0
0
PowershellHow-ToBeginner · 4 min read

How to Use PowerShell with Active Directory: Simple Guide

To use PowerShell with Active Directory, first import the ActiveDirectory module using Import-Module ActiveDirectory. Then, use cmdlets like Get-ADUser or New-ADUser to manage AD objects directly from PowerShell.
📐

Syntax

PowerShell uses cmdlets from the ActiveDirectory module to interact with Active Directory. The basic syntax is:

  • Import-Module ActiveDirectory - Loads the AD cmdlets.
  • Get-ADUser -Identity <username> - Retrieves a user object.
  • New-ADUser -Name <name> -OtherParameters - Creates a new user.

Each cmdlet has parameters to specify the target object and properties.

powershell
Import-Module ActiveDirectory

# Get a user by username
Get-ADUser -Identity "jdoe"

# Create a new user
New-ADUser -Name "John Doe" -SamAccountName "jdoe" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true
💻

Example

This example shows how to find a user in Active Directory and display their name and email address.

powershell
Import-Module ActiveDirectory

$user = Get-ADUser -Identity "jdoe" -Properties EmailAddress

Write-Output "Name: $($user.Name)"
Write-Output "Email: $($user.EmailAddress)"
Output
Name: John Doe Email: john.doe@example.com
⚠️

Common Pitfalls

Common mistakes when using PowerShell with Active Directory include:

  • Not importing the ActiveDirectory module before running AD cmdlets.
  • Running PowerShell without administrator rights or proper permissions to access AD.
  • Using incorrect usernames or property names in commands.
  • Not converting passwords to secure strings when creating users.
powershell
## Wrong way: Missing module import
Get-ADUser -Identity "jdoe"

## Right way:
Import-Module ActiveDirectory
Get-ADUser -Identity "jdoe"
📊

Quick Reference

CmdletPurposeExample
Import-Module ActiveDirectoryLoad AD cmdletsImport-Module ActiveDirectory
Get-ADUserGet user infoGet-ADUser -Identity "jdoe"
New-ADUserCreate new userNew-ADUser -Name "John Doe" -SamAccountName "jdoe" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true
Set-ADUserModify user propertiesSet-ADUser -Identity "jdoe" -EmailAddress "john.doe@example.com"
Remove-ADUserDelete a userRemove-ADUser -Identity "jdoe"

Key Takeaways

Always import the ActiveDirectory module before using AD cmdlets.
Run PowerShell with proper permissions to access Active Directory.
Use Get-ADUser and New-ADUser cmdlets to read and create users.
Convert passwords to secure strings when creating users.
Check property names carefully to avoid errors.

Related by keyword

How to Create Directory in PowerShell: Simple GuideFile OperationsPowerShell 5 vs PowerShell 7: Key Differences and When to Use EachGetting StartedHow to Create Variable in PowerShell: Simple GuideBasicsHow to Use Pipe Operator in PowerShell: Simple GuideBasicsHow to Use Write-Host in PowerShell: Simple GuideBasics

Up next

How to Use Invoke-Command in PowerShell: Syntax and ExamplesHow to Use Remote PowerShell: Syntax and ExamplesHow to Fix Access Denied Error in PowerShell QuicklyHow to Fix 'Command Not Found' Error in PowerShell

More in Active Directory

How to Add User to AD Group with PowerShellHow to Create an AD User with PowerShell QuicklyHow to Disable an Active Directory Account Using PowerShellHow to Get AD Computer Information Using PowerShell