diff --git a/modules/integrations/activedirectory/collect/cli.go b/modules/integrations/activedirectory/collect/cli.go
index 30b2690..b616a0b 100644
--- a/modules/integrations/activedirectory/collect/cli.go
+++ b/modules/integrations/activedirectory/collect/cli.go
@@ -47,9 +47,7 @@ var (
 
 	authmodeString *string
 
-	authdomain = Command.Flags().String("authdomain", "", "domain for authentication, if using ntlm auth")
-	dumpquery  = Command.Flags().String("query", "(objectClass=*)", "LDAP query for dump, defaults to everything")
-
+	authdomain      = Command.Flags().String("authdomain", "", "domain for authentication, if using ntlm auth")
 	attributesparam = Command.Flags().String("attributes", "*", "Comma seperated list of attributes to get, * = all, or a comma seperated list of attribute names (expert)")
 
 	nosacl   = Command.Flags().Bool("nosacl", true, "Request data with NO SACL flag, allows normal users to dump ntSecurityDescriptor field")
@@ -219,7 +217,6 @@ func Execute(cmd *cobra.Command, args []string) error {
 		SearchBase:    "",
 		Scope:         ldap.ScopeBaseObject,
 		ReturnObjects: true,
-		WriteToFile:   filepath.Join(datapath, *server+"RootDSE.objects.msgp.lz4"),
 	})
 	if err != nil {
 		return fmt.Errorf("problem querying Active Directory RootDSE: %w", err)
@@ -250,6 +247,16 @@ func Execute(cmd *cobra.Command, args []string) error {
 		}
 	}
 
+	log.Info().Msg("Saving RootDSE ...")
+	_, err = ad.Dump(DumpOptions{
+		SearchBase:  "",
+		Scope:       ldap.ScopeBaseObject,
+		WriteToFile: filepath.Join(datapath, domainContext+".RootDSE.objects.msgp.lz4"),
+	})
+	if err != nil {
+		return fmt.Errorf("problem saving Active Directory RootDSE: %w", err)
+	}
+
 	do := DumpOptions{
 		Attributes:    attributes,
 		Scope:         ldap.ScopeWholeSubtree,