Home XP Commands
XP Syntax

DSMOD.exe (Windows XP)

Modify active directory object.

Syntax
   DSMOD computer Computer_DN options
   DSMOD contact ContactDN options
   DSMOD group   GroupDN  options
   DSMOD ou      OU_DN   Organizational_unit_options
   DSMOD server  ServerDN Domain_controller_options
   DSMOD user    User_DN  User_options
   DSMOD quota   QuotaDN  Quota_options
   DSMOD partition PartitionDN Partition_options

Key
DN=Distinguished Name(s)
OU=Organisational Unit
Pretty much all the attributes can be modified (Name, display name, tel number etc)
run the command with /? for a full list
e.g
  DSMOD USER /?

Commas
Commas must be escaped with the backslash \ character
(other than separators in distinguished names)
e.g.
"CN=Company\, Inc.,CN=Users,DC=ss64,DC=com"

Backslashes
Backslashes used in distinguished names must be escaped with a backslash
(for example,
"CN=Sales\\ Latin America,OU=Distribution Lists,DC=ss64,DC=com").

Redirection
You can pipe results from DSQUERY into DSMOD in order to modify an object.
e.g. To find all users in the Marketing OU (organizational unit) and add them to the Sales group: 

DSQUERY user –startnode "ou=Marketing,dc=SS64,dc=com" | DSMOD group "cn=Sales,ou=Marketing,dc=SS64,dc=com" -addmbr

Spaces
If any value contains spaces, use quotation marks:

   "CN=John Smith,CN=Users,DC=SS64,DC=com"

Special Tokens
The token $username$ (case insensitive) may be used to place the SAM account name.
Entering * as a password will cause DSMOD to prompt for the new password.

For any DS command you can enter multiple values separated by spaces.
e.g. to modify several user accounts at once just supply a list of the distinguished names separated with spaces.

"For a list of all the ways technology has failed to improve the quality of life, press three". - Alice Kahn

Related commands:
dsadd - add object
dsget - display object
dsmove - move object
dsquery - find object
dsrm - delete object
CSVDE - Import or export AD info in CSV format.
LDIFDE - Edit AD Objects, extend schema, import or export AD information.

Equivalent Linux BASH commands:

ldapmodify - Modify Lightweight Directory Access Protocol


Back to the Top

Simon Sheppard
 SS64.com