Managing Windows Active Directory With PowerShell - Query AD - I

As we now understand about attributes in AD, we can use this information to query Active Directory to get information that we or our end users are requesting.

Being an AD admin you would be getting lots of queries from end users to get information from active directory like who are the members of this group or how many users are disabled in AD or hows many computer accounts are in disabled state, list of users from particular criteria etc.etc. and list goes on..

Sometimes it becomes tedious task to gather information that users are requesting but if need not to worry as we have PowerShell to help us, using PowerShell it becomes very easy to query active directory and gather information in structured way.

So lets dive IN.....

To query active directory we need understand below terms.

1. Property:- properties are nothing but attributes possessed by AD object e.g. sAMAccountName, mail, Address etc.
2. Filter:- filters are used to narrow down information and fetch selective information that we are interested in.
3. Custom Formatting:- Information gets stored in attributes in different data types like string(e.g Name), array(e.g. MemberOf),Boolean(e.g Enabled) and Dates(e.g. AccountExpirationDate) but not limited to these and there are different ways of formatting this information in order to make it user friendly, using custom formatting we can fetch data from AD in the format that we are interested in which helps us to provide data to our end users in the manner that they could understand and make utilization of data that we have provided. in upcoming topics we will focus on custom formatting as well.

So in next blog we will start with how to query active directory and try to understand how we can we make use Properties for fetching required data. we will focus on cmdlet Get-ADUser and once you understand how to query AD Users using Get-ADUser, you can use same techniques for querying other AD objects.