Various DSQUERY commands

Find Hosts having a specified Service Principal Name
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Computer)(servicePrincipalName=*ALIASNAME*))" -attr cn

show intersite transports
dsquery * "CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=test,DC=com"
dsquery * "CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=test,DC=com" -attr cost cn description replInterval -q
dsquery * "CN=Subnets,CN=Sites,CN=Configuration,DC=test,DC=com" -attr cn Location SiteObject -qdsquery * forestroot -limit 500
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Computer)(objectClass=Computer)(operatingSystem=*server*))" -attr cn operatingSystem
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Group)(objectClass=Group)(cn=group*_suffix))" -attr member

Find disabled user accounts
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl=514))" -attr cn userAccountControl

Find user accounts that are not disabled
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(!userAccountControl=514))" -attr cn userAccountControl

Find user accounts that have password set to never expire
dsquery * "OU=UserOU,DC=test,dc=com" -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(userAccountControl:1.2.840.113556.1.4.803:=65536))"

Find user with a givenName
dsquery * "OU=UserOU,DC=test,dc=com" -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(givenName=Jenny))" -attr cn GivenName

Disable accounts that have been stale for over 120 days and that have not already been disabled.
for /f "tokens=2 delims==," %i in ('dsquery user "OU=UserOU,DC=test,DC=com" -stalepwd 120') do @dsquery * "OU=UserOU,DC=test,DC=com" -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2)(cn=%i))" dsmod user -disabled yes

Find all users for an exchange server
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(msExchHomeServerName=*exch*))" -attr cn

Find users who have been granted the logon to computer right.
dsquery * domainroot -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(userWorkstations=*exch*))" -attr cn

LDAP query for email alias address
"dsquery * -s myexchangeserver domainroot -limit 0 -filter "(&(objectCategory=Group)(proxyAddresses=smtp*))" -attr adspath cn mail info distinguishedName

Find Service connection points
dsquery * domainroot -limit 0 -filter "(&(objectClass=serviceConnectionPoint)(keywords=RIS*))" -attr serviceDNSName

Find Service connection points excluding those in a particular site
dsquery * domainroot -limit 0 -filter "(&(objectClass=serviceConnectionPoint)(keywords=RIS*)(!keywords=Site:Site1))" -attr cn serviceDNSName

Check if computer deletion has replicated to all DC's
for /f "tokens=2 delims==," %i in ('dsquery server') do dsquery computer -name WSName1 -s %i

Lookup done by Roaming SMS client to determine site assignment.
dsquery * domainroot -limit 0 -filter "(&(ObjectClass=mSSMSSite)((mSSMSRoamingBoundaries=10.0.1.0)(mSSMSRoamingBoundaries=TST)))"

Find the Terminal Services profile path for all users in the domain

for /f "tokens=2 delims=,=" %i in ('dsquery user "DC=mydomain,DC=com,DC=au"') do @tsprof /q /domain:MYDOMAIN %i && echo .

To see more useful commands check out this url: http://waynes-world-it.blogspot.com/2008/03/useful-commands.html