You want to find the quota usage for a certain security principal.

The quota usage of a security principal can be determined a few different ways. First, you can use the dsget command. Here is an example:

> dsget user "<UserDN>" -part <PartitionDN> -qlimit -qused

This displays the effective quota limit and how much quota has been used for a particular user. You can use similar parameters with dsget computer and dsget group to find the quota usage for those types of objects.

Users can find their own quota usage by querying the msDs-QuotaUsed and msDs-QuotaEffective attributes on the cn=NTDS Quotas container for a partition. These two attributes are constructed, which means they are dynamically calculated based on the user that is accessing them (see Recipe 10.15 for more on constructed attributes). The msDs-QuotaUsed attribute returns how much of the quota has been used by the user and the msDs-QuotaEffective attribute contains the quota limit.

Alternatively, view the msDs-TopQuotaUsage attribute on a partition’s cn=NTDS Quotas container, which contains the user’s with the top quota usage. This attribute is multi-valued, with each value being XML-like text that contains the SID and how much of the quota the principal has used. See the Discussion section for an example.

If you implement quotas, you’ll certainly need to tell users what their quotas ...