Solved

Powershell script or cmd to search All Active User accounts in AD

Posted on 2015-01-14
8
150 Views
Last Modified: 2015-03-06
I need a script or simple command to search ONLY user accounts and export it to a CSV.  I have run other scripts but they grab Service accounts, shared mailboxes, Resources, disabled accounts etc.. I just want Active Users within AD.  Any ideas?

Thanks
0
Comment
Question by:Twhite0909
  • 4
  • 3
8 Comments
 
LVL 69

Expert Comment

by:Qlemo
ID: 40549343
AD does not know which account is a resource or service account. You'll always have to query some add-on able to tell you that, e.g. for resources Exchange.
But I guess it is safe to assume enabled accounts with a given name are real users:
Import-Module ActiveDirectory
Get-ADUser -Filter "*" | ? { $_.Enabled -and $_.GivenName -ne "" }

Open in new window

0
 

Expert Comment

by:ja_foster
ID: 40549996
If your user accounts are separated from your mgmt. accounts in different OU's you can use the -searchbase switch to tell Get-ADUser where to search for your users. (Change the distinguishedName to your domain info). Then pipe it out to a csv.
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com" | Export-CSV \\server\share\enabledUsers.csv
0
 

Author Comment

by:Twhite0909
ID: 40553700
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com" | Export-CSV \\server\share\enabledUsers.csv

 that worked great.  Now theyre asking if I can add creation date, department?  Do you the syntax for those to add to this cmd?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40553773
Those are not part of the "default" property set of Get-ADUser, so we have to ask for them:
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com"  -Property Created, Department |
  Export-CSV \\server\share\enabledUsers.csv 

Open in new window

When using Get-ADUser -filter * -Property * you will get all available properties.
0
 

Author Comment

by:Twhite0909
ID: 40554074
Can I combine this with the other script to run.together?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 40554099
The above is the complete script, as far as we know it.
0
 

Author Comment

by:Twhite0909
ID: 40554188
But won't that just give me all all users again and not go to specific OU?  that's what I need and that's what the first command I got did it went to a specific oh you called locations where I have all of my office is this week just user accounts anything else. jared mailbox or service accounts things and I don't need to if I could put this - filter properties in with the original command somehow I can pull just use your accounts as well as their
0
 

Author Comment

by:Twhite0909
ID: 40554313
Whats the full cmd to have AD search an OU and get the Users as well as creation date?
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question