Powershell Get Domain User的几种方法


$User=Get-ADUser -identity wendy -Properties * 


$Users=Get-ADUser -Filter * -SearchScope Subtree -SearchBase "OU=xx,OU=xx,dc=xx,dc=xx,dc=xx" -Properties *
foreach($user in $users)
  #$User=Get-ADUser -identity wendy -Properties * 
  $info=New-Object Psobject
  $info |Add-Member -MemberType NoteProperty -Name 姓名 -Value $name
$CurrentDate = Get-Date
$CurrentDate = $CurrentDate.ToString('yyyy-MM-dd')
$export |Export-Csv D:\ps\userPermissioninfo_$CurrentDate.csv -Encoding UTF8 -NoTypeInformation
function Get-OUWithObjects
Function to get all OUs that contain Users, Groups, or Contacts.
This function requires Quest ActiveRoles AD Management to be installed. The purpose of this
script is to go out and find any and all OrganizationalUnits which contain Users, Groups, or
Contacts. It performs a count on each type of object and prints them to a CSV File. This is
a useful tool for any Admin getting ready to perform an Active Directory migration in order
to better understand the existing environment. This script does not require and special
privelages in order to run as you're only reading from Active Directory.
This allows you to input as many domains as you'd like to scan against. (ex.
-Domains "domain1","domain2","domain3" )
This specifies the directory path and file name for the CSV output. (ex. -Outfile c:\temp.csv)
Name: Get-OUWithObjects.ps1
Author: Josh Schofield
DateCreated: 12/28/2012
Get-OUWithObjects -Domains "Domain1","Domain2" -OutFile "C:\temp\test.csv"
if ((Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"}) -eq $null){Write-Error "Quest.ActiveRoles.ADManagement NOT Installed"}
else {
Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"} | Add-PSSnapin | Out-Null
if ((test-path $OutFile) -eq "True"){del $OutFile}
$output = @()
foreach ($domain in $domains) {
Connect-QADService $domain
Get-QADObject -Type "organizationalunit" -IncludedProperties name,type,parentcontainer,dn -SizeLimit 0| %{
$ouname = $_.name
$parentcontainer = $_.parentcontainer
$adobjects = get-qadobject -SearchRoot $_.dn -SearchScope OneLevel -IncludedProperties type,name -SizeLimit 0 | where {(($_.type -eq "contact") -or ($_.type -eq "user") -or ($_.type -eq "group"))}
$users = $adobjects | where {$_.type -eq "user"}
$groups = $adobjects | where {$_.type -eq "group"}
$contacts = $adobjects | where {$_.type -eq "contact"}
$results =  "" | Select Domain, Name, UserCount, GroupCount, ContactCount, ParentContainer
$results.Domain = $domain
$results.Name = $ouname
$results.ParentContainer = $parentcontainer
if ($users -ne $null) {
$results.UserCount = $users.count
} #End of User Check
if ($groups -ne $null) {
$results.GroupCount = $groups.count
} #End of User Check
if ($contacts -ne $null) {
$results.ContactCount = $contacts.count
} #End of User Check
$output += $results
Clear-Variable $results -ErrorAction SilentlyContinue
Clear-Variable $ouname -ErrorAction SilentlyContinue
Clear-Variable $parentcontainer -ErrorAction SilentlyContinue
$adobjects = $null
$users = $null
$groups = $null
$contacts = $null
} #End of Get QADObject OU
$output | Export-Csv $OutFile -NoTypeInformation
