Get-User
Users: Lists users in an Active Directory path
param(
[Parameter(Mandatory = $true)]
[string]$OUPath,
[string]$SamAccountName = "*",
[PSCredential]$DomainAccount,
[string]$DomainName,
[ValidateSet('Base', 'OneLevel', 'SubTree')]
[string]$SearchScope = 'SubTree',
[ValidateSet('Basic', 'Negotiate')]
[string]$AuthType = "Negotiate"
)
try {
Import-Module ActiveDirectory -ErrorAction Stop
if ([string]::IsNullOrWhiteSpace($SamAccountName)) {
$SamAccountName = "*"
}
[hashtable]$cmdArgs = @{
'ErrorAction' = 'Stop'
'AuthType' = $AuthType
}
if ($null -ne $DomainAccount) {
$cmdArgs.Add("Credential", $DomainAccount)
}
if ([System.String]::IsNullOrWhiteSpace($DomainName)) {
$cmdArgs.Add("Current", 'LocalComputer')
} else {
$cmdArgs.Add("Identity", $DomainName)
}
$Domain = Get-ADDomain @cmdArgs
$getArgs = @{
'ErrorAction' = 'Stop'
'Server' = $Domain.PDCEmulator
'AuthType' = $AuthType
'Filter' = "SamAccountName -like '$SamAccountName'"
'SearchBase' = $OUPath
'SearchScope' = $SearchScope
'Properties' = @('DistinguishedName', 'DisplayName', 'SamAccountName', 'UserPrincipalName', 'Enabled')
}
if ($null -ne $DomainAccount) { $getArgs.Add("Credential", $DomainAccount) }
$users = Get-ADUser @getArgs | Sort-Object DisplayName | Select-Object DisplayName, SamAccountName, UserPrincipalName, Enabled, DistinguishedName
if ($null -ne $users) {
Write-Output $users
} else {
Write-Output "No users found in OU '$OUPath' matching '$SamAccountName'."
}
} catch {
Write-Error $_
exit 1
}Specifies the Active Directory path (OU).
Filter by SAM account name. Supports wildcards (*). If empty, all users are retrieved.
Active Directory Credential for remote execution on jumphost without CredSSP.
Name of the Active Directory Domain.
Specifies the scope of the search (Base, OneLevel, SubTree).
Specifies the authentication method to use (Basic or Negotiate).