?
Solved

Retrieve Enable AD user Accounts

Posted on 2014-02-04
10
Medium Priority
?
565 Views
Last Modified: 2014-02-05
Retrieve Enable AD user Accounts

I need a script that retrieves all AD user Accounts that are enabled.
I need to display First name , Last name, login account name

Any help will be very much appreciated

Thank you
0
Comment
Question by:jskfan
10 Comments
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 1200 total points
ID: 39834301
Give this a try using powershell

get-aduser -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize

Open in new window


Thanks

Mike
0
 

Author Comment

by:jskfan
ID: 39834395
The term 'get-aduser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:11
+ get-aduser <<<<  -filter 'enabled -eq $true' | format-table givenanme, surname, samaccountname -autosize
    + CategoryInfo          : ObjectNotFound: (get-aduser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
 

Author Comment

by:jskfan
ID: 39834396
I got the error above
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 57

Accepted Solution

by:
Mike Kline earned 1200 total points
ID: 39834407
Make sure you have the AD tools/RSAT installed more on that here  

http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx

then

import-module activedirectory

if you type get-host what version are you running?

Newer versions will import the module for you.  Powershell 2 wasn't that smart.

Thanks

Mike
0
 

Author Comment

by:jskfan
ID: 39834603
Active Directory Module for Windows PowerShell, is already showing as checked in program features

I am not sure where I can get KB958830 to install
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 400 total points
ID: 39835163
When you are in your powershell session run get-module. You should then see active directory listed if the module has installed correctly. If it is installed then run get-command this will give you a list of all available commands that are present in your session. You should then see get-aduser.

Will.
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39835216
run this command before executing the above mentioned command

Import-Module ActiveDirectory
0
 
LVL 2

Assisted Solution

by:allen_rich
allen_rich earned 400 total points
ID: 39835305
If you have the Active Directory modules, you can try Get-ADUser with the -LDAPFilter clause. You don't need the clauses to restrict the query to users. For example:

Get-ADUser -SearchBase "ou=West,dc=MyDomain,dc=com" -LDAPFilter "(!userAccountControl:1.2.840.113556.1.4.803:=2)"


Or, you can try dsquery * at the command prompt of a DC with the same LDAP query. For example:

dsquery * "ou=West,dc=MyDomain,dc=com" -Filter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))"

To use this field in a filter you can use LDAP_MATCHING_RULE_IN_CHAIN OID, as discribed in Microsoft article Search Filter Syntax.

Check this article about Filtering for Bit Fields for details on how this work and you could use this tool for this
0
 

Author Comment

by:jskfan
ID: 39836325
it works thank you Guys...
0
 

Author Closing Comment

by:jskfan
ID: 39836331
Thank you
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
The viewer will learn how to dynamically set the form action using jQuery.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question