Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Retrieve Enable AD user Accounts

Posted on 2014-02-04
Last Modified: 2014-02-05
Retrieve Enable AD user Accounts

I need a script that retrieves all AD user Accounts that are enabled.
I need to display First name , Last name, login account name

Any help will be very much appreciated

Thank you
Question by:jskfan
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 300 total points
ID: 39834301
Give this a try using powershell

get-aduser -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize

Open in new window



Author Comment

ID: 39834395
The term 'get-aduser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:11
+ get-aduser <<<<  -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize
    + CategoryInfo          : ObjectNotFound: (get-aduser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Author Comment

ID: 39834396
I got the error above
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

LVL 57

Accepted Solution

Mike Kline earned 300 total points
ID: 39834407
Make sure you have the AD tools/RSAT installed more on that here  



import-module activedirectory

if you type get-host what version are you running?

Newer versions will import the module for you.  Powershell 2 wasn't that smart.



Author Comment

ID: 39834603
Active Directory Module for Windows PowerShell, is already showing as checked in program features

I am not sure where I can get KB958830 to install
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 39835163
When you are in your powershell session run get-module. You should then see active directory listed if the module has installed correctly. If it is installed then run get-command this will give you a list of all available commands that are present in your session. You should then see get-aduser.

LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39835216
run this command before executing the above mentioned command

Import-Module ActiveDirectory

Assisted Solution

allen_rich earned 100 total points
ID: 39835305
If you have the Active Directory modules, you can try Get-ADUser with the -LDAPFilter clause. You don't need the clauses to restrict the query to users. For example:

Get-ADUser -SearchBase "ou=West,dc=MyDomain,dc=com" -LDAPFilter "(!userAccountControl:1.2.840.113556.1.4.803:=2)"

Or, you can try dsquery * at the command prompt of a DC with the same LDAP query. For example:

dsquery * "ou=West,dc=MyDomain,dc=com" -Filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))"

To use this field in a filter you can use LDAP_MATCHING_RULE_IN_CHAIN OID, as discribed in Microsoft article Search Filter Syntax.

Check this article about Filtering for Bit Fields for details on how this work and you could use this tool for this

Author Comment

ID: 39836325
it works thank you Guys...

Author Closing Comment

ID: 39836331
Thank you

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question