't show nested groups.

1. Run this in the command prompt:

   ```cmd
   whoami /groups
   ```

   This lists all the groups you are a direct member of (and any groups you are assigned via policies or roles).

---

### If All Else Fails:
Contact your system administrator for assistance or try running the commands on a machine where PowerShell or LDAP utilities are enabled. If you need help automating this query in a different way, let me know!

Leave a Reply