Last active
January 28, 2026 22:37
-
-
Save SweetAsNZ/43dd6f71dcf664ee2128e0e59565742d to your computer and use it in GitHub Desktop.
Retrieves Active Directory user and group information using ADSISearcher
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-ADUserAndGroupADSIsearcher { | |
| <# | |
| .SYNOPSIS | |
| Retrieves Active Directory user and group information using ADSISearcher. | |
| .DESCRIPTION | |
| This function searches for a user in Active Directory and retrieves their group memberships. | |
| .EXAMPLE | |
| Get-ADUserAndGroupADSIsearcher -UserName "Tim West" | |
| .EXAMPLE | |
| Get-ADUserAndGroupADSIsearcher -samAccountName "JDoe" | Select-String "SERVER1-RemoteDesktopUsers" | |
| .NOTES | |
| Author: Tim West | |
| Created: June 2024 | |
| Updated: 29/1/26 | |
| Status: Production | |
| Version: 1.0.2 | |
| .CHANGELOG | |
| 1.0.0 - Initial version | |
| 1.0.1 - Added additional user properties to display | |
| 1.0.2 - Changed Write-Host to Write-Output for pipeline support and Select-String compatibility; sorted groups alphabetically | |
| .TODO | |
| - Enhance error handling | |
| - Add support for additional search filters | |
| #> | |
| [CmdletBinding()] | |
| Param( | |
| # Define the username to search for | |
| $samAccountName = "" , | |
| $UserName = "" , | |
| $DisplayName = "" | |
| ) | |
| # Create the ADSI searcher object | |
| $searcher = New-Object DirectoryServices.DirectorySearcher | |
| if ($null -ne $samAccountName -and $samAccountName -ne "") { | |
| $searcher.Filter = "(&(objectClass=user)(sAMAccountName=$samAccountName))" | |
| } | |
| if ($null -ne $UserName -and $UserName -ne "") { | |
| $searcher.Filter = "(&(objectClass=user)(Name=$UserName))" | |
| } | |
| if ($null -ne $DisplayName -and $DisplayName -ne "") { | |
| $searcher.Filter = "(&(objectClass=user)(displayName=$displayName))" | |
| } | |
| # Execute the search | |
| $user = $searcher.FindOne() | |
| if ($null -ne $user) { | |
| # Get the DirectoryEntry object | |
| $userEntry = $user.GetDirectoryEntry() | |
| # Get group memberships | |
| Write-Output "`nGroups:" | |
| $groups = $userEntry.Properties["memberOf"] | Sort-Object | |
| foreach ($group in $groups) { | |
| Write-Output $group | |
| } | |
| # Extension Attributes | |
| Write-Output "extensionAttribute1: $($userEntry.Properties['extensionAttribute1'][0])" | |
| Write-Output "extensionAttribute2: $($userEntry.Properties['extensionAttribute2'][0])" | |
| Write-Output "extensionAttribute3: $($userEntry.Properties['extensionAttribute3'][0])" | |
| Write-Output "extensionAttribute4: $($userEntry.Properties['extensionAttribute4'][0])" | |
| Write-Output "extensionAttribute5: $($userEntry.Properties['extensionAttribute5'][0])" | |
| Write-Output "extensionAttribute6: $($userEntry.Properties['extensionAttribute6'][0])" | |
| Write-Output "extensionAttribute7: $($userEntry.Properties['extensionAttribute7'][0])" | |
| Write-Output "extensionAttribute8: $($userEntry.Properties['extensionAttribute8'][0])" | |
| Write-Output "extensionAttribute9: $($userEntry.Properties['extensionAttribute9'][0])" | |
| Write-Output "extensionAttribute10: $($userEntry.Properties['extensionAttribute10'][0])" | |
| Write-Output "extensionAttribute11: $($userEntry.Properties['extensionAttribute11'][0])" | |
| Write-Output "extensionAttribute12: $($userEntry.Properties['extensionAttribute12'][0])" | |
| Write-Output "extensionAttribute13: $($userEntry.Properties['extensionAttribute13'][0])" | |
| Write-Output "extensionAttribute14: $($userEntry.Properties['extensionAttribute14'][0])" | |
| Write-Output "extensionAttribute15: $($userEntry.Properties['extensionAttribute15'][0])" | |
| # Display basic user info | |
| Write-Output "User found: $($userEntry.Properties['cn'][0])" | |
| Write-Output "Distinguished Name: $($userEntry.Properties['distinguishedName'][0])" | |
| Write-Output "Dept Number: $($userEntry.Properties['departmentNumber'][0])" | |
| Write-Output "Manager: $($userEntry.Properties['manager'][0])" | |
| Write-Output "Division: $($userEntry.Properties['division'][0])" | |
| Write-Output "StreetAddress: $($userEntry.Properties['StreetAddress'][0])" | |
| Write-Output "PhysicalDeliveryAddr: $($userEntry.Properties['physicalDeliveryOfficeName'][0])" | |
| Write-Output "postalCode: $($userEntry.Properties['postalCode'][0])" | |
| Write-Output "Company: $($userEntry.Properties['Company'][0])" | |
| Write-Output "Department: $($userEntry.Properties['department'][0])" | |
| Write-Output "Country: $($userEntry.Properties['co'][0])" | |
| Write-Output "Employee ID: $($userEntry.Properties['employeeID'][0])" | |
| Write-Output "Employee Number: $($userEntry.Properties['employeeNumber'][0])" | |
| Write-Output "Employee Type: $($userEntry.Properties['employeeType'][0])" | |
| Write-Output "Logon Count: $($userEntry.Properties['logonCount'][0])" | |
| Write-Output "primaryGroupID: $($userEntry.Properties['primaryGroupID'][0])" | |
| Write-Output "Object SID: $($userEntry.Properties['objectSid'][0])" | |
| Write-Output "objectGUID: $($userEntry.Properties['objectGUID'][0])" | |
| Write-Output "Object Class: $($userEntry.Properties['objectClass'][0])" | |
| # Display username and email | |
| Write-Output "When Created: $($userEntry.Properties['whenCreated'][0])" | |
| Write-Output "When Changed: $($userEntry.Properties['whenChanged'][0])" | |
| Write-Output "Name: $($userEntry.Properties['Name'][0])" | |
| Write-Output "Canonical Name: $($userEntry.Properties['cn'][0])" | |
| Write-Output "displayName: $($userEntry.Properties['displayName'][0])" | |
| Write-Output "SAMAccountName: $($userEntry.Properties['sAMAccountName'][0])" | |
| Write-Output "UPN: $($userEntry.Properties['userPrincipalName'][0])" | |
| Write-Output "Title: $($userEntry.Properties['title'][0])" | |
| # Mail Attributes | |
| Write-Output "mailNickname: $($userEntry.Properties['mailNickname'][0])" | |
| Write-Output "Email: $($userEntry.Properties['mail'][0])" | |
| Write-Output "msDS-ExternalDirectoryObjectID: $($userEntry.Properties['msDS-ExternalDirectoryObjectID'][0])" | |
| Write-Output "msExchSafeSendHash: $($userEntry.Properties['msExchSafeSendHash'][0])" | |
| Write-Output "proxyAddresses: $($userEntry.Properties['proxyAddresses'][0])" | |
| } | |
| else { | |
| Write-Output "User '$samAccountName' not found." | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment