You can use PowerShell scripts to query Active Directory. There are several methods that can be used. All of the examples linked on this page query Active Directory for the objects that have a specified Common Name (value of the cn attribute). The examples demonstrate three different techniques.

The first example uses ADO in a PowerShell script. The steps are very similar to those that would be used in a VBScript program. We create ADO connection and command objects, assign properties like Page Size and Timeout, then assign an LDAP query with the same four clauses used in a VBScript program. The first clause specifies the "base" of the query, the second clause is an LDAP filter, the third clause is a comma delimited list of attributes, and the fourth clause specifies the scope. This script will work in PowerShell v1 or v2.

FindUser1.txt <<-- Click here to view or download the PowerShell script

The next program uses the System.DirectoryServices.DirectorySearcher class to query Active Directory. We still are able to specify Page Size, the base of the query, and the LDAP filter. We use the PropertiesToLoad property to specify the attributes values to be retrieved. If we don't use this property, PowerShell will retrieve all attribute values, which will slow the program. This script will work in PowerShell v1 or v2.

FindUser2.txt <<-- Click here to view or download the PowerShell script

Finally we have a PowerShell script that uses the new Active Directory cmdlets in PowerShell v2 installed with Windows Server 2008 R2 and above. This example uses the Get-ADObject cmdlet. We use the LDAPFilter parameter to specify our LDAP filter. This script requires PowerShell v2.

FindUser3.txt <<-- Click here to view or download the PowerShell script