Home » PowerShell » Get AdUser LDAP Filter in PowerShell

Get AdUser LDAP Filter in PowerShell

Using the Get-AdUser cmdlet with LDAP Filter, you can use the Filter rule surrounded by ( ) to get aduser in the active directory.LDAP is Lightweight Directory Access Protocol to access and modify different objects in the Active Directory.

In this article, we will discuss how to use get adusers using the LDAP Filter in PowerShell with different get adusers LDAP filter examples.

Use Get-AdUser LDAP Filter with first name and Surname

To get an aduser using the first name and surname from the active directory, use the Get-AdUser LDAP filter.

Get-ADUser -LDAPFilter "(&(GivenName=Chris)(Sn=Dore))" | Select Name, Enabled

In the above PowerShell script, the Get-AdUser uses LDAPFilter to specify a filter rule to get aduser filter by first name and surname.

The output of the above PowerShell script to get the aduser filter by first name and surname gets users and display name and aduser enabled status.

PS C:\> Get-ADUser -LDAPFilter "(&(GivenName=Chris)(Sn=Dore))" | Select Name, Enabled

Name       Enabled
----       -------
Chris Dore    True

PS C:\>

Get AdUser LDAP Filter with Multiple Attributes

In the Get-AdUser LDAPFilter, you can specify the multiple attributes in the filter rule to get active directory user objects.

For example, if you want to get users from the Sales department in a specified postal code, run the following code.

Get-ADUser -LDAPFilter "(&(Department=SALES)(PostalCode=77001))"

In the above PowerShell script, the Get-AdUser cmdlet uses the LDAPFilter parameter to specify the filter rule.

We have specified multiple attributes like Department and PostalCode to retrieve the adusers from the active directory.

The output of the above script to get adusers LDAP Filter by multiple properties is:

PS C:\> Get-ADUser -LDAPFilter "(&(Department=SALES)(PostalCode=77001))"

DistinguishedName : CN=Tom Smith,OU=SALES,DC=SHELLPRO,DC=LOCAL
Enabled           : True
GivenName         : Tom
Name              : Tom Smith
ObjectClass       : user
ObjectGUID        : 1f3a2572-2621-4e47-9bdf-81d1f8172f69
SamAccountName    : toms
SID               : S-1-5-21-1326752099-4012446882-462961959-1103
Surname           : Smith
UserPrincipalName : [email protected]


I hope the above article on how to get aduser using the LDAP filter is helpful to you.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.

Leave a Comment