Home » PowerShell » Get AD User Attributes in PowerShell

Get AD User Attributes in PowerShell

by

Active Directory is a central repository that stores information about users, computers, and other objects in the Windows network. Often administrators need to retrieve the active directory user attributes for reporting or automation tasks.

The Get-AdUser cmdlet in PowerShell retrieves the specified user object information or multiple users account information based on a search in the Active Directory.

In this article, we will discuss how to get aduser attributes using the Get-AdUser command in PowerShell.

Table of Contents hide
1 How to Get AdUser Attributes in PowerShell
2 Conclusion

How to Get AdUser Attributes in PowerShell

Use the Get-AdUser command in PowerShell to get the information about the Active Directory user. This command uses the Properties * parameter to fetch all of the attributes that are set on the object.

To get aduser attributes in PowerShell, use the following command.

  1. Launch the PowerShell – Open the PowerShell terminal with administrator privileges.
  2. Type the command Get-AdUser -Identity toms -Properties * and hit enter.
Get-AdUser -Identity toms -Properties *

In the above PowerShell script, the Get-AdUser command uses the Identity parameter to specify the username for which we want to retrieve all the attributes. The Properties * parameter retrieves all attributes available for the given user in the Active Directory.

The output of the above PowerShell script returns a full list of ad attributes and their values associated with the ad user account.

Get AdUser Attributes in PowerShell
Get AdUser Attributes in PowerShell

It returns all the attributes for the aduser such as AccountExpires, City, CN, Company, Department DistinguishedName, etc…

To display the attributes such as DisplayName, Department, DeskLocation, and City, run the following PowerShell script.

Get-AdUser -Identity toms -Properties * | Select DisplayName, Department, DeskLocation,City

In the above PowerShell script, the Get-AdUser command retrieves the user information about the user specified by the Identity parameter named “toms“. This command uses the Properties * parameter to get all attributes and pipes the result user object to the Select command.

The Select command displays the DisplayName, Department, DeskLocation, and City name for the given user.

The output of the above PowerShell script displays the user attributes.

PS C:\> Get-AdUser -Identity toms -Properties * | Select DisplayName, Department, DeskLocation,City

DisplayName Department DeskLocation City
----------- ---------- ------------ ----
Tom Smith   SALES      B1D001       Houston


PS C:\>

Conclusion

I hope the above article on how to use the Get-AdUser command in PowerShell to get aduser all attributes is helpful to you.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.