The Get-ADUser command connects to Active Directory, searches for users based on given parameters, retrieves their properties, and outputs the user objects.
This code gets the user with username 'jsmith' and outputs their email address.
Execution Table
Step
Action
Parameter
Result
Output
1
Run Get-ADUser
-Identity "jsmith"
Search AD for user 'jsmith'
User object found
2
Retrieve Properties
-Properties EmailAddress
Get EmailAddress property
EmailAddress value stored
3
Assign to variable
$user = Get-ADUser ...
User object assigned to $user
Variable $user holds user data
4
Output EmailAddress
Write-Output $user.EmailAddress
Print EmailAddress
jsmith@example.com
5
End
No more commands
Script ends
No further output
💡 Completed retrieving and displaying the EmailAddress property of user 'jsmith'.
Variable Tracker
Variable
Start
After Step 1
After Step 2
After Step 3
Final
$user
null
User object found
User object with EmailAddress property
User object assigned
User object with EmailAddress property
Key Moments - 3 Insights
Why do we need to specify -Properties EmailAddress?
By default, Get-ADUser returns only a few properties. To get EmailAddress, we must explicitly request it using -Properties, as shown in execution_table step 2.
What happens if the user 'jsmith' does not exist?
Get-ADUser will throw an error or return nothing, so no user object is assigned to $user. This is implied in execution_table step 1 where the user is searched.
Why do we assign the result to a variable before outputting?
Assigning to $user lets us access properties easily later, like $user.EmailAddress in step 4, instead of running Get-ADUser multiple times.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is stored in $user after step 3?
AOnly the EmailAddress string
BUser object with requested properties
CNull value
DError message
💡 Hint
Check variable_tracker row for $user after Step 3.
At which step is the EmailAddress property retrieved?
AStep 4
BStep 1
CStep 2
DStep 5
💡 Hint
Look at the Action and Result columns in execution_table.
If we omit -Properties EmailAddress, what changes in the output?
AEmailAddress will be empty or missing
BScript will fail with error
CEmailAddress will still be shown
DUser object will not be found
💡 Hint
Refer to key_moments about why -Properties is needed.
Concept Snapshot
Get-ADUser -Identity <username> [-Properties <props>]
Retrieves AD user object by username.
Use -Properties to get extra info like EmailAddress.
Assign output to variable to access properties.
Output properties with Write-Output or direct access.
Full Transcript
The Get-ADUser command in PowerShell connects to Active Directory and searches for a user based on parameters like Identity. It retrieves the user object and requested properties such as EmailAddress. The script assigns the user object to a variable for easy access. Then it outputs the EmailAddress property. If the user does not exist, no object is returned. By default, only a few properties are returned, so -Properties is used to get more. This step-by-step trace shows how the command runs and how variables change.