?
Solved

Powershell script or cmd to search All Active User accounts in AD

Posted on 2015-01-14
8
Medium Priority
?
157 Views
Last Modified: 2015-03-06
I need a script or simple command to search ONLY user accounts and export it to a CSV.  I have run other scripts but they grab Service accounts, shared mailboxes, Resources, disabled accounts etc.. I just want Active Users within AD.  Any ideas?

Thanks
0
Comment
Question by:Twhite0909
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 70

Expert Comment

by:Qlemo
ID: 40549343
AD does not know which account is a resource or service account. You'll always have to query some add-on able to tell you that, e.g. for resources Exchange.
But I guess it is safe to assume enabled accounts with a given name are real users:
Import-Module ActiveDirectory
Get-ADUser -Filter "*" | ? { $_.Enabled -and $_.GivenName -ne "" }

Open in new window

0
 

Expert Comment

by:ja_foster
ID: 40549996
If your user accounts are separated from your mgmt. accounts in different OU's you can use the -searchbase switch to tell Get-ADUser where to search for your users. (Change the distinguishedName to your domain info). Then pipe it out to a csv.
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com" | Export-CSV \\server\share\enabledUsers.csv
0
 

Author Comment

by:Twhite0909
ID: 40553700
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com" | Export-CSV \\server\share\enabledUsers.csv

 that worked great.  Now theyre asking if I can add creation date, department?  Do you the syntax for those to add to this cmd?
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 70

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 40553773
Those are not part of the "default" property set of Get-ADUser, so we have to ask for them:
Get-ADUser -Filter {Enabled -eq $True} -searchbase "OU=Users,OU=production,DC=contoso,DC=com"  -Property Created, Department |
  Export-CSV \\server\share\enabledUsers.csv 

Open in new window

When using Get-ADUser -filter * -Property * you will get all available properties.
0
 

Author Comment

by:Twhite0909
ID: 40554074
Can I combine this with the other script to run.together?
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 40554099
The above is the complete script, as far as we know it.
0
 

Author Comment

by:Twhite0909
ID: 40554188
But won't that just give me all all users again and not go to specific OU?  that's what I need and that's what the first command I got did it went to a specific oh you called locations where I have all of my office is this week just user accounts anything else. jared mailbox or service accounts things and I don't need to if I could put this - filter properties in with the original command somehow I can pull just use your accounts as well as their
0
 

Author Comment

by:Twhite0909
ID: 40554313
Whats the full cmd to have AD search an OU and get the Users as well as creation date?
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question