Table of Contents
Using Get-ADUser Cmdlet
We use Get-ADUser differently based on various use cases; let’s explore a few of them below.
Get Home Directory & Drive for One User
Use the Get-ADUser cmdlet to get the ad user’s home directory and home drive.
|
1 2 3 4 5 |
$username = 'Administrator' Get-ADUser -Identity $username -Properties * | Select HomeDirectory, HomeDrive |
|
1 2 3 4 5 |
HomeDirectory HomeDrive ------------- --------- \\mas-dc-01\Users\Administrator\Documents D: |
First, we initialized the $username variable with the Administrator; this was the username for whom we wanted to get the home directory and home drive. Don’t forget to replace it with your username.
Then, we used Get-AdUser cmdlet with -Identity and -Properties parameters to retrieve the specified username’s all properties. As we intended to grab all properties for further processing, we used the * wildcard character, which means all properties.
We piped them to the Select cmdlet (an alias of Select-Object) to select the HomeDirectory and HomeDrive with corresponding values. In our case, we set the HomeDirectory to a network share path; here mas-dc-01 was our computer name and Users\Administrator\Documents was the directory in the C: drive.
We can get network share path by mapping drives; see this article.
Get Home Directory & Drive for All Users
Use the Get-ADUser cmdlet to get a home directory and home drive for all users in an active directory.
|
1 2 3 4 |
Get-ADUser -Filter * -Properties * | Select HomeDirectory, HomeDrive |
|
1 2 3 4 5 |
HomeDirectory HomeDrive ------------- --------- \\mas-dc-01\Users\Administrator\Documents D: |
This code fence is similar to the previous example but we set the -Filter parameter to * to get all user’s required properties. We got the same output because we had only one user whose home directory and home drive were set.
Use CN Attribute to Get Home Directory & Drive
Use the Get-ADUser cmdlet to get SAMAccountName, HomeDirectory, and HomeDrive properties using the common name (`CN) attribute in an active directory.
|
1 2 3 4 |
Get-ADUser -Filter * -SearchBase "CN=Administrator,CN=Users,DC=maslab,DC=com" -Properties * | Select SAMAccountName, HomeDirectory, HomeDrive |
|
1 2 3 4 5 |
SamAccountName HomeDirectory HomeDrive -------------- ------------- --------- Administrator \\mas-dc-01\Users\Administrator\Documents D: |
The above code snippet resembles the previous ones but has two new things: the -SearchBase parameter, and the SAMAccountName property. The SamAccountName denoted the log-on name, while the -SearchBase parameter is used to specify the distinguished name (DN) of a search base for a user search.
Remember, the DN is always a unique identifier for an object in the active directory, which indicated the location of that object in the directory hierarchy. In the above example, we set the -SearchBase parameter to the "CN=Administrator,CN=Users,DC=maslab,DC=com".
It means that the search for user objects would be limited to a container with the DN as "CN=Administrator,CN=Users,DC=maslab,DC=com". In the specified DN, the CN=Administrator component specified the container’s name, whereas the CN=Users,DC=maslab,DC=com denoted the domain components (DCs) of a container’s parent object.
Using the -SearchBase parameter, we limited the scope of the search and improved the performance of the Get-ADUser cmdlet. This parameter is specifically useful when we need to search for the user objects in the large active directory domains with multiple containers and objects.
Can we do the same using the OU attribute? Yes, let’s do it by creating a brand new organizational unit and adding three users to it.
Use OU Attribute to Get Home Directory & Drive
To get a home directory and home drive for all users in an active directory:
- Use the
New-ADOrganizationalUnitcmdlet to create a new organizational unit. - Use the
New-AdUsercmdlet thrice to create three different users in the newly createdOU. - Use
Get-ADUsercmdlet to get required properties in a particularOU.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
New-ADOrganizationalUnit -Name "Test" -Path "DC=maslab,DC=com" New-ADUser -Name "Sam Bracewell" -AccountPassword (ConvertTo-SecureString "P@ssw0rd123" -AsPlainText -Force) -Path "OU=Test,DC=maslab,DC=com" New-ADUser -Name "johnwells" -AccountPassword (ConvertTo-SecureString "P@ssw0rd456" -AsPlainText -Force) -Path "OU=Test,DC=maslab,DC=com" New-ADUser -Name "mary.pearson" -AccountPassword (ConvertTo-SecureString "P@ssw0rd789" -AsPlainText -Force) -Path "OU=Test,DC=maslab,DC=com" Get-ADUser -Filter * -SearchBase "OU=Test,DC=maslab,DC=com" -Properties * | Select SAMAccountName, HomeDirectory, HomeDrive |
|
1 2 3 4 5 6 7 |
SamAccountName HomeDirectory HomeDrive -------------- ------------- --------- mary.pearson \\mas-dc-01\Mary D: johnwells \\mas-dc-01\John D: Sam Bracewell \\mas-dc-01\SamBracewell E: |
We used the New-ADOrganizationalUnit cmdlet with -Name and -Path parameters to create an active directory organizational unit. Then, we used New-ADUser to create active directory users in the newly created organizational unit (OU). How?
We specified the name and password of the new user account using the -Name and -AccountPassword parameters, while the -Path parameter specified the location of the OU where the new user account would be created. The ConvertTo-SecureString was used to convert the plain text to secure strings; we used this cmdlet while setting the password of the new user account.
Finally, we used the Get-ADUser cmdlet to retrieve all users’ SamAccountName, HomeDirectory, and HomeDrive from the Test organizational unit. Looking for the -SearchBase parameter explanation? We wrote about it in detail in the previous section.
We can also use the Out-File cmdlet as follows to export the output to the specified CSV file; see the following example.
|
1 2 3 4 5 |
Get-ADUser -Filter * -SearchBase "OU=Test,DC=maslab,DC=com" -Properties * | Select SAMAccountName, HomeDirectory, HomeDrive | Out-File C:\Output.csv |
|
1 2 3 4 5 6 7 |
SamAccountName HomeDirectory HomeDrive -------------- ------------- --------- mary.pearson \\mas-dc-01\Mary D: johnwells \\mas-dc-01\John D: Sam Bracewell \\mas-dc-01\SamBracewell E: |
That’s all about get AD USer home directory and home drive in PowerShell.
