March 1, 2023
Occasionally there is a need to quickly query Active Directory for all user accounts or user accounts with only certain values in particular properties. This can be done by installing and loading the Microsoft Active Directory Administration module for PowerShell. This is an add-on module, named ActiveDirectory, that provides cmdlets that let you manage your Active Directory domains.
After you install the ActiveDirectory module, there is now a new PowerShell option in Administrative Tools, called Active Directory Module for Windows PowerShell:
This brings up the bland, DOS-like command prompt with the ActiveDirectory module automatically loaded. But what if you like to work in the Windows PowerShell Integrated Scripting Environment (ISE)? Start up ISE and then run the following command:
Import-module ActiveDirectory
That will load the ActiveDirectory module into your ISE session, so that you can use the desired cmdlets.
To query for user accounts, use the Get-ADUser cmdlet. For example, here is how you would query against your domain for all user accounts:
Get-ADUser -Filter * -SearchBase "DC=ad,DC=company,DC=com"
If you wanted to query for all of the user accounts with the last name "Collicott", you would run the following:
Get-ADUser -Filter {Surname -eq "Collicott"} -SearchBase "DC=ad,DC=company,DC=com"
To export the e-mail addresses for all user accounts to a CSV file, you could run the following:
Get-ADUser -Filter * -SearchBase "DC=ad,DC=company,DC=com" -Properties mail | Select mail | Export-CSV "Email Addresses.csv"
You can also find additional examples by viewing the help on the cmdlet:
Get-Help Get-ADUser -examples
.png){kind=logo}
We're here to help you tackle what's next in your digital journey.
