Retrieve Enable AD user Accounts

Retrieve Enable AD user Accounts

I need a script that retrieves all AD user Accounts that are enabled.
I need to display First name , Last name, login account name

Any help will be very much appreciated

Thank you
jskfanAsked:
Who is Participating?
 
Mike KlineCommented:
Make sure you have the AD tools/RSAT installed more on that here  

http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx

then

import-module activedirectory

if you type get-host what version are you running?

Newer versions will import the module for you.  Powershell 2 wasn't that smart.

Thanks

Mike
0
 
Mike KlineCommented:
Give this a try using powershell

get-aduser -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize

Open in new window


Thanks

Mike
0
 
jskfanAuthor Commented:
The term 'get-aduser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:11
+ get-aduser <<<<  -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize
    + CategoryInfo          : ObjectNotFound: (get-aduser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
jskfanAuthor Commented:
I got the error above
0
 
jskfanAuthor Commented:
Active Directory Module for Windows PowerShell, is already showing as checked in program features

I am not sure where I can get KB958830 to install
0
 
Will SzymkowskiSenior Solution ArchitectCommented:
When you are in your powershell session run get-module. You should then see active directory listed if the module has installed correctly. If it is installed then run get-command this will give you a list of all available commands that are present in your session. You should then see get-aduser.

Will.
0
 
Pramod UbheCommented:
run this command before executing the above mentioned command

Import-Module ActiveDirectory
0
 
allen_richCommented:
If you have the Active Directory modules, you can try Get-ADUser with the -LDAPFilter clause. You don't need the clauses to restrict the query to users. For example:

Get-ADUser -SearchBase "ou=West,dc=MyDomain,dc=com" -LDAPFilter "(!userAccountControl:1.2.840.113556.1.4.803:=2)"


Or, you can try dsquery * at the command prompt of a DC with the same LDAP query. For example:

dsquery * "ou=West,dc=MyDomain,dc=com" -Filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))"

To use this field in a filter you can use LDAP_MATCHING_RULE_IN_CHAIN OID, as discribed in Microsoft article Search Filter Syntax.

Check this article about Filtering for Bit Fields for details on how this work and you could use this tool for this
0
 
jskfanAuthor Commented:
it works thank you Guys...
0
 
jskfanAuthor Commented:
Thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.