PowerShell
Edit|Remove
Clear-Host 
import-module activedirectory 
Write-Host "Processing" 
$all_users_list=Get-ADUser -filter * -properties SamAccountName,sn,GivenName,mail,EmailAddress,LastLogonDate,Country,DistinguishedName,CanonicalName |  
select-object SamAccountName,sn,GivenName,mail,EmailAddress,LastLogonDate,Country,DistinguishedName,CanonicalName -ErrorAction silentlycontinue 
$all_users_list | Export-Csv -Path "d:\test\All_users_list.csv" -NoTypeInformation 
Write-Host "Done"
 
Set_OF_PS_Commands-AD_Users_Management.pdf

Set OF PS Commands-AD Users Management.txt

PowerShell
Edit|Remove
1#How to check Powershell Version? 
2#How to find Users from an OU using ADSI? 
4#How to find Locked out accounts? 
4A#To unlock an account 
5#Finding the Lockout Events 
6#Find some specific attributes for an OU users 
7#Find some specific attributes using input file 
8#How to reset the passwords for some specific users 
9#How to update the manager field for bulk users? 
10#How to update "ProfilePath","homeDrive" & "HomeDirectory" based on a input file? 
11#Find Users exist in AD or Not? 
12#Find users are enabled and have E-Mail and Homedirectory and PasswordExpired -eq false)} 
13#Also finding the Groupmembership. 
14#ProtectedFromAccidentalDeletion for all the users 
15# How to find the users property using ADSI. 
16#search-adaccount (Accounts Disable,inactive) 
17#All AD Users All attrs. 
18#Enable Bulk AD user accounts based on a input file 
19#Disabled Bulk AD user accounts based on a  input file 
 
::::::::Quest Powershell::::::::: 
1#Find the Disabled members from multiple GROUPS.  
2#Find the E-MAILs of Users form an particular OU  

  ***Provide the rating***

Getting Users ALL attributes input from TXT file.  OUTPUT file is CSV format. Need to create  file called Users.txt. See the following snap for the input file. Need to put the Samaccountname into the txt file. It is very simple one liner but Robust. You can query an OU helping with the below command.

 Search into an OU.      

PowerShell
Edit|Remove
PS C:\> get-aduser -f * -Searchbase "ou=powershell,dc=contoso,dc=com" -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName

  Search using a INPUT File - For few particular attributes

PowerShell
Edit|Remove
Cat c:\users.txt | get-aduser -Properties * | select-object SamAccountName,ProfilePath,HomeDirectory,homeDrive | Export-Csv c:\users.csv -NoTypeInformation
 users.txt. Below Users are SAMAccountname format.

Gettings few particular attributes.

PowerShell
Edit|Remove
PS C:\> get-content c:\users.txt | get-aduser -pr SamAccountName,PasswordExpired,whenChanged,UserPrincipalName
Using Foreach Loop
PowerShell
Edit|Remove
$Users = get-content C:\users.txt 
foreach ($user in $users) 
{ 
get-aduser $user -pr SamAccountName,givenName,Initials,sn,displayName,description,mail,department,company,HomeDirectory,MemberOf,Enabled  
 
}
Pull All Domain Users required attributes
  
User attributes
PowerShell
Edit|Remove
PS C:\> Get-ADUser -* -PR * 
 
 
AccountExpirationDate              : 
accountExpires                     : 0 
AccountLockoutTime                 : 
AccountNotDelegated                : False 
adminCount                         : 1 
AllowReversiblePasswordEncryption  : False 
BadLogonCount                      : 0 
badPasswordTime                    : 0 
badPwdCount                        : 0 
CannotChangePassword               : False 
CanonicalName                      : contoso.msft.net/Users/Administrator 
Certificates                       : {} 
City                               : 
CN                                 : Administrator 
codePage                           : 0 
Company                            : 
Country                            : 
countryCode                        : 0 
Created                            : 2/25/2014 4:10:10 PM 
createTimeStamp                    : 2/25/2014 4:10:10 PM 
Deleted                            : 
Department                         : 
Description                        : Built-in account for administering the computer/domain 
DisplayName                        : 
DistinguishedName                  : CN=Administrator,CN=Users,DC=contoso,DC=msft,DC=net 
Division                           : 
DoesNotRequirePreAuth              : False 
dSCorePropagationData              : {3/1/2014 9:01:02 AM, 2/26/2014 6:13:08 AM, 1/1/1601 5:30:00 AM} 
EmailAddress                       : 
EmployeeID                         : 
EmployeeNumber                     : 
Enabled                            : True 
Fax                                : 
GivenName                          : 
HomeDirectory                      : 
HomedirRequired                    : False 
HomeDrive                          : 
HomePage                           : 
HomePhone                          : 
Initials                           : 
instanceType                       : 4 
isCriticalSystemObject             : True 
isDeleted                          : 
LastBadPasswordAttempt             : 
LastKnownParent                    : 
lastLogoff                         : 0 
lastLogon                          : 130382227259461380 
LastLogonDate                      : 2/26/2014 6:26:27 AM 
lastLogonTimestamp                 : 130378497879488457 
LockedOut                          : False 
logonCount                         : 11 
logonHours                         : {255, 255, 255, 255...} 
LogonWorkstations                  : 
Manager                            : 
MemberOf                           : {CN=Group Policy Creator Owners,CN=Users,DC=contoso,DC=msft,DC=net, CN=Domain 
                                     Admins,CN=Users,DC=contoso,DC=msft,DC=net, 
                                     CN=Administrators,CN=Builtin,DC=contoso,DC=msft,DC=net} 
MNSLogonAccount                    : False 
MobilePhone                        : 
Modified                           : 2/26/2014 6:26:27 AM 
modifyTimeStamp                    : 2/26/2014 6:26:27 AM 
msDS-User-Account-Control-Computed : 0 
Name                               : Administrator 
nTSecurityDescriptor               : System.DirectoryServices.ActiveDirectorySecurity 
ObjectCategory                     : CN=Person,CN=Schema,CN=Configuration,DC=msft,DC=net 
ObjectClass                        : user 
ObjectGUID                         : e6f0f9f9-0840-41ba-a8a7-5b12822a0095 
objectSid                          : S-1-5-21-1482561378-30184458-2614481079-500 
Office                             : 
OfficePhone                        : 
Organization                       : 
OtherName                          : 
PasswordExpired                    : False 
PasswordLastSet                    : 2/26/2014 5:32:10 AM 
PasswordNeverExpires               : False 
PasswordNotRequired                : False 
POBox                              : 
PostalCode                         : 
PrimaryGroup                       : CN=Domain Users,CN=Users,DC=contoso,DC=msft,DC=net 
primaryGroupID                     : 513 
ProfilePath                        : 
ProtectedFromAccidentalDeletion    : False 
pwdLastSet                         : 130378465306093750 
SamAccountName                     : Administrator 
sAMAccountType                     : 805306368 
ScriptPath                         : 
sDRightsEffective                  : 15 
ServicePrincipalNames              : {} 
SID                                : S-1-5-21-1482561378-30184458-2614481079-500 
SIDHistory                         : {} 
SmartcardLogonRequired             : False 
State                              : 
StreetAddress                      : 
Surname                            : 
Title                              : 
TrustedForDelegation               : False 
TrustedToAuthForDelegation         : False 
UseDESKeyOnly                      : False 
userAccountControl                 : 512 
userCertificate                    : {} 
UserPrincipalName                  : 
uSNChanged                         : 13035 
uSNCreated                         : 8196 
whenChanged                        : 2/26/2014 6:26:27 AM 
whenCreated                        : 2/25/2014 4:10:10 PM 
 
AccountExpirationDate              : 
accountExpires                     : 9223372036854775807 
AccountLockoutTime                 : 
AccountNotDelegated                : False 
AllowReversiblePasswordEncryption  : False 
BadLogonCount                      : 0 
badPasswordTime                    : 0 
badPwdCount                        : 0 
CannotChangePassword               : True 
CanonicalName                      : contoso.msft.net/Users/Guest 
Certificates                       : {} 
City                               : 
CN                                 : Guest 
codePage                           : 0 
Company                            : 
Country                            : 
countryCode                        : 0 
Created                            : 2/25/2014 4:10:10 PM 
createTimeStamp                    : 2/25/2014 4:10:10 PM 
Deleted                            : 
Department                         : 
Description                        : Built-in account for guest access to the computer/domain 
DisplayName                        : 
DistinguishedName                  : CN=Guest,CN=Users,DC=contoso,DC=msft,DC=net 
Division                           : 
DoesNotRequirePreAuth              : False 
dSCorePropagationData              : {3/1/2014 9:01:02 AM, 1/1/1601 5:30:01 AM} 
EmailAddress                       : 
EmployeeID                         : 
EmployeeNumber                     : 
Enabled                            : False 
Fax                                : 
GivenName                          : 
HomeDirectory                      : 
HomedirRequired                    : False 
HomeDrive                          : 
HomePage                           : 
HomePhone                          : 
Initials                           : 
instanceType                       : 4 
isCriticalSystemObject             : True 
isDeleted                          : 
LastBadPasswordAttempt             : 
LastKnownParent                    : 
lastLogoff                         : 0 
lastLogon                          : 0 
LastLogonDate                      : 
LockedOut                          : False 
logonCount                         : 0 
LogonWorkstations                  : 
Manager                            : 
MemberOf                           : {CN=Guests,CN=Builtin,DC=contoso,DC=msft,DC=net} 
MNSLogonAccount                    : False 
MobilePhone                        : 
Modified                           : 2/25/2014 4:10:10 PM 
modifyTimeStamp                    : 2/25/2014 4:10:10 PM 
msDS-User-Account-Control-Computed : 0 
Name                               : Guest 
nTSecurityDescriptor               : System.DirectoryServices.ActiveDirectorySecurity 
ObjectCategory                     : CN=Person,CN=Schema,CN=Configuration,DC=msft,DC=net 
ObjectClass                        : user 
ObjectGUID                         : f2c28768-0f79-4330-a325-3b1c368647c4 
objectSid                          : S-1-5-21-1482561378-30184458-2614481079-501 
Office                             : 
OfficePhone                        : 
Organization                       : 
OtherName                          : 
PasswordExpired                    : False 
PasswordLastSet                    : 
PasswordNeverExpires               : True 
PasswordNotRequired                : True 
POBox                              : 
PostalCode                         : 
PrimaryGroup                       : CN=Domain Guests,CN=Users,DC=contoso,DC=msft,DC=net 
primaryGroupID                     : 514 
ProfilePath                        : 
ProtectedFromAccidentalDeletion    : False 
pwdLastSet                         : 0 
SamAccountName                     : Guest 
sAMAccountType                     : 805306368 
ScriptPath                         : 
sDRightsEffective                  : 15 
ServicePrincipalNames              : {} 
SID                                : S-1-5-21-1482561378-30184458-2614481079-501 
SIDHistory                         : {} 
SmartcardLogonRequired             : False 
State                              : 
StreetAddress                      : 
Surname                            : 
Title                              : 
TrustedForDelegation               : False 
TrustedToAuthForDelegation         : False 
UseDESKeyOnly                      : False 
userAccountControl                 : 66082 
userCertificate                    : {} 
UserPrincipalName                  : 
uSNChanged                         : 8197 
uSNCreated                         : 8197 
whenChanged                        : 2/25/2014 4:10:10 PM 
whenCreated                        : 2/25/2014 4:10:10 PM 
 
AccountExpirationDate              : 
accountExpires                     : 9223372036854775807 
AccountLockoutTime                 : 
AccountNotDelegated                : False 
adminCount                         : 1 
AllowReversiblePasswordEncryption  : False 
BadLogonCount                      : 0 
badPasswordTime                    : 0 
badPwdCount                        : 0 
CannotChangePassword               : False 
CanonicalName                      : contoso.msft.net/Users/krbtgt 
Certificates                       : {} 
City                               : 
CN                                 : krbtgt 
codePage                           : 0 
Company                            : 
Country                            : 
countryCode                        : 0 
Created                            : 2/25/2014 4:10:54 PM 
createTimeStamp                    : 2/25/2014 4:10:54 PM 
Deleted                            : 
Department                         : 
Description                        : Key Distribution Center Service Account 
DisplayName                        : 
DistinguishedName                  : CN=krbtgt,CN=Users,DC=contoso,DC=msft,DC=net 
Division                           : 
DoesNotRequirePreAuth              : False 
dSCorePropagationData              : {3/1/2014 9:01:02 AM, 2/26/2014 6:13:11 AM, 1/1/1601 5:30:00 AM} 
EmailAddress                       : 
EmployeeID                         : 
EmployeeNumber                     : 
Enabled                            : False 
Fax                                : 
GivenName                          : 
HomeDirectory                      : 
HomedirRequired                    : False 
HomeDrive                          : 
HomePage                           : 
HomePhone                          : 
Initials                           : 
instanceType                       : 4 
isCriticalSystemObject             : True 
isDeleted                          : 
LastBadPasswordAttempt             : 
LastKnownParent                    : 
lastLogoff                         : 0 
lastLogon                          : 0 
LastLogonDate                      : 
LockedOut                          : False 
logonCount                         : 0 
LogonWorkstations                  : 
Manager                            : 
MemberOf                           : {CN=Denied RODC Password Replication Group,CN=Users,DC=contoso,DC=msft,DC=net} 
MNSLogonAccount                    : False 
MobilePhone                        : 
Modified                           : 2/26/2014 6:13:07 AM 
modifyTimeStamp                    : 2/26/2014 6:13:07 AM 
msDS-User-Account-Control-Computed : 0 
Name                               : krbtgt 
nTSecurityDescriptor               : System.DirectoryServices.ActiveDirectorySecurity 
ObjectCategory                     : CN=Person,CN=Schema,CN=Configuration,DC=msft,DC=net 
ObjectClass                        : user 
ObjectGUID                         : 94e41543-cfd8-4bca-ab7d-c69dc7aa936b 
objectSid                          : S-1-5-21-1482561378-30184458-2614481079-502 
Office                             : 
OfficePhone                        : 
Organization                       : 
OtherName                          : 
PasswordExpired                    : False 
PasswordLastSet                    : 2/25/2014 4:10:54 PM 
PasswordNeverExpires               : False 
PasswordNotRequired                : False 
POBox                              : 
PostalCode                         : 
PrimaryGroup                       : CN=Domain Users,CN=Users,DC=contoso,DC=msft,DC=net 
primaryGroupID                     : 513 
ProfilePath                        : 
ProtectedFromAccidentalDeletion    : False 
pwdLastSet                         : 130377984545156250 
SamAccountName                     : krbtgt 
sAMAccountType                     : 805306368 
ScriptPath                         : 
sDRightsEffective                  : 15 
servicePrincipalName               : {kadmin/changepw} 
ServicePrincipalNames              : {kadmin/changepw} 
showInAdvancedViewOnly             : True 
SID                                : S-1-5-21-1482561378-30184458-2614481079-502 
SIDHistory                         : {} 
SmartcardLogonRequired             : False 
State                              : 
StreetAddress                      : 
Surname                            : 
Title                              : 
TrustedForDelegation               : False 
TrustedToAuthForDelegation         : False 
UseDESKeyOnly                      : False 
userAccountControl                 : 514 
userCertificate                    : {} 
UserPrincipalName                  : 
uSNChanged                         : 12847 
uSNCreated                         : 12300 
whenChanged                        : 2/26/2014 6:13:07 AM 
whenCreated                        : 2/25/2014 4:10:54 PM 
 
AccountExpirationDate              : 
accountExpires                     : 9223372036854775807 
AccountLockoutTime                 : 
AccountNotDelegated                : False 
AllowReversiblePasswordEncryption  : False 
BadLogonCount                      : 0 
badPasswordTime                    : 0 
badPwdCount                        : 0 
CannotChangePassword               : False 
CanonicalName                      : contoso.msft.net/Users/MSFT$ 
Certificates                       : {} 
City                               : 
CN                                 : MSFT$ 
codePage                           : 0 
Company                            : 
Country                            : 
countryCode                        : 0 
Created                            : 2/25/2014 4:10:54 PM 
createTimeStamp                    : 2/25/2014 4:10:54 PM 
Deleted                            : 
Department                         : 
Description                        : 
DisplayName                        : 
DistinguishedName                  : CN=MSFT$,CN=Users,DC=contoso,DC=msft,DC=net 
Division                           : 
DoesNotRequirePreAuth              : False 
dSCorePropagationData              : {3/1/2014 9:01:02 AM, 1/1/1601 5:30:01 AM} 
EmailAddress                       : 
EmployeeID                         : 
EmployeeNumber                     : 
Enabled                            : True 
Fax                                : 
GivenName                          : 
HomeDirectory                      : 
HomedirRequired                    : False 
HomeDrive                          : 
HomePage                           : 
HomePhone                          : 
Initials                           : 
instanceType                       : 4 
isCriticalSystemObject             : True 
isDeleted                          : 
LastBadPasswordAttempt             : 
LastKnownParent                    : 
lastLogoff                         : 0 
lastLogon                          : 0 
LastLogonDate                      : 
LockedOut                          : False 
logonCount                         : 0 
LogonWorkstations                  : 
Manager                            : 
MemberOf                           : {} 
MNSLogonAccount                    : False 
MobilePhone                        : 
Modified                           : 2/25/2014 4:10:54 PM 
modifyTimeStamp                    : 2/25/2014 4:10:54 PM 
msDS-User-Account-Control-Computed : 0 
Name                               : MSFT$ 
nTSecurityDescriptor               : System.DirectoryServices.ActiveDirectorySecurity 
ObjectCategory                     : CN=Person,CN=Schema,CN=Configuration,DC=msft,DC=net 
ObjectClass                        : user 
ObjectGUID                         : 06dde71a-c63e-4855-b7a6-8f6dcdff9bb9 
objectSid                          : S-1-5-21-1482561378-30184458-2614481079-1101 
Office                             : 
OfficePhone                        : 
Organization                       : 
OtherName                          : 
PasswordExpired                    : False 
PasswordLastSet                    : 2/25/2014 4:10:54 PM 
PasswordNeverExpires               : False 
PasswordNotRequired                : True 
POBox                              : 
PostalCode                         : 
PrimaryGroup                       : CN=Domain Users,CN=Users,DC=contoso,DC=msft,DC=net 
primaryGroupID                     : 513 
ProfilePath                        : 
ProtectedFromAccidentalDeletion    : False 
pwdLastSet                         : 130377984546875000 
SamAccountName                     : MSFT$ 
sAMAccountType                     : 805306370 
ScriptPath                         : 
sDRightsEffective                  : 15 
ServicePrincipalNames              : {} 
SID                                : S-1-5-21-1482561378-30184458-2614481079-1101 
SIDHistory                         : {} 
SmartcardLogonRequired             : False 
State                              : 
StreetAddress                      : 
Surname                            : 
Title                              : 
TrustedForDelegation               : False 
TrustedToAuthForDelegation         : False 
UseDESKeyOnly                      : False 
userAccountControl                 : 2080 
userCertificate                    : {} 
UserPrincipalName                  : 
uSNChanged                         : 12411 
uSNCreated                         : 12408 
whenChanged                        : 2/25/2014 4:10:54 PM 
whenCreated                        : 2/25/2014 4:10:54 PM 
 
 
 
PS C:\> 
 ADD users in a Security Group (Input txt)
PowerShell
Edit|Remove
ipmo ActiveDirectory  
Get-Content "c:\users.txt" | % {  
Add-ADGroupMember -server DC001 -Identity Mygroupname -Member $_ 
}
If you don't have any tool for query AD user. You can use below lines.
PowerShell
Edit|Remove
 $Prop = [ordered]@{}  
 $Prop.DisplayName =([adsisearcher]"(anr=bshwjt)").FindOne().Properties['displayname']  
 $Prop.FirstName = ([adsisearcher]"(anr=bshwjt)").FindOne().Properties['GivenName'] 
 $Prop.LastName = ([adsisearcher]"(anr=bshwjt)").FindOne().Properties['SN'] 
 $Prop.Manager = ([adsisearcher]"(anr=bshwjt)").FindOne().Properties['Manager']  
 New-Object PSObject -property $Prop | FL
List of All Privillaged Users-Domainwise
PowerShell
Edit|Remove
IPMO ac* 
Get-aduser -ldapfilter "(objectcategory=person)(admincount=1)" -Properties * |  
Select samaccountname,displayname,Enabled,Lastlogondate -ErrorAction silentlycontinue |  
Export-Csv -Path "C:\scripts\All_users_list.csv" -NoTypeInformation
 
 
 
Biswajit Biswas a.k.a bshwjt
Infrastructure Engineer – Active Directory, Microsoft PKI, ADFS
Windows PowerShell
MSDN Script Gallery | Microsoft Community Contributor

Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.