Retrieve Enable AD user Accounts

Posted on 2014-02-04
Last Modified: 2014-02-05
Retrieve Enable AD user Accounts

I need a script that retrieves all AD user Accounts that are enabled.
I need to display First name , Last name, login account name

Any help will be very much appreciated

Thank you
Question by:jskfan
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 300 total points
ID: 39834301
Give this a try using powershell

get-aduser -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize

Open in new window



Author Comment

ID: 39834395
The term 'get-aduser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:11
+ get-aduser <<<<  -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize
    + CategoryInfo          : ObjectNotFound: (get-aduser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Author Comment

ID: 39834396
I got the error above
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

LVL 57

Accepted Solution

Mike Kline earned 300 total points
ID: 39834407
Make sure you have the AD tools/RSAT installed more on that here


import-module activedirectory

if you type get-host what version are you running?

Newer versions will import the module for you.  Powershell 2 wasn't that smart.



Author Comment

ID: 39834603
Active Directory Module for Windows PowerShell, is already showing as checked in program features

I am not sure where I can get KB958830 to install
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 100 total points
ID: 39835163
When you are in your powershell session run get-module. You should then see active directory listed if the module has installed correctly. If it is installed then run get-command this will give you a list of all available commands that are present in your session. You should then see get-aduser.

LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39835216
run this command before executing the above mentioned command

Import-Module ActiveDirectory

Assisted Solution

allen_rich earned 100 total points
ID: 39835305
If you have the Active Directory modules, you can try Get-ADUser with the -LDAPFilter clause. You don't need the clauses to restrict the query to users. For example:

Get-ADUser -SearchBase "ou=West,dc=MyDomain,dc=com" -LDAPFilter "(!userAccountControl:1.2.840.113556.1.4.803:=2)"

Or, you can try dsquery * at the command prompt of a DC with the same LDAP query. For example:

dsquery * "ou=West,dc=MyDomain,dc=com" -Filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))"

To use this field in a filter you can use LDAP_MATCHING_RULE_IN_CHAIN OID, as discribed in Microsoft article Search Filter Syntax.

Check this article about Filtering for Bit Fields for details on how this work and you could use this tool for this

Author Comment

ID: 39836325
it works thank you Guys...

Author Closing Comment

ID: 39836331
Thank you

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
In a recent question ( here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question