ActiveDirectory.Domains

Accessing Data

Returns a table of Active Directory domains accessible from the current machine or from a specified domain controller.

Examples on this page use shared sample tables. View them to understand the input data before reading the examples below.

Syntax

ActiveDirectory.Domains(optional domainController as nullable text) as table

Parameters

NameTypeRequiredDescription
domainControllertextNoThe hostname or IP address of a domain controller to query. If omitted, the function queries the domain controller for the current machine's domain.

Return Value

tableA navigation table where each row represents an Active Directory domain, with columns for DNS Name, NetBIOS Name, DomainMode, and Data.

Remarks

ActiveDirectory.Domains connects to Active Directory via LDAP and returns a navigation table listing every domain in the forest accessible from the current machine or specified domain controller. Drilling into a domain's Data column exposes a second navigation table of object categories — Users, Groups, Computers, OrganizationalUnits, and others — each of which can be expanded into a flat table of LDAP attributes.

Navigation table structure: The top-level result contains one row per domain with the following columns: - DNS Name (text) — the fully qualified domain name (e.g., contoso.com). - NetBIOS Name (text) — the short, legacy domain name (e.g., CONTOSO). - DomainMode (text) — the functional level of the domain (e.g., Windows2016Domain). - Data (table) — a nested navigation table of AD object categories within that domain.

Authentication: Uses the Windows credentials of the currently signed-in user, or the service account running the on-premises data gateway. No explicit credential configuration is required in the Power Query credentials dialog — access is determined entirely by the user's AD permissions.

Availability and gateway requirements: ActiveDirectory.Domains requires network connectivity to a domain controller. It is not available in Power BI Service without an on-premises data gateway configured to run under a domain-joined service account. It is also not available in Excel Online, Fabric Notebooks, or dataflows. For scheduled refresh in Power BI Service, install an on-premises gateway on a machine that is joined to (or has LDAP access to) the Active Directory forest.

Query folding: Not supported. All LDAP data is retrieved first; filtering and column selection take place in Power Query after the data is fetched. For large AD environments with many objects, apply Table.SelectRows and Table.SelectColumns early to reduce memory usage.

Common patterns: The typical workflow is ActiveDirectory.Domains() → drill into a domain's Data → drill into an object category (e.g., Users) → select relevant LDAP attribute columns. Useful for auditing user accounts, reconciling HR records with AD attributes (mail, department, manager, userPrincipalName), or inventorying computers and group memberships.

Examples

Example 1: List all accessible Active Directory domains

```powerquery

ActiveDirectory.Domains()

Example 2: Query a specific domain controller by hostname

```powerquery

ActiveDirectory.Domains("dc01.contoso.com")

Example 3: Navigate to user accounts in a named domain

```powerquery

let
    Domains = ActiveDirectory.Domains(),
    ContosoDomain = Domains{[#"DNS Name"="contoso.com"]}[Data],
    Users = ContosoDomain{[Name="Users"]}[Data]
in
    Users

Example 4: Extract user display names, email, and department

```powerquery

let
    Domains = ActiveDirectory.Domains(),
    Domain = Domains{0}[Data],
    Users = Domain{[Name="Users"]}[Data],
    Selected = Table.SelectColumns(
        Users,
        {"displayName", "userPrincipalName", "mail", "department", "manager", "enabled"}
    )
in
    Selected

Compatibility

Power BI Desktop Power BI Service Excel Desktop Excel Online Dataflows Fabric Notebooks