Active Directory Powershell

Hello All,

I ran the following Powershell command get-aduser -identity username -properties * to find why a password was not being reset by our local password reset page and i found that those fields as well as several others were not populated. Is there something that i have to turn on/configure to get it to start logging that information? I know that it was atleast reset once through active directory through me so i know that some information should be there for it.

The "important" feilds that are there are:

account lockouttime
last logondate
lastbadpasswordattempt

and may more.

Thanks,
Brad
LVL 2
Bradley BishopAssociate Product DeveloperAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pjamCommented:
Brad,
Do you have RSAT installed?  You need that to get AD commands.
I have a profile in My Documents\WindowsPowershell\Profile.ps1 that has:
Import-Module ActiveDirectory, so that when I open PowerShell it automatically brings in AD.
0
Bradley BishopAssociate Product DeveloperAuthor Commented:
No we do not have RSAT installed. i did the import that you suggested and it did not change any of the outputs.
0
Thomas GrassiSystems AdministratorCommented:
What version of Powershell you running?

run this $PSVersionTable

As PJAM said above must have RSAT installed on your windows 7 box


 I created a shortcut for this

%windir%\system32\WindowsPowerShell\v1.0\powershell.exe -noexit -command import-module ActiveDirectoy
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Bradley BishopAssociate Product DeveloperAuthor Commented:
sorry i should have been more clear, i am running this from the server itself
0
Thomas GrassiSystems AdministratorCommented:
Ok no problem

Have you checked other user accounts?

In default domain policy

Check account policies  and local policies settings
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pjamCommented:
By server itself, hopefully you mean Domain controller.
0
footechCommented:
I've seen this when running directly on a domain controller.
Make sure you are starting the command from an elevated prompt.  If some are still missing, then the only thing I've seen that helps is to query for the info from another machine (point your command at another DC with the -server parameter, or use RSAT to query this one).  To me it appears that the AD Web Services has trouble getting all information when the query comes from the same machine.
1
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.