Skip to main content

How to Search Active Directory for a Computer by Name in Batch Script

In a large enterprise network with thousands of machines, finding the exact location (OU) of a specific computer can be a needle-in-a-haystack task. For IT administrators, being able to search for a computer by its name via a Batch script is essential for troubleshooting Group Policy issues, verifying if a machine was correctly joined to the domain, or finding its Distinguished Name (DN) for remote management. Using the dsquery utility, you can locate any machine object instantly.

This guide explains how to search for computers using Batch.

Why Search for Computers by Name?

  • Identity Resolution: Finding the full DN (path) of a computer so you can move it to a different OU or apply a specific administrative command.
  • Join Verification: Confirming that a machine named "WS-TEST-01" was successfully added to the domain during an automated imaging process.
  • Inventory Auditing: Searching for computers that follow a specific naming convention (e.g., NYC-*) to generate a geographical equipment report.
Tool Availability

The dsquery command is part of the Remote Server Administration Tools (RSAT). It must be installed on your workstation to search your domain from the command line.

Method 1: Using DSQUERY (The Standard Way)

The dsquery computer command has a built-in -name flag that supports wildcards (*).

@echo off
setlocal

:: Check for RSAT tools
where dsquery >nul 2>&1
if %errorlevel% neq 0 (
    echo [ERROR] dsquery.exe not found. Install RSAT tools first.
    echo [HELP] Settings ^> Apps ^> Optional Features ^> Add RSAT
    pause
    exit /b 1
)

set /p "SEARCH_NAME=Enter computer name to search for: "

if "%SEARCH_NAME%"=="" (
    echo [ERROR] No name entered.
    pause
    exit /b 1
)

echo [PROCESS] Searching for computer: "%SEARCH_NAME%"...
echo.

:: This will return the full DN if found
set "FOUND="
for /f "tokens=*" %%d in ('dsquery computer -name "%SEARCH_NAME%" 2^>nul') do (
    echo   %%d
    set "FOUND=1"
)

if not defined FOUND (
    echo [INFO] No computer matching "%SEARCH_NAME%" was found.
    echo [TIP] Try a wildcard search: "%SEARCH_NAME%*"
)
pause

Method 2: Wildcard Searches for Groups of Machines

If you only know part of the name (e.g., "all computers in the HR department whose names start with HR-WS"), you can use a wildcard.

@echo off
setlocal EnableDelayedExpansion

set /p "PREFIX=Enter name prefix (e.g., HR-WS): "

if "%PREFIX%"=="" (
    echo [ERROR] No prefix entered.
    pause
    exit /b 1
)

echo [PROCESS] Finding all "%PREFIX%*" computers...
echo.

:: The * acts as a greedy matcher
set "COUNT=0"
for /f "tokens=*" %%c in ('dsquery computer -name "%PREFIX%*" 2^>nul') do (
    echo   %%c
    set /a "COUNT+=1"
)

echo.
if !COUNT! equ 0 (
    echo [INFO] No computers found matching "%PREFIX%*".
) else (
    echo [INFO] Found !COUNT! matching computer(s^).
)
pause

Creating a Computer Location & Info Tool

This professional script takes a computer name, finds its location in the domain, and displays its description and operating system info.

@echo off
setlocal EnableDelayedExpansion

echo ============================================================
echo   Active Directory Machine Search Tool
echo ============================================================

:: Check for RSAT tools
where dsquery >nul 2>&1
if %errorlevel% neq 0 (
    echo [ERROR] RSAT tools not found.
    pause
    exit /b 1
)

set /p "TARGET=Enter computer name (e.g., PC-88): "

if "!TARGET!"=="" (
    echo [ERROR] No name entered.
    pause
    exit /b 1
)

:: 1. Search for the object (support both exact and wildcard)
echo.
echo [PROCESS] Searching Active Directory for "!TARGET!"...

set "DN="
set "MATCH_COUNT=0"
for /f "tokens=*" %%a in ('dsquery computer -name "!TARGET!" 2^>nul') do (
    set "DN=%%a"
    set /a "MATCH_COUNT+=1"
)

:: 2. Handle results
if !MATCH_COUNT! equ 0 (
    echo [FAIL] No computer matching "!TARGET!" was found.
    echo.
    echo [TIP] Try a wildcard search: "!TARGET!*"
    echo       Or verify the name in the AD console.
    echo ============================================================
    pause
    exit /b 1
)

if !MATCH_COUNT! gtr 1 (
    echo [INFO] Multiple matches found (!MATCH_COUNT! computers^):
    echo.
    for /f "tokens=*" %%a in ('dsquery computer -name "!TARGET!" 2^>nul') do echo   %%a
    echo.
    echo [NOTE] Showing details for the last match only.
    echo        Use a more specific name for a single result.
)

:: 3. Display details
echo.
echo [FOUND] Distinguished Name:
echo   !DN!
echo.
echo [DETAILS]
dsget computer !DN! -desc -os -disabled 2>nul | findstr /v /i /c:"dsget succeeded"

:: 4. Show usage examples
echo.
echo [USAGE] You can now use this DN with AD commands:
echo   dsmove !DN! -newparent "OU=Target,DC=Domain,DC=com"
echo   dsmod computer !DN! -desc "New description"

echo ============================================================
pause

Common Pitfalls and How to Avoid Them

Multiple Results

If you use a wildcard and it matches 10 computers, dsquery will return 10 lines. If your script captures results using a simple set, only the last name in the list will be saved.

Solution: Always use a FOR loop to iterate through every result found by the search.

SamAccountName vs Name

Note that a computer's "Name" (what you see in AD) and its samAccountName (what the network uses, which always ends with a $) can occasionally be different if the machine was renamed improperly.

SEO and UX Tip

Advise your users that for the most accurate search results, they should always search by -name as it matches the "Common Name" (CN) displayed in the Active Directory management console.

Best Practices for Computer Identification

  1. Use Wildcards for Prefixes: If your company prefixes machines by office (e.g., LON- for London), searching for LON-* is a great way to audit regional hardware.
  2. Combine with Remote Management: Once your script finds the computer name, pass it to a remote management tool or a PsExec command to perform remote troubleshooting.
  3. Audit the Description: Many admins store the last-assigned user's name in the "Description" field. Use dsget computer <DN> -desc to find out who most likely has that machine right now.
Domain Connectivity

Searching Active Directory requires an active connection to your company's network. If your search fails intermittently, check your DNS settings and ensure the Domain Controller is reachable.

Conclusion

Searching for computers by name via Batch script is an essential task for any enterprise-grade IT professional. By leveraging the dsquery and dsget utilities to programmatically resolve names into full directory paths and metadata, you can dramatically speed up your troubleshooting and inventory workflows. This professional approach to system identification ensures that your organization's technology assets are always findable and manageable, providing a robust foundation for your remote administration and automation across the entire Windows domain.

Table of Contents