名前
Get-QADUser
概要
Retrieve all users in a domain or container that match the specified condit
ions. Supported are both Active Directory Doman Services (AD DS) and Active
Directory Lightweight Directory Services (AD LDS).
構文
Get-QADUser [[-Identity] <String>] [-Name <String>] [-Anr <String>] [-LdapF
ilter <String>] [-SearchRoot <String>] [-SearchScope <SearchScope>] [-PageS
ize <Int32>] [-SizeLimit <Int32>] [-WildcardMode <WildcardMode>] [-Attribut
eScopeQuery <String>] [-IncludeAllProperties] [-ReturnPropertyNamesOnly] [-
DontUseDefaultIncludedProperties] [-SerializeValues] [-DontConvertValuesToF
riendlyRepresentation] [-Disabled] [-Enabled] [-Locked] [-City <String>] [-
Company <String>] [-Department <String>] [-Fax <String>] [-FirstName <Strin
g>] [-HomePhone <String>] [-Initials <String>] [-LastName <String>] [-Manag
er <String>] [-MobilePhone <String>] [-Notes <String>] [-Office <String>] [
-Pager <String>] [-PhoneNumber <String>] [-PostalCode <String>] [-PostOffic
eBox <String>] [-SamAccountName <String>] [-StateOrProvince <String>] [-Str
eetAddress <String>] [-Title <String>] [-UserPrincipalName <String>] [-WebP
age <String>] [-UserPassword <String>] [-ObjectAttributes <Object>] [-Descr
iption <String>] [-DisplayName <String>] [-ExcludedProperties <String[]>] [
-IncludedProperties <String[]>] [-DeserializeValues] [-UseDefaultExcludedPr
operties [<Boolean>]] [-UseDefaultExcludedPropertiesExcept <String[]>] [-Pr
oxy] [-Service <String>] [-ConnectionAccount <String>] [-ConnectionPassword
<SecureString>] [-Credential <PSCredential>] [-Connection <ArsConnection>]
[-UseGlobalCatalog] [<CommonParameters>]
詳細説明
Use this cmdlet to search an Active Directory domain or container for user
accounts that meet certain search criteria, or to bind to a certain user ac
count by DN, SID, GUID, UPN or Domain\UserName. You can search by user attr
ibutes or specify your search criteria by using an LDAP search filter.
The output of the cmdlet is a collection of objects, with each object repre
senting one of the user accounts found by the cmdlet. You can pipe the outp
ut into another cmdlet, such as Set-QADUser, to make changes to the user ac
counts returned by this cmdlet.
The cmdlet takes a series of optional, attribute-specific parameters allowi
ng you to search by user attributes. The attribute-specific parameters have
effect if SearchRoot is specified while neither Identity nor LdapFilter is
supplied. If you specify SearchRoot only, then the cmdlet returns all user
s found in the SearchRoot container.
You can use attribute-specific parameters to search for user accounts that
have specific values of certain attributes. Thus, to find all user accounts
that have the givenName attribute set to Martin, you may add the following
on the command line: "-FirstName Martin". To search for user accounts that
have a certain attribute not set specify '' (empty string) as the paramete
r value.
If a given attribute is referred to by both the ObjectAttributes array and
an attribute-specific parameter, the ObjectAttributes setting has no effect
on that attribute. The cmdlet searches for the attribute value specified b
y the attribute-specific parameter.
With more than one attribute-specific parameter supplied, the search condit
ions are combined by using the AND operator, so as to find the user account
s that meet all the specified conditions. Thus, if you supply both the -Fir
stName and -LastName parameters, the cmdlet searches for the user accounts
that have the givenName attribute set to the FirstName parameter value and
the sn attribute set to the LastName parameter value.
Each of the attribute-specific parameters accepts the * wildcard character
in the parameter value to match zero or more characters (case-insensitive).
For instance, a* matches A, ag, Amsterdam, and does not match New York.
The cmdlet has optional parameters that determine the server and the securi
ty context for the operation. Normally, the connection parameters could be
omitted so far as a connection to a server is established prior to using th
e cmdlet. In this case, the server and the security context are determined
by the Connect-QADService cmdlet.
パラメータ
-Identity <String>
Specify the DN, SID, GUID, UPN or Domain\UserName of the user account y
ou want to find.
The cmdlet attempts to find the user that is identified by the value of
this parameter, disregarding the other parameters. If you want other p
arameters to have effect, do not supply any value of this parameter on
the command line.
必須 false
位置 1
既定値
パイプライン入力を許可する true (ByValue)
ワイルドカード文字を許可する false
-Name <String>
Search by the 'name' attribute'.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する true
-Anr <String>
Specify a value to be resolved using ambiguous name resolution (ANR). B
y default, the following attributes are set for ANR:
GivenName
Surname
displayName
LegacyExchangeDN
msExchMailNickname
RDN
physicalDeliveryOfficeName
proxyAddress
sAMAccountName
For instance, when you supply 'ann*' as the value of this parameter, th
e cmdlet searches for objects that have ann at the beginning of the val
ue of at least one of the attributes listed above.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する true
-LdapFilter <String>
Specify the LDAP search filter that defines your search criteria. Note
that the search filter string is case-sensitive.
The cmdlet disregards this parameter if an Identity value is supplied.
If you want this parameter to have effect, do not supply any Identity v
alue on the command line. Instead, supply a SearchRoot value.
With the LdapFilter parameter, the cmdlet disregards the attribute-spec
ific parameters. If you want to define search criteria based on specifi
c attributes, do not supply LdapFilter on the command line.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-SearchRoot <String>
Specify the DN, GUID or canonical name of the domain or container to se
arch. By default, the cmdlet searches the entire sub-tree of which Sear
chRoot is the topmost object (sub-tree search). This default behavior c
an be altered by using the SearchScope parameter.
The search criteria are defined by either the LdapFilter parameter valu
e or the values of attribute-specific parameters.
The cmdlet disregards this parameter if an Identity value is supplied.
If you want this parameter to have effect, do not supply any Identity v
alue on the command line.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-SearchScope <SearchScope>
Specify one of these parameter values:
'Base' Limits the search to the base (SearchRoot) object.
The result contains a maximum of one object.
'OneLevel' Searches the immediate child objects of the base (SearchR
oot)
object, excluding the base object.
'Subtree' Searches the whole sub-tree, including the base (SearchRo
ot)
object and all its child objects.
Normally, if this parameter is not supplied, the cmdlet performs a Subt
ree search. You can view or modify this default setting by using the Ge
t-QADPSSnapinSettings or Set-QADPSSnapinSettings cmdlet, respectively.
必須 false
位置 named
既定値 Subtree
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-PageSize <Int32>
Set the maximum number of items in each page of results that will be re
turned by the cmdlet. Normally, the default page size is 50. You can vi
ew or modify this default setting by using the Get-QADPSSnapinSettings
or Set-QADPSSnapinSettings cmdlet, respectively.
必須 false
位置 named
既定値 50
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-SizeLimit <Int32>
Set the maximum number of items to be returned by the cmdlet. Normally,
the default size limit is 1000. You can view or modify this default se
tting by using the Get-QADPSSnapinSettings or Set-QADPSSnapinSettings c
mdlet, respectively.
必須 false
位置 named
既定値 1000
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-WildcardMode <WildcardMode>
Specify either 'PowerShell' or 'LDAP' as the parameter value. Normally,
if this parameter is not supplied, the cmdlet assumes that WildcardMod
e is set to 'LDAP'. You can view or modify this default setting by usin
g the Get-QADPSSnapinSettings or Set-QADPSSnapinSettings cmdlet, respec
tively.
The 'PowerShell' value causes the cmdlet to use PowerShell wildcards an
d quoting rules. Wildcards are processed on the client side, which may
result in slow search performance.
For information about PowerShell wildcards and quoting rules, type the
following commands at the PowerShell command-prompt:
help about_wildcard
help about_quoting_rule
The 'LDAP' value causes the cmdlet to use LDAP wildcards (asterisks onl
y) and LDAP quoting rules (backslash as the escape character). Wildcard
s are processed on the server side, which enables faster search results
.
必須 false
位置 named
既定値 LDAP
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-AttributeScopeQuery <String>
Specify the LDAP display name of an attribute that has DN syntax (for e
xample, 'memberOf'). The cmdlet enumerates the distinguished name value
s of the attribute on the object specified by the SearchRoot parameter,
and performs the search on the objects represented by the distinguishe
d names. The SearchScope parameter has no effect in this case. The obje
ct to search must be specified by using the SearchRoot parameter rather
than the Identity parameter.
For instance, with the value of this parameter set to 'memberOf', the c
mdlet searches the collection of the groups to which the SearchRoot obj
ect belongs.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-IncludeAllProperties
Add this parameter on the command line if you want the cmdlet to retrie
ve and return all properties specific to the objects returned by the cm
dlet. Thus, when used in conjunction with the ReturnPropertyNamesOnly p
arameter, this parameter causes the cmdlet to return a string that list
s the names of the object properties. For examples of how to use this p
arameter, see help on the Get-QADUser and Get-QADObject cmdlets.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-ReturnPropertyNamesOnly
Add this parameter on the command line if you want the cmdlet to retrie
ve and return only the names of properties specific to the objects retu
rned by the cmdlet. Thus, when used in conjunction with the IncludeAllP
roperties parameter, this parameter causes the cmdlet to return a strin
g that lists the names of the object properties. For examples of how to
use this parameter, see help on the Get-QADUser and Get-QADObject cmdl
ets.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-DontUseDefaultIncludedProperties
Add this parameter on the command line if you want to limit the output
of the cmdlet to the names and type of the objects returned by the cmdl
et. Thus, if you want only to count the objects that meet certain condi
tions, you can use this parameter to increase performance of your searc
h. For examples of how to use this parameter, see help on the Get-QADUs
er cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-SerializeValues
Add this parameter on the command line if you want to export the output
of the cmdlet to a CSV or XML file. For examples of how to use this pa
rameter, see help on the Get-QADUser cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-DontConvertValuesToFriendlyRepresentation
Supply this parameter on the command line if you want the cmdlet to rep
resent the Integer8 and OctetString attribute values "as is," without c
onverting them to a user-friendly, human-readable form. If this paramet
er is omitted, the cmdlet performs the following data conversions:
- The values of the Integer8 attributes listed in the
Integer8AttributesThatContainDateTimes array
(see the parameter descriptions for the
Get-QADPSSnapinSettings and Set-QADPSSnapinSettings
cmdlets) are converted from IADsLargeInteger to DateTime
- The values of the Integer8 attributes listed in the
Integer8AttributesThatContainNegativeTimeSpans array
(see the parameter descriptions for the
Get-QADPSSnapinSettings and Set-QADPSSnapinSettings
cmdlets) are converted from IADsLargeInteger to TimeSpan
- The values of the other Integer8 attributes are
converted from IADsLargeInteger to Int64
- The values of the OctetString attributes are converted
from byte[] to BinHex strings
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Disabled
Supply this parameter on the command line if you want the search result
s produced by this cmdlet to include only those user accounts that are
disabled.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Enabled
Supply this parameter on the command line if you want the search result
s produced by this cmdlet to include only those user accounts that are
enabled (not disabled).
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Locked
Supply this parameter on the command line if you want the search result
s produced by this cmdlet to include only those user accounts that are
locked out.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-City <String>
Search by the 'l' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Company <String>
Search by the 'company' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Department <String>
Search by the 'department' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Fax <String>
Search by the 'facsimileTelephoneNumber' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-FirstName <String>
Search by the 'givenName' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-HomePhone <String>
Search by the 'homePhone' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Initials <String>
Search by the 'initials' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-LastName <String>
Search by the 'sn' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Manager <String>
Search by the 'manager' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-MobilePhone <String>
Search by the 'mobile' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Notes <String>
Search by the 'info' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Office <String>
Search by the 'physicalDeliveryOfficeName' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Pager <String>
Search by the 'pager' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-PhoneNumber <String>
Search by the 'telephoneNumber' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-PostalCode <String>
Search by the 'postalCode' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-PostOfficeBox <String>
Search by the 'postOfficeBox' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-SamAccountName <String>
Search by the 'sAMAccountName' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-StateOrProvince <String>
Search by the 'st' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-StreetAddress <String>
Search by the 'streetAddress' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-Title <String>
Search by the 'title' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-UserPrincipalName <String>
Search by the 'userPrincipalName' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-WebPage <String>
Search by the 'wWWHomePage' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-UserPassword <String>
This parameter is not used.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-ObjectAttributes <Object>
Specify an associative array that defines the attributes to search. The
array syntax:
@{attr1='val1';attr2='val2';...}
In this syntax, each of the key-value pairs is the LDAP display name an
d the value of an attribute to search. A value may include an asterisk
character - a wildcard representing any group of characters. Thus, pass
ing the @{name='A*';l='paris'} array to the ObjectAttributes parameter
causes the cmdlet to search for objects that match the following condit
ion: The value of the 'name' attribute begins with A and the 'City' att
ribute is set to 'Paris'.
For information about associative arrays, type the following command at
the PowerShell command-prompt:
help about_associative_array
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-Description <String>
Search by the 'description' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-DisplayName <String>
Search by the 'displayName' attribute.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する true
-ExcludedProperties <String[]>
Specify the LDAP display names of the object properties that you do not
want the cmdlet to process. If you omit this parameter, the list of th
e properties that the cmdlet will not process is determined by the defa
ult configuration of the cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-IncludedProperties <String[]>
Specify the LDAP display names of the object properties that you want t
he cmdlet to process. If you omit this parameter, the list of the prope
rties that the cmdlet will process is determined by the default configu
ration of the cmdlet. If the cmdlet is set to exclude certain propertie
s from processing, the excluded properties are not processed regardless
of this parameter setting. For examples of how to use this parameter,
see help on the Get-QADUser cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-DeserializeValues
Supply this parameter on the command line if the input you pass to the
cmdlet contains serialized attribute values (for instance, when importi
ng an object from a CSV or XML file). For examples of how to export and
import an object, see help on the Get-QADUser cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-UseDefaultExcludedProperties [<Boolean>]
When set to 'true', this parameter causes the cmdlet not to process the
object properties that are to be excluded from processing by default.
The default list of the excluded properties can be viewed or modified b
y using the Get-QADPSSnapinSettings or Set-QADPSSnapinSettings cmdlet,
respectively.
必須 false
位置 named
既定値 false
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-UseDefaultExcludedPropertiesExcept <String[]>
Specify the LDAP display names of the object properties that you want t
he cmdlet to process even though one or more of them are to be excluded
from processing by default.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByPropertyName)
ワイルドカード文字を許可する false
-Proxy
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Service <String>
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-ConnectionAccount <String>
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-ConnectionPassword <SecureString>
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Credential <PSCredential>
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
-Connection <ArsConnection>
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する true (ByValue)
ワイルドカード文字を許可する false
-UseGlobalCatalog
For parameter description, see help on the Connect-QADService cmdlet.
必須 false
位置 named
既定値
パイプライン入力を許可する false
ワイルドカード文字を許可する false
<CommonParameters>
このコマンドレットは、次の共通パラメータをサポートします: -Verbose、-Debug、
-ErrorAction、-ErrorVariable、および -OutVariable。詳細については、
「get-help about_commonparameters」と入力してヘルプを参照してください。
入力の種類
戻り値の型
メモ
-------------- Example 1 --------------
C:\PS>(get-QADUser 'CN=John Smith,OU=CompanyOU,DC=company,DC=com').Director
yEntry.description
Connect to any available domain controller with the credentials of the loca
lly logged on user, bind to a specific user account by DN, and display the
user description.
-------------- Example 2 --------------
C:\PS>$pw = read-host "Enter password" -AsSecureString
connect-QADService -service 'server.company.com' -ConnectionAccount 'compan
y\administrator' -ConnectionPassword $pw
(get-QADUser -identity 'S-1-5-21-1279736177-1630491018-182859109-1305').Dir
ectoryEntry.description
disconnect-QADService
Connect to a specific domain controller with the credentials of a specific
user, bind to a certain user account by SID, display the user description,
and then disconnect.
-------------- Example 3 --------------
C:\PS>get-QADUser -SearchRoot 'company.com/UsersOU' -LdapFilter '(descripti
on=a*)'
Connect to any available domain controller with the credentials of the loca
lly logged on user, search for users in a specific container by using an LD
AP search filter, and display a list of the users found.
-------------- Example 4 --------------
C:\PS>get-QADUser -SearchRoot 'company.com/UsersOU' | %{$_.DirectoryEntry.d
istinguishedName, $_.DirectoryEntry.description}
Connect to any available domain controller with the credentials of the loca
lly logged on user, find all users in a specific container, and display a l
ist of the users found.
-------------- Example 5 --------------
C:\PS>$pw = read-host "Enter password" -AsSecureString
connect-QADService -ConnectionAccount 'company\administrator' -ConnectionPa
ssword $pw
get-QADUser -SearchRoot 'company.com/UsersOU' –title '' | set-QADUser -titl
e 'A title'
disconnect-QADService
Connect to any available domain controller with the credentials of a specif
ic user, search a certain container to find all users with empty title, set
a title for each of those users, and then disconnect.
-------------- Example 6 --------------
C:\PS>connect-QADService -service 'localhost' -proxy
get-QADUser -SearchRoot 'company.com/UsersOU' –name 'a*' –ObjectAttributes
@{name='B*';title='*manager'} | set-QADUser -description 'A manager whose n
ame begins with A'
disconnect-QADService
Connect to the local Administration Service with the credentials of the loc
ally logged on user, find all users whose names begin with 'A' and titles e
nd in 'Manager' and modify the description for each of those users; then, d
isconnect.
Note that the condition based on the Name parameter overrides the condition
imposed on the 'Name' attribute by the ObjectAttributes parameter, so you
could omit the Name parameter and type name='A*' instead of name='B*' in th
e value of the ObjectAttributes parameter, or you could only remove the nam
e='B*' entry from the value of the ObjectAttributes parameter.
-------------- Example 7 --------------
C:\PS>Get-QADUser -IncludeAllProperties -ReturnPropertyNamesOnly
List the names of the properties specific to a user object.
-------------- Example 8 --------------
C:\PS>Get-QADUser JSmith -IncludeAllProperties -SerializeValues | Format-Li
st
List the values of all properties of the user account.
-------------- Example 9 --------------
C:\PS>Get-QADUser jsmith -IncludeAllProperties -SerializeValues | Export-Cl
ixml user.xml
Export the user account to an XML file. Exported are the values of all prop
erties.
-------------- Example 10 --------------
C:\PS>Get-QADUser -DontUseDefaultIncludedProperties -ObjectAttributes @{hom
eDirectory='*'} -IncludedProperties 'msDS-ReplAttributeMetaData',homeDirect
ory | Format-Table name, homeDirectory, 'msDS-ReplAttributeMetaData'
Find user objects with a non-empty value of the 'homeDirectory' property, a
nd display the values of the 'Name', 'HomeDirectory' and 'msDS-ReplAttribut
eMetaData' properties for each object found.
-------------- Example 11 --------------
C:\PS>Get-QADuser jsmith -SerializeValues | export-csv user.csv
import-csv user.csv | New-QADUser -ParentContainer MyDomain.lab.local/MyOU
-DeserializeValues -Name importedUser -LogonName importedUser -UserPassword
'P@ssw0rd'
Export the user object to a CSV file. Then, import that user object from th
at file.
-------------- Example 12 --------------
C:\PS>Get-QADUser -DontUseDefaultIncludedProperties -SizeLimit 0 | Measure-
Object
Count all user objects that exist in your Active Directory domain.
-------------- Example 13 --------------
C:\PS>get-QADUser -Service 'server.domain.local:389' -SearchRoot '<DN of co
ntainer>' -LdapFilter '(description=a*)' | Format-List name,description
Connect to the AD LDS instance on 'server.domain.local:389' with the creden
tials of the locally logged on user, search a specific container to find al
l AD LDS user objects matching a certain LDAP search filter, and display th
e name and description of each user object found.
-------------- Example 14 --------------
C:\PS>get-QADUser '<DN of user object>' -Service 'server.domain.local:389'
| Format-List name,description
Connect to the AD LDS instance on 'server.domain.local:389' with the creden
tials of the locally logged on user, and display the name and description o
f the AD LDS user object that is identified by DN.
