CODEWITHSUNDEEP
powershellactive-directoryattributes
DCinkaz
DCinkaz

Reputation: 13

Get ADUser attributes without Get-ADUser

Is it possible to get current users AD attributes without Get-ADUser? Am new to powershell. I need to get few attributes like title, email & department for user. I tried use :

get-wmiobject  -Class win32_useraccount  -Filter "name='John.Doe'" | select *
PSComputerName     : NY-Z343
Status             : OK
Caption            : BEAZL-INC\john.doe
PasswordExpires    : False
__GENUS            : 2
__CLASS            : Win32_UserAccount
__SUPERCLASS       : Win32_Account
__DYNASTY          : CIM_ManagedSystemElement
__RELPATH          : Win32_UserAccount.Domain="BEAZL-INC",Name="john.doe"
__PROPERTY_COUNT   : 16
__DERIVATION       : {Win32_Account, CIM_LogicalElement, CIM_ManagedSystemElement}
__SERVER           : NY-Z343
__NAMESPACE        : rootcimv2
__PATH             : \BEAZL-INCrootcimv2:Win32_UserAccount.Domain="BEAZL-INC",Name="john.doe"
AccountType        : 512
Description        : Dude account for gaming
Disabled           : False
Domain             : BEAZL-INC
FullName           : John Doe
InstallDate        :
LocalAccount       : False
Lockout            : False
Name               : john.doe
PasswordChangeable : True
PasswordRequired   : False
SID                : S-1-5-21-3384058-193304-10174538-501
SIDType            : 1
Scope              : System.Management.ManagementScope
Path               : \\NY-Z343\root\clmv2:Win32_UserAccount.Domain="BEAZL-INC",Name="john.doe"
Options            : System.Management.ObjectGetOptions
ClassPath          : \\NY-Z34\root\clmv2:Win32_UserAccount
Properties         : {AccountType, Caption, Description, Disabled...}
SystemProperties   : {__GENUS, __CLASS, __SUPERCLASS, __DYNASTY...}
Qualifiers         : {dynamic, Locale, provider, UUID}
Site               :
Container          :

Upvotes: 1

Views: 1954

Answers (1)

Gabriel Luci
Gabriel Luci

Reputation: 40998

Yes, you can use [adsisearcher], which is a type accelerator for .NET's DirectorySearcher class. This doesn't require installing anything additional.

Here's an example that will search for a user by the name attribute and return the title, mail, and department attributes:

# This is the search filter
$searcher = [adsisearcher]"(&(objectClass=user)(objectCategory=person)(name=John.Doe))"

# List all the propterties you want to use
$searcher.PropertiesToLoad.AddRange(@("title", "mail", "department"))

# By default, it will search the same domain as the logged in user.
# If you need to search a different domain, uncomment and edit this line.
# $searcher.SearchRoot = [adsi]"LDAP://example.com"

$user = $searcher.FindOne()

$title = $user.Properties["title"][0]

Upvotes: 3

Related Questions