AD Powershell List Active Directory users that have never logged in including built-in users using PowerShell : ------------------------------------------------------------------------------------------------ Get-aduser -f {-not ( lastlogontimestamp -like "*") -and (enabled -eq $true)} | select name Active Directory: LastLogonTimeStamp Conversion ----------------------------------------------- Get-aduser -f * -pr lastlogondate | ft samaccountname,LastLogonDate,Enabled -auto Get-ADUser : The term ‘Get-ADUser’ is not recognized: ----------------------------------------------------- Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online Install-WindowsFeature -Name “RSAT-AD-PowerShell” -IncludeAllSubFeature First, you can use the following PowerShell command to install the Remote Server Administration Tools (RSAT) tool directly from Windows Update. ------------------------------------------------------------------------------------------------------------------------------------------------ Add-WindowsCapability –online –Name "Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0" First, let me find a domain user based on the sAMAccountName attribute -------------------- Get-ADUser breinders We can now use the objectGUID (or GUID) attribute to find a user. Let’s try: ---------------------------------------------------------------------------- Get-ADUser bdcaaf45-e993-4be7-83d2-c1d280edc250 We can also search for a user based on their Security Identifier, or SID. -------------------------------------------------------------------------- Get-ADUser S-1-5-21-3437955921-3370966048-1812589592-1107 Discover all the accounts that are ‘Enabled’. ---------------------------------------------- Get-ADUser -filter {Enabled -eq "true"} | ft Display all the users with an email address. --------------------------------------------- Get-ADUser -Filter {mail -ne "null"} -Properties Name,GivenName,mail| ft Name,GivenName,mail Get-AdUser where name like? ---------------------------------------- Get-ADUser -Filter {name -like "*Reinders*"} -Properties * | ft Name,EmailAddress Using Get-AdUser with alternate credentials -------------------------------------------- $cred = Get-Credential Get-ADUser -Credential $cred -Filter {name -like "*Reinders*"} -Properties * | ft Name,EmailAddress Displaying all users with the date and time their password was last set/reset ---------------------------------------------------------------------------- Get-ADUser -filter * -Properties Name,PasswordLastSet | ft Name,PasswordLastSet listing every user’s Creation Date in Active Directory ------------------------------------------------------- Get-ADUser -filter * -Properties Name,whencreated | ft Name,WhenCreated Listing the Department and the Manager of each user, if they’re populated in Active Directory ----------------------------------------------------------------------------------------------- Get-ADUser -filter * -Properties Name,Department,Manager | ft Name,Department,Manager Export to CSV file : ------------------------- Get-ADUser -filter * -properties * | Export-CSV c:\temp\Users.csv Step 1: Install the PowerShell Active Directory Module Installing PowerShell on Windows 10 ------------------------------------------------------------------------------------------ Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online Method 2: Install using PowerShell ---------------------------------- Install-WindowsFeature -Name “RSAT-AD-PowerShell” -IncludeAllSubFeature .