Tools Links Login

Essential PowerShell Queries for AD Admins

Are you still clicking through Active Directory Users and Computers to find information about your users and computers? There's a better way! PowerShell provides powerful tools for querying Active Directory that can save you hours of work and help you gather insights about your environment in seconds. In the code samples below, we'll explore practical PowerShell commands that every IT administrator should know for efficiently managing and monitoring their Active Directory infrastructure. Whether you're tracking down inactive user accounts, auditing computer systems, or generating reports, these PowerShell techniques will become an essential part of your administrative toolkit.

Query for User Information

# Get basic information for a specific user
Get-ADUser -Identity "username"

# Get detailed information for a specific user
Get-ADUser -Identity "username" -Properties *

# Find all users in a specific OU
Get-ADUser -Filter * -SearchBase "OU=Sales,DC=mydomain,DC=com"

# Find all disabled user accounts
Get-ADUser -Filter {Enabled -eq $false}

# Find users who haven't logged in for 90 days
$date = (Get-Date).AddDays(-90)
Get-ADUser -Filter {LastLogonDate -lt $date} -Properties LastLogonDate

Query for Computer Information

# Get basic information for a specific computer
Get-ADComputer -Identity "computername"

# Get detailed information for a specific computer
Get-ADComputer -Identity "computername" -Properties *

# Find all computers in a specific OU
Get-ADComputer -Filter * -SearchBase "OU=Workstations,DC=mydomain,DC=com"

# Find all disabled computer accounts
Get-ADComputer -Filter {Enabled -eq $false}

# Find computers that haven't communicated with the domain for 30 days
$date = (Get-Date).AddDays(-30)
Get-ADComputer -Filter {LastLogonDate -lt $date} -Properties LastLogonDate

Combining User and Computer Queries

# Get the computer object for a user's primary computer
$user = Get-ADUser -Identity "username" -Properties *
Get-ADComputer -Identity $user.PrimaryComputer

# Find all users in a specific group
Get-ADGroupMember -Identity "GroupName" | Where-Object {$_.objectClass -eq "user"}

# Get all computers with a specific operating system
Get-ADComputer -Filter 'OperatingSystem -like "*Windows 10*"' -Properties OperatingSystem

Advanced Queries

# Find users with a specific job title
Get-ADUser -Filter 'Title -eq "Manager"' -Properties Title

# Get all user accounts created in the last 7 days
$date = (Get-Date).AddDays(-7)
Get-ADUser -Filter {Created -ge $date} -Properties Created

# Find computers with a specific IP address
Get-ADComputer -Filter 'IPv4Address -eq "192.168.1.100"' -Properties IPv4Address

# Get all users and computers in a specific OU, including nested OUs
Get-ADObject -Filter {(ObjectClass -eq "user") -or (ObjectClass -eq "computer")} -SearchBase "OU=Department,DC=mydomain,DC=com" -SearchScope Subtree

These examples demonstrate various ways to query Active Directory for user and computer information using PowerShell. Remember to replace "username", "computername", "GroupName", and the domain controller names (DC=mydomain,DC=com) with your actual values.

To use these commands, you'll need to have the Active Directory module for PowerShell installed. If it's not already available, you can install it using:

Import-Module ActiveDirectory

These queries can be further customized and combined to create more complex scripts for managing and reporting on your Active Directory environment.

About this post

Posted: 2025-05-29
By: dwirch
Viewed: 11 times

Categories

Active Directory

Scripting

Powershell

Attachments

No attachments for this post

Loading Comments ...

Comments

No comments have been added for this post.

You must be logged in to make a comment.