Bird
Raised Fist0
PowerShellscripting~5 mins

Get-ADUser in PowerShell - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What does the <code>Get-ADUser</code> cmdlet do in PowerShell?
It retrieves information about Active Directory user accounts. You can get details like username, email, and other properties.
Click to reveal answer
beginner
How do you get a user by their username with Get-ADUser?
Use the -Identity parameter with the username. Example: Get-ADUser -Identity "jsmith".
Click to reveal answer
intermediate
What parameter do you use to select specific properties to display with Get-ADUser?
Use the -Properties parameter to specify which properties you want. For example, -Properties EmailAddress, Department.
Click to reveal answer
intermediate
How can you find all users in a specific organizational unit (OU) using Get-ADUser?
Use the -SearchBase parameter with the OU's distinguished name. Example: Get-ADUser -SearchBase "OU=Sales,DC=example,DC=com" -Filter *.
Click to reveal answer
beginner
What does the -Filter * parameter do in Get-ADUser?
It tells PowerShell to get all users without filtering. The asterisk means 'all'.
Click to reveal answer
Which parameter of Get-ADUser lets you specify the user by username?
A-Filter
B-Identity
C-Properties
D-SearchBase
How do you retrieve all users in Active Directory using Get-ADUser?
AGet-ADUser -Identity *
BGet-ADUser -Properties *
CGet-ADUser -Filter *
DGet-ADUser -SearchBase *
Which parameter helps you get users only from a specific OU?
A-SearchBase
B-Properties
C-Filter
D-Identity
If you want to see a user's email address with Get-ADUser, what should you do?
AUse -SearchBase EmailAddress
BUse -Filter EmailAddress
CUse -Identity EmailAddress
DUse -Properties EmailAddress
What does Get-ADUser -Identity jsmith do?
AGets the user with username 'jsmith'
BGets all users named 'jsmith'
CDeletes the user 'jsmith'
DUpdates the user 'jsmith'
Explain how to use Get-ADUser to find all users in a specific organizational unit (OU).
Think about limiting the search scope to an OU.
You got /3 concepts.
    Describe how to retrieve a user's email address using Get-ADUser.
    Remember default properties do not include email.
    You got /3 concepts.

      Practice

      (1/5)
      1. What does the Get-ADUser cmdlet do in PowerShell?
      easy
      A. Creates a new Active Directory user
      B. Retrieves information about Active Directory users
      C. Deletes an Active Directory user
      D. Modifies an Active Directory user's password

      Solution

      1. Step 1: Understand the purpose of Get-ADUser

        The cmdlet is designed to fetch or retrieve user information from Active Directory.

      2. Step 2: Compare with other cmdlets

        Creating, deleting, or modifying users are done by other cmdlets like New-ADUser or Set-ADUser, not Get-ADUser.

      3. Final Answer:

        Retrieves information about Active Directory users -> Option B

      4. Quick Check:

        Get-ADUser = Retrieve user info [OK]
      Hint: Get-ADUser always fetches user info, not changes [OK]
      Common Mistakes:
      • Confusing Get-ADUser with New-ADUser
      • Thinking it modifies user data
      • Assuming it deletes users
      2. Which of the following is the correct syntax to get a user by their username using Get-ADUser?
      easy
      A. Get-ADUser -Identity "jdoe"
      B. Get-ADUser -Name "jdoe"
      C. Get-ADUser -UserName "jdoe"
      D. Get-ADUser -User "jdoe"

      Solution

      1. Step 1: Identify the correct parameter for a single user

        The -Identity parameter is used to specify a single user by username or distinguished name.

      2. Step 2: Check other parameters

        Parameters like -Name, -UserName, or -User are not valid for Get-ADUser to specify a single user.

      3. Final Answer:

        Get-ADUser -Identity "jdoe" -> Option A

      4. Quick Check:

        -Identity = single user [OK]
      Hint: Use -Identity to specify one user by username [OK]
      Common Mistakes:
      • Using -Name instead of -Identity
      • Trying -UserName which is invalid
      • Confusing parameter names
      3. What will this command output?
      Get-ADUser -Filter 'Enabled -eq $true' -Properties EmailAddress | Select-Object Name, EmailAddress
      medium
      A. List of disabled users with their names and email addresses
      B. List of all users with only their names
      C. List of enabled users with their names and email addresses
      D. Error because EmailAddress is not a valid property

      Solution

      1. Step 1: Understand the filter condition

        The filter Enabled -eq $true selects only users who are enabled (active).

      2. Step 2: Check properties and output

        The command requests the EmailAddress property and selects to display Name and EmailAddress for each user.

      3. Final Answer:

        List of enabled users with their names and email addresses -> Option C

      4. Quick Check:

        Filter enabled + EmailAddress shown = List of enabled users with their names and email addresses [OK]
      Hint: Filter enabled users and add -Properties for extra fields [OK]
      Common Mistakes:
      • Forgetting to add -Properties EmailAddress
      • Assuming it lists disabled users
      • Thinking EmailAddress is invalid property
      4. You run this command but get an error:
      Get-ADUser -Filter "Name -like '*Smith'" -Properties Email

      What is the likely cause?
      medium
      A. The property 'Email' does not exist; it should be 'EmailAddress'
      B. The filter syntax is incorrect; should use single quotes inside double quotes
      C. Get-ADUser cannot filter by Name
      D. Missing -Identity parameter

      Solution

      1. Step 1: Check the property name

        The correct property for user email is EmailAddress, not Email.

      2. Step 2: Validate filter and parameters

        The filter syntax is valid and filtering by Name is allowed. The -Identity parameter is not required when using -Filter.

      3. Final Answer:

        The property 'Email' does not exist; it should be 'EmailAddress' -> Option A

      4. Quick Check:

        Wrong property name causes error [OK]
      Hint: Use correct property names like EmailAddress, not Email [OK]
      Common Mistakes:
      • Using wrong property names
      • Misunderstanding filter syntax
      • Thinking -Identity is mandatory with -Filter
      5. You want to list all users in the 'Sales' department with their names and phone numbers. Which command will do this correctly?
      hard
      A. Get-ADUser -Filter 'Department -like Sales' | Select Name, PhoneNumber
      B. Get-ADUser -Identity 'Sales' -Properties Phone | Select Name, Phone
      C. Get-ADUser -Filter 'Department = Sales' -Properties PhoneNumber | Select-Object Name, PhoneNumber
      D. Get-ADUser -Filter 'Department -eq "Sales"' -Properties TelephoneNumber | Select-Object Name, TelephoneNumber

      Solution

      1. Step 1: Use correct filter syntax for department

        The filter Department -eq "Sales" correctly matches users in Sales department.

      2. Step 2: Include correct property and select output

        Use -Properties TelephoneNumber to get phone numbers, then select Name and TelephoneNumber for output.

      3. Step 3: Check other options for errors

        Get-ADUser -Identity 'Sales' -Properties Phone | Select Name, Phone uses -Identity incorrectly and wrong property names. Get-ADUser -Filter 'Department -like Sales' | Select Name, PhoneNumber has wrong filter syntax and property names. Get-ADUser -Filter 'Department = Sales' -Properties PhoneNumber | Select-Object Name, PhoneNumber uses '=' instead of '-eq' and wrong property names.

      4. Final Answer:

        Get-ADUser -Filter 'Department -eq "Sales"' -Properties TelephoneNumber | Select-Object Name, TelephoneNumber -> Option D

      5. Quick Check:

        Filter with -eq + correct property = Get-ADUser -Filter 'Department -eq "Sales"' -Properties TelephoneNumber | Select-Object Name, TelephoneNumber [OK]
      Hint: Use -Filter with -eq and add -Properties for extra fields [OK]
      Common Mistakes:
      • Using wrong filter operators like '='
      • Wrong property names like Phone instead of TelephoneNumber
      • Misusing -Identity for filtering