Windows PowerShell Get-AdUser -Filter
The secret of getting the Get-AdUser cmdlet working is to master the -Filter parameter. Classic jobs are finding out details about one user, or retreiving the bare facts of lots of users.
If you are new to PowerShell’s AdUser cmdlets you may like to save frustration and check the basics of Get-AdUser.
Topics PowerShell Get-AdUser -Filter
- Preparation: Checklist for Get-AdUser
- Example 1: Get-AdUser -Filter
- Example 2: Get-AdUser -Filter {Complex and with brackets}
- Example 3: Get-AdUser -LDAPfilter
- Research Get-AdUser With Get-Help -full
Preparation: Checklist for Get-AdUser
a) Logon: At a Domain Controller
b) Find: Active Directory Module for Windows PowerShell
c) Launch: The PowerShell executable
d) Run: Import-Module activedirectory
Note 1: Optionally, you can install the ISE version, and Set-ExecutionPolicy -remotelySigned. It is also possible, but fiddly to install the Active Directory Module on a member server.
# PowerShell Check for Active Directory Services
Get-Service ad*
Get-Module
Example 1: Get-AdUser -Filter
Technically, this Ad family of cmlets use syntax from PowerShell’s expression language. My explaination is you need an LDAP property for example, Name, a comparator such as -Like, and finally a value.
# PowerShell AdUser example to find test users
Get-AdUser -Filter 'name -Like "Test*" '
These three components (LDAP property, comparator and value) make for complex syntax, and this is why we need particular brackets and speech marks. Indeed, if you focus on the job of the syntactic elements then you will soon master Get-AdUser -Filter.
Note 2: Get-AdUser can take alternative parameters to -Filter, for example, -identity, -searchbase or -LDAPFilter.
Note 3: As a conservative estimate there are 10 possible LDAP values, 6 comparators, and say, 10 values, that makes 600 different uses of Get-AdUser -Filter.
Guy Recommends: SolarWinds Admin Bundle for Active Directory (FREE TOOL)
Import users from a spreadsheet. Just provide a list of the users with their fields in the top row, and save as .csv file. Then launch this FREE utility and match your fields with AD’s attributes, click and import the users.
Optionally, you can provide the name of the OU where the new accounts will be born. Download your FREE bulk import tool.
If you need more comprehensive application analysis software, Download a free trial of SAM (Server & Application Monitor)
Example 2: Get-AdUser -Filter {Complex and with brackets}
I suggest that you compare and contrast examples 1 and 2. Firstly, see how the ‘single’ speech marks are replaced with {curly} brackets. My point is you can use either, but you must have one. Secondly, observe how you can combine two conditions to build complex queries. (Name starts with Ben, and Surname is Thomas)
# PowerShell AdUser -Filter example to find Ben* Thomas
Get-ADUser -Filter {(Name -Like "Ben*") -And (Surname -eq "Thomas")}
Example 3: Get-AdUser -LDAPfilter
Here is an example to list all the users in an organizational unit called ‘Raglan’. This script uses the -LDAPfilter parameter.
# Get-AdUser cmdlet
Clear-host
Get-ADUser -LDAPfilter '(name=*)' `
-searchBase {OU=Raglan,DC=burrium,DC=usk} | Ft Name, Surname -a
Note 4: Observe how LDAPfilter uses the form ‘Name=*’ and not ‘Name -eq*.
Note 5: It’s -searchBase that filters the Active Directory container, in this case an OU object called ‘Raglan’.
Note 6: Ft (Format-Table) just controls the output, you could add other properties such as EmailAddress.
Guy Recommends: Network Performance Monitor (FREE TRIAL)
SolarWinds Network Performance Monitor (NPM) will help you discover what’s happening on your network. This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.
What I like best is the way NPM suggests solutions to network problems. Its also has the ability to monitor the health of individual VMware virtual machines. If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM on a 30-day free trial.
Research Get-AdUser With Get-Help -full
This is how I discovered about the -LDAPfilter and other parameters.
Clear-Host
Get-Help Get-ADUser -full
Similar Active Directory Cmdlets
Once you have mastered Get-AdUser, you may wish to know more about Set-AdUser or Get-AdComputer. To obtain a comprehensive list of the AD cmdlets try this command:
Clear-Host
Get-Command -Noun ad*
Amongst the results you should see:
- Add-AdGroupmember
- Enable-AdAccount
- Get-AdComputer
- Move-AdComputer
- New-AdUser
- Set-AdUser
- Remove-AdGroup
- UnLock-AdAccount
Note 7: Naturally, you will also see these verbs and nouns in other combinations.
Guy Recommends: SolarWinds Engineer’s Toolset (FREE TRIAL)
This Engineer’s Toolset provides a comprehensive console of 50 utilities for troubleshooting computer problems. Guy says it helps me monitor what’s occurring on the network, and each tool teaches me more about how the underlying system operates.
There are so many good gadgets; it’s like having free rein of a sweetshop. Thankfully the utilities are displayed logically: monitoring, network discovery, diagnostic, and Cisco tools. Try the SolarWinds Engineer’s Toolset on a 14-day free trial now!
Troubleshooting PowerShell’s Get-AdUser
Firstly make sure that you are using Active Directory Module for Windows PowerShell. Check with Get-Module.
Secondly, to research Get-AdUser call for Get-Help, and then examine syntax and study the examples.
# PowerShell Active Directory Syntax
Clear-Host
Get-Help Get-AdUser -full
Summary of PowerShell Get-AdUser
On its own Get-AdUser is impotent; it needs the -Filter parameter. The more you learn about this query language, the more precise your results from this and similar Active Directory cmdlets.
If you like this page then please share it with your friends
See more PowerShell Active Directory Cmdlets
• PowerShell Home • Get-AdUser -filter • Get-AdUser • New-AdUser • Get-AdComputer
• Export-CSV • Import CSV • PowerShell Active Directory • New-AdComputer
• PowerShell Codeplex • PowerShell Ad Cmdlets • Free Import User CSVDE Tool
Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.
