Reputation: 3
How to Query an AD user in a different domain
I have this script that will query the local domain and unlock and account if it is currently locked. I'd like to run this same script however check a different domain. Can I get some help with the Get=AdUser command, i thought it would be -Server "Servername" for the other domain controller however this didn't work.
As per the feedback given I try the below where I have put in the domaincontroller name and it doesn't seem to work as I can't unlock the locked account. I see everything loading and I get the screen printout that it found the locked account but the account doesn't unlock.
$DomainController = 'domain1.local'
$AccountName = 'noctest'
$res = Get-ADUser -Identity $AccountName -Server $DomainController -
Properties LockedOut | Select-Object LockedOut
Write-Output $res
if ($res.lockedout -eq $true)
{
unlock-adaccount $AccountName
write-output "Account has Been Un-Locked"
exit
}
Write-Output "Account Not Locked."
Upvotes: 0
Views: 8382
Answers (1)
Reputation: 1226
Get-ADUser has a -server parameter that you can use to specify a domain controller that has a particular domain's information on it, this will work assuming you have access to that other domain
$DomainController = 'DomainControllerName'
$res = Get-ADUser -Identity noctest -Properties LockedOut -Server $DomainController | Select-Object LockedOut
if ($res.lockedout -eq $true)
{
unlock-adaccount noctest
write-output "Account has Been Un-Locked"
}
Upvotes: 1
Related Questions
- Powershell get aduser query by the emailaddress
- How to switch to another domain and get-aduser
- Powershell Script to query Active Directory
- Get-ADUser across domains - Help needed
- How To search for user across all domains?
- Pull User Info From AD
- Active Directory Querying with PowerShell
- Finding a User on one of many domains
- Querying AD from Powershell
- Use powershell to look up 'net user' on other domains?