DSQUERY
Powershell
Quest Powershell Script
Find some specific attributes for a OU users using powershell
Find users attributes (Users input from a Text file)
Below example for user attributes
How to reset the passwords for some specific users
How to update the manager field for bulk users.
Which commands are in the Active Directory module
See Also

DSQUERY

Dsquery * -limit 0 -filter "&(objectClass=User)(objectCategory=Person)" -attr * >>AllUsers.txt

Powershell



Get-ADUser -Filter * -property *

Get-ADUser -F * -PR *

Quest Powershell Script

Get-QADUser -Name * -sizelimit 0 | select givenName,sn,name,PasswordExpires | Export-CSV c:\pass_exp.csv

Find some specific attributes for a OU users using powershell

PS C:\> get-aduser -f * -Searchbase "ou=powershell,dc=contoso,dc=com" -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName

Find users attributes (Users input from a Text file)



PS C:\> get-content c:\users.txt | get-aduser -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName




 
 
DistinguishedName : CN=rock,CN=Users,DC=contoso,DC=com
Enabled           :
True
GivenName         : rock
Name              : rock
ObjectClass       : user
ObjectGUID        : 57bcbc28-c46a-4ba3-8cad-db4eada9230e
PasswordExpired   :
True
SamAccountName    : rock
SID               : S-1-5-21-359348832-1345755819-277917231-1109
Surname           :
UserPrincipalName : rock@contoso.com
whenChanged       : 9/19/2013 7:51:09 AM
 
DistinguishedName : CN=Administrator,CN=Users,DC=contoso,DC=com
Enabled           :
True
GivenName         :
Name              : Administrator
ObjectClass       : user
ObjectGUID        : d7d91e0a-e25d-4adc-8c70-8197afd698e4
PasswordExpired   :
False
SamAccountName    : Administrator
SID               : S-1-5-21-359348832-1345755819-277917231-500
Surname           :
UserPrincipalName :
whenChanged       : 9/10/2013 7:37:38 AM
 
DistinguishedName : CN=copy,CN=Users,DC=contoso,DC=com
Enabled           :
True
GivenName         : copy
Name              : copy
ObjectClass       : user
ObjectGUID        : e3867e09-2f04-4238-aa36-aa1c83323d08
PasswordExpired   :
True
SamAccountName    : copy
SID               : S-1-5-21-359348832-1345755819-277917231-1106
Surname           :
UserPrincipalName : copy@contoso.com
whenChanged       : 9/3/2013 4:19:17 PM

Below example for user attributes

001.AccountExpirationDate :

002.

accountExpires                      
 : 9223372036854775807

003.AccountLockoutTime :

004.

AccountNotDelegated                 
 :

False

005.

AllowReversiblePasswordEncryption    :

False

006.

BadLogonCount                       
 : 0

007.

badPasswordTime                      :
 0

008.

badPwdCount                         
 : 0

009.

CannotChangePassword                 :

False

010.

CanonicalName                       
 : contoso.com/Powershell/Ankur Seth

011.

Certificates                         :
 {}

012.

City                                
 :

013.

CN                                   :
 Ankur Seth

014.

codePage                            
 : 0

015.Company :

016.

CompoundIdentitySupported           
 : {}

017.Country :

018.

countryCode                         
 : 0

019.

Created                              :
 5/24/2013 11:50:43 PM

020.

createTimeStamp                     
 : 5/24/2013 11:50:43 PM

021.Deleted :

022.

Department                          
 :

023.

Description                          :
 ADMIN

024.

DisplayName                         
 : Ankur Seth

025.

DistinguishedName                    :
 CN=Ankur Seth,OU=Powershell,DC=contoso,DC=com

026.

Division                            
 :

027.

DoesNotRequirePreAuth                :

False

028.

dSCorePropagationData               
 : {12/31/1600 4:00:00 PM}

029.EmailAddress :

030.

EmployeeID                          
 :

031.EmployeeNumber :

032.

Enabled                             
 :

True

033.Fax :

034.

GivenName                           
 : Ankur

035.HomeDirectory :

036.

HomedirRequired                     
 :

False

037.HomeDrive :

038.

HomePage                            
 :

039.HomePhone :

040.

Initials                            
 :

041.

instanceType                         :
 4

042.

isDeleted                           
 :

043.

KerberosEncryptionType               :
 {}

044.

LastBadPasswordAttempt              
 :

045.LastKnownParent :

046.

lastLogoff                          
 : 0

047.

lastLogon                            :
 0

048.

LastLogonDate                       
 :

049.

LockedOut                            :

False

050.

logonCount                          
 : 0

051.LogonWorkstations :

052.

Manager                             
 :

053.

MemberOf                             :
 {}

054.

MNSLogonAccount                     
 :

False

055.MobilePhone :

056.

Modified                            
 : 5/24/2013 11:56:24 PM

057.

modifyTimeStamp                      :
 5/24/2013 11:56:24 PM

058.

msDS-User-Account-Control-Computed  
 : 8388608

059.

Name                                 :
 Ankur Seth

060.

nTSecurityDescriptor                
 : System.DirectoryServices.ActiveDirectorySecurity

061.

ObjectCategory                       :
 CN=Person,CN=Schema,CN=Configuration,DC=contoso,DC=com

062.

ObjectClass                         
 : user

063.

ObjectGUID                           :
 cd1f097f-8c54-4988-9bcd-ced6cb954e9c

064.

objectSid                           
 : S-1-5-21-3894563728-440662116-3668880775-1105

065.Office :

066.

OfficePhone                         
 :

067.Organization :

068.

OtherName                           
 :

069.

PasswordExpired                      :

True

070.

PasswordLastSet                     
 :

071.

PasswordNeverExpires                 :

False

072.

PasswordNotRequired                 
 :

False

073.POBox :

074.

PostalCode                          
 :

075.

PrimaryGroup                         :
 CN=Domain Users,CN=Users,DC=contoso,DC=com

076.

primaryGroupID                      
 : 513

077.

PrincipalsAllowedToDelegateToAccount :
 {}

078.

ProfilePath                         
 :

079.

ProtectedFromAccidentalDeletion      :

False

080.

pwdLastSet                          
 : 0

081.

SamAccountName                       :
 ASeth

082.

sAMAccountType                      
 : 805306368

083.ScriptPath :

084.

sDRightsEffective                   
 : 15

085.

ServicePrincipalNames                :
 {}

086.

SID                                 
 : S-1-5-21-3894563728-440662116-3668880775-1105

087.

SIDHistory                           :
 {}

088.

SmartcardLogonRequired              
 :

False

089.

sn                                   :
 Seth

090.

State                               
 :

091.StreetAddress :

092.

Surname                             
 : Seth

093.Title :

094.

TrustedForDelegation                
 :

False

095.

TrustedToAuthForDelegation           :

False

096.

UseDESKeyOnly                       
 :

False

097.

userAccountControl                   :
 512

098.

userCertificate                     
 : {}

099.

UserPrincipalName                    :
 ASeth@contoso.com

100.

uSNChanged                          
 : 28712

101.

uSNCreated                           :
 28705

102.

whenChanged                         
 : 5/24/2013 11:56:24 PM

103.

whenCreated                          :
 5/24/2013 11:50:43 PM

How to reset the passwords for some specific users

get-content c:\users.txt | get-aduser |Set-ADAccountPassword -NewPassword (ConvertTo-SecureString -AsPlainText monster@me123 -Force)

How to update the manager field for bulk users.

get-content c:\users.txt | get-aduser |Set-ADUser -Manager"Biswajit"

Which commands are in the Active Directory module

001.PS C:\> get-command -module ActiveDirectory

002.

003.

CommandType     Name                                              
 ModuleName

004.

-----------     ----                                              
 ----------

005.

Cmdlet          Add-ADCentralAccessPolicyMember                   
 ActiveDirectory

006.

Cmdlet          Add-ADComputerServiceAccount                      
 ActiveDirectory

007.

Cmdlet          Add-ADDomainControllerPasswordReplicationPolicy   
 ActiveDirectory

008.

Cmdlet          Add-ADFineGrainedPasswordPolicySubject            
 ActiveDirectory

009.

Cmdlet          Add-ADGroupMember                                 
 ActiveDirectory

010.

Cmdlet          Add-ADPrincipalGroupMembership                    
 ActiveDirectory

011.

Cmdlet          Add-ADResourcePropertyListMember                  
 ActiveDirectory

012.

Cmdlet          Clear-ADAccountExpiration                         
 ActiveDirectory

013.

Cmdlet          Clear-ADClaimTransformLink                        
 ActiveDirectory

014.

Cmdlet          Disable-ADAccount                                 
 ActiveDirectory

015.

Cmdlet          Disable-ADOptionalFeature                         
 ActiveDirectory

016.

Cmdlet          Enable-ADAccount                                  
 ActiveDirectory

017.

Cmdlet          Enable-ADOptionalFeature                          
 ActiveDirectory

018.

Cmdlet

Get-ADAccountAuthorizationGroup ActiveDirectory

019.

Cmdlet

Get-ADAccountResultantPasswordReplicationPolicy ActiveDirectory

020.

Cmdlet

Get-ADCentralAccessPolicy ActiveDirectory

021.

Cmdlet

Get-ADCentralAccessRule ActiveDirectory

022.

Cmdlet

Get-ADClaimTransformPolicy ActiveDirectory

023.

Cmdlet

Get-ADClaimType ActiveDirectory

024.

Cmdlet

Get-ADComputer ActiveDirectory

025.

Cmdlet

Get-ADComputerServiceAccount ActiveDirectory

026.

Cmdlet

Get-ADDCCloningExcludedApplicationList ActiveDirectory

027.

Cmdlet

Get-ADDefaultDomainPasswordPolicy ActiveDirectory

028.

Cmdlet

Get-ADDomain ActiveDirectory

029.

Cmdlet

Get-ADDomainController ActiveDirectory

030.

Cmdlet

Get-ADDomainControllerPasswordReplicationPolicy ActiveDirectory

031.

Cmdlet

Get-ADDomainControllerPasswordReplicationPolicy... ActiveDirectory

032.

Cmdlet

Get-ADFineGrainedPasswordPolicy ActiveDirectory

033.

Cmdlet

Get-ADFineGrainedPasswordPolicySubject ActiveDirectory

034.

Cmdlet

Get-ADForest ActiveDirectory

035.

Cmdlet

Get-ADGroup ActiveDirectory

036.

Cmdlet

Get-ADGroupMember ActiveDirectory

037.

Cmdlet

Get-ADObject ActiveDirectory

038.

Cmdlet

Get-ADOptionalFeature ActiveDirectory

039.

Cmdlet

Get-ADOrganizationalUnit ActiveDirectory

040.

Cmdlet

Get-ADPrincipalGroupMembership ActiveDirectory

041.

Cmdlet

Get-ADReplicationAttributeMetadata ActiveDirectory

042.

Cmdlet

Get-ADReplicationConnection ActiveDirectory

043.

Cmdlet

Get-ADReplicationFailure ActiveDirectory

044.

Cmdlet

Get-ADReplicationPartnerMetadata ActiveDirectory

045.

Cmdlet

Get-ADReplicationQueueOperation ActiveDirectory

046.

Cmdlet

Get-ADReplicationSite ActiveDirectory

047.

Cmdlet

Get-ADReplicationSiteLink ActiveDirectory

048.

Cmdlet

Get-ADReplicationSiteLinkBridge ActiveDirectory

049.

Cmdlet

Get-ADReplicationSubnet ActiveDirectory

050.

Cmdlet

Get-ADReplicationUpToDatenessVectorTable ActiveDirectory

051.

Cmdlet

Get-ADResourceProperty ActiveDirectory

052.

Cmdlet

Get-ADResourcePropertyList ActiveDirectory

053.

Cmdlet

Get-ADResourcePropertyValueType ActiveDirectory

054.

Cmdlet

Get-ADRootDSE ActiveDirectory

055.

Cmdlet

Get-ADServiceAccount ActiveDirectory

056.

Cmdlet

Get-ADTrust ActiveDirectory

057.

Cmdlet

Get-ADUser ActiveDirectory

058.

Cmdlet

Get-ADUserResultantPasswordPolicy ActiveDirectory

059.

Cmdlet          Install-ADServiceAccount                          
 ActiveDirectory

060.

Cmdlet          Move-ADDirectoryServer                            
 ActiveDirectory

061.

Cmdlet          Move-ADDirectoryServerOperationMasterRole         
 ActiveDirectory

062.

Cmdlet          Move-ADObject                                     
 ActiveDirectory

063.

Cmdlet

New-ADCentralAccessPolicy ActiveDirectory

064.

Cmdlet

New-ADCentralAccessRule ActiveDirectory

065.

Cmdlet

New-ADClaimTransformPolicy ActiveDirectory

066.

Cmdlet

New-ADClaimType ActiveDirectory

067.

Cmdlet

New-ADComputer ActiveDirectory

068.

Cmdlet

New-ADDCCloneConfigFile ActiveDirectory

069.

Cmdlet

New-ADFineGrainedPasswordPolicy ActiveDirectory

070.

Cmdlet

New-ADGroup ActiveDirectory

071.

Cmdlet

New-ADObject ActiveDirectory

072.

Cmdlet

New-ADOrganizationalUnit ActiveDirectory

073.

Cmdlet

New-ADReplicationSite ActiveDirectory

074.

Cmdlet

New-ADReplicationSiteLink ActiveDirectory

075.

Cmdlet

New-ADReplicationSiteLinkBridge ActiveDirectory

076.

Cmdlet

New-ADReplicationSubnet ActiveDirectory

077.

Cmdlet

New-ADResourceProperty ActiveDirectory

078.

Cmdlet

New-ADResourcePropertyList ActiveDirectory

079.

Cmdlet

New-ADServiceAccount ActiveDirectory

080.

Cmdlet

New-ADUser ActiveDirectory

081.

Cmdlet          Remove-ADCentralAccessPolicy                      
 ActiveDirectory

082.

Cmdlet          Remove-ADCentralAccessPolicyMember                
 ActiveDirectory

083.

Cmdlet          Remove-ADCentralAccessRule                        
 ActiveDirectory

084.

Cmdlet          Remove-ADClaimTransformPolicy                     
 ActiveDirectory

085.

Cmdlet          Remove-ADClaimType                                
 ActiveDirectory

086.

Cmdlet          Remove-ADComputer                                 
 ActiveDirectory

087.

Cmdlet          Remove-ADComputerServiceAccount                   
 ActiveDirectory

088.

Cmdlet          Remove-ADDomainControllerPasswordReplicationPolicy
 ActiveDirectory

089.

Cmdlet          Remove-ADFineGrainedPasswordPolicy                
 ActiveDirectory

090.

Cmdlet          Remove-ADFineGrainedPasswordPolicySubject         
 ActiveDirectory

091.

Cmdlet          Remove-ADGroup                                    
 ActiveDirectory

092.

Cmdlet          Remove-ADGroupMember                              
 ActiveDirectory

093.

Cmdlet          Remove-ADObject                                   
 ActiveDirectory

094.

Cmdlet          Remove-ADOrganizationalUnit                       
 ActiveDirectory

095.

Cmdlet          Remove-ADPrincipalGroupMembership                 
 ActiveDirectory

096.

Cmdlet          Remove-ADReplicationSite                          
 ActiveDirectory

097.

Cmdlet          Remove-ADReplicationSiteLink                      
 ActiveDirectory

098.

Cmdlet          Remove-ADReplicationSiteLinkBridge                
 ActiveDirectory

099.

Cmdlet          Remove-ADReplicationSubnet                        
 ActiveDirectory

100.

Cmdlet          Remove-ADResourceProperty                         
 ActiveDirectory

101.

Cmdlet          Remove-ADResourcePropertyList                     
 ActiveDirectory

102.

Cmdlet          Remove-ADResourcePropertyListMember               
 ActiveDirectory

103.

Cmdlet          Remove-ADServiceAccount                           
 ActiveDirectory

104.

Cmdlet          Remove-ADUser                                     
 ActiveDirectory

105.

Cmdlet          Rename-ADObject                                   
 ActiveDirectory

106.

Cmdlet          Reset-ADServiceAccountPassword                    
 ActiveDirectory

107.

Cmdlet          Restore-ADObject                                  
 ActiveDirectory

108.

Cmdlet          Search-ADAccount                                  
 ActiveDirectory

109.

Cmdlet

Set-ADAccountControl ActiveDirectory

110.

Cmdlet

Set-ADAccountExpiration ActiveDirectory

111.

Cmdlet

Set-ADAccountPassword ActiveDirectory

112.

Cmdlet

Set-ADCentralAccessPolicy ActiveDirectory

113.

Cmdlet

Set-ADCentralAccessRule ActiveDirectory

114.

Cmdlet

Set-ADClaimTransformLink ActiveDirectory

115.

Cmdlet

Set-ADClaimTransformPolicy ActiveDirectory

116.

Cmdlet

Set-ADClaimType ActiveDirectory

117.

Cmdlet

Set-ADComputer ActiveDirectory

118.

Cmdlet

Set-ADDefaultDomainPasswordPolicy ActiveDirectory

119.

Cmdlet

Set-ADDomain ActiveDirectory

120.

Cmdlet

Set-ADDomainMode ActiveDirectory

121.

Cmdlet

Set-ADFineGrainedPasswordPolicy ActiveDirectory

122.

Cmdlet

Set-ADForest ActiveDirectory

123.

Cmdlet

Set-ADForestMode ActiveDirectory

124.

Cmdlet

Set-ADGroup ActiveDirectory

125.

Cmdlet

Set-ADObject ActiveDirectory

126.

Cmdlet

Set-ADOrganizationalUnit ActiveDirectory

127.

Cmdlet

Set-ADReplicationConnection ActiveDirectory

128.

Cmdlet

Set-ADReplicationSite ActiveDirectory

129.

Cmdlet

Set-ADReplicationSiteLink ActiveDirectory

130.

Cmdlet

Set-ADReplicationSiteLinkBridge ActiveDirectory

131.

Cmdlet

Set-ADReplicationSubnet ActiveDirectory

132.

Cmdlet

Set-ADResourceProperty ActiveDirectory

133.

Cmdlet

Set-ADResourcePropertyList ActiveDirectory

134.

Cmdlet

Set-ADServiceAccount ActiveDirectory

135.

Cmdlet

Set-ADUser ActiveDirectory

136.

Cmdlet          Sync-ADObject                                     
 ActiveDirectory

137.

Cmdlet          Test-ADServiceAccount                             
 ActiveDirectory

138.

Cmdlet          Uninstall-ADServiceAccount                        
 ActiveDirectory

139.

Cmdlet          Unlock-ADAccount                                  
 ActiveDirectory

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

How to Script the Export/Modify of Active Directory Objects Attributes

How to Script the Export/Modify of Active Directory Objects Attributes

Table of Contents

DSQUERY

Powershell

Quest Powershell Script

Find some specific attributes for a OU users using powershell

Find users attributes (Users input from a Text file)

Below example for user attributes

How to reset the passwords for some specific users

How to update the manager field for bulk users.

Which commands are in the Active Directory module

See Also