Problem solve Get help with specific problems with your technologies, process and projects.

In search of...Windows XP

The trick to searching the Active Directory through Windows XP is exploiting a Dynamic Link Library (DLL) file, as this tip explains.

Please let us know how useful you find this tip by rating it below. Do you have a useful Windows tip, timesaver or workaround to share? Submit it to our tip contest and you could win a prize!

I've always thought that it was a little weird that Windows 2000 Professional is designed to be able to search the Active Directory, but that Active Directory search functionality was removed from Windows XP.

Although an Active Directory Search function is not readily available through the Windows XP GUI, it does exist.

The trick to searching the Active Directory through Windows XP is exploiting a Dynamic Link Library (DLL) file, which avoids repetitive code.

For example, almost every program contains an Open command on the File menu. If you don't know the name of the file that you are looking for, you have the option of clicking a Browse button to search for the file on your hard drive or on a network drive.

Although I am not much of a programmer, I would be shocked if this browse functionality were not based on a DLL file or something similar. Otherwise, any time some one wrote a Windows application containing a file open function, he or she would have to code the browse function as well. If that were the case, you would see the browse function left out of a lot of low-end programs. You would also see the browse function implemented slightly differently for each application. As it is, though, the browse function is implemented uniformly across any application that chooses to include it because the applications are using shared code.

What does this have to do with being able to search the Active Directory? Applications query the Active Directory all the time. The ability to query the Active Directory is built into the Windows XP operating system in the form of DLL files. The trick is exploiting the DLL files to allow a user to perform an Active Directory query.

You can accomplish this by using another operating system component named RUNDLL32.EXE. Remember that although a DLL file does contain a module of code, a DLL file is not executable by itself. The RUNDLL32.EXE program is a helper application that allows you to execute a DLL.

To be a bit more precise, you don't execute a DLL file. Instead, you execute functions within a DLL file. Most DLL files contain multiple functions, so it is important to specify which function or functions that you want to execute.

Now that you know how DLLs work, let's take a look at the syntax for the command that you will use to initiate an Active Directory query. The command, which is case sensitive, is:

rundll32 dsquery,OpenQueryWindow

DSQUERY is the name of the DLL file, and OpenQueryWindow is the name of the function that you are calling. As the function name implies, executing this command will open a Window that you can use to look up various objects within the Active Directory.

Although this command is usually executed from the Run prompt, you can add the command to a batch file. You can then create a desktop shortcut for the batch file, which will let you query the Active Directory with a click of the mouse.

Editor's Note: If you would like to receive similar tips on how to manage Windows as well as other expert advice, be sure to subscribe to The Administrator Tip newsletter. Sign up now!

Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at

Dig Deeper on Windows legacy operating systems

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.