Powershell AD module

Installation

Get msi from Windows Download and install it.

Activate Windows Feature

  • Remote Server Administration Tools
    • Role Administration Tools
      • AD DS and AD LDS Tools
        • Active Directory Module for Windows Powershell

Activate module, with administrator powershell

Import-Module ActiveDirectory

Another possibility

Get-Module -ListAvailable | Import-Module

Usage

All users in a variable for the local domain

$users = Get-ADUser -Filter *

A specific user on a remote domain through one of its DC server

Get-ADUser -Server pirlific01.arsoe-bretagne.com -Filter {GivenName -eq "George" -and Surname -eq "Smith"}

Getting email list. -Properties mail add mail to the output, otherwise UserPrincipalName is the email but that's not given for all AD.

Get-ADUser -Filter * -Properties mail | Select-Object mail

Alternative syntax with ()

(Get-ADUser -Filter * -Properties mail).mail

Formatted as a table (there's also Format-Custom for ~json, Format-List, ...). Relevant options : -AutoSize -Wrap, -GroupBy

Get-ADUser -Filter * -Properties mail | Format-Table SAMAccountName,mail

Example script

# Matching emails between two AD

# Debug
$DebugPreference = "Continue"
# $DebugPreference = "SilentlyContinue"
# $InformationPreference = "Continue"
$InformationPreference = "SilentlyContinue"

# Variables
$OutputFilePath = [Environment]::GetFolderPath("Desktop")+"/Emails.csv"
$NotFoundOutputFilePath = [Environment]::GetFolderPath("Desktop")+"/Emails-NotFound.csv"
$DC1 = "NEWDC.company.com"
$DC2 = "OLDDC01.company.com"
$DC3 = "OLDDC02.company.com"

Remove-Item -Path $OutputFilePath -ErrorAction SilentlyContinue
Remove-Item -Path $NotFoundOutputFilePath -ErrorAction SilentlyContinue

$users = Get-ADUser -Server $DC1 -Filter *
ForEach ($user in $users) {

    # If there's a GivenName and Surname set for this user in local domain 
    if ($user.GivenName -and $user.Surname) {
        
        # Find the email in 2nd domain defined by one of it's AD's DC server
        $DC2eMail = (Get-ADUser -Server $DC2 -Filter {(GivenName -eq $user.GivenName) -and (Surname -eq $user.Surname)}).UserPrincipalName                

        # If there's an email defined for this user in 2nd domain
        if ($DC2eMail) {

            # This is ugly : we might have two emails for some user. We pick the shortest one...
            if ($DC2eMail.GetType().FullName -eq "System.Object[]") {                
                if ($DC2eMail[0].length -gt $DC2eMail[1].length) {
                    $DC2eMail = $DC2eMail[1]
                } else {
                    $DC2eMail = $DC2eMail[0]
                }
                Write-Debug ("DC2eMail is an array, picked shortest value which is " + $DC2eMail)
            }
            Write-Information ($user.GivenName + " " + $user.Surname + " = " + $user.UserPrincipalName + " = " + $DC2eMail)

            # Output to CSV
            New-Object -TypeName PSCustomObject -Property @{
                Email1 = $user.UserPrincipalName
                Email2 = $DC2eMail 
            } | Export-Csv -Append -NoTypeInformation -Path $OutputFilePath -Delimiter ';'

        } else {
            $DC3eMail = (Get-ADUser -Server $DC3 -Filter {(GivenName -eq $user.GivenName) -and (Surname -eq $user.Surname)}).UserPrincipalName                

            if ($DC3eMail) {

            # This is ugly : we might have two emails for some user. We pick the shortest one...
            if ($DC3eMail.GetType().FullName -eq "System.Object[]") {                
                if ($DC3eMail[0].length -gt $DC3eMail[1].length) {
                    $DC3eMail = $DC3eMail[1]
                } else {
                    $DC3eMail = $DC3eMail[0]
                }
                Write-Debug ("DC3eMail is an array, picked shortest value which is " + $DC3eMail)
            }
            Write-Information ($user.GivenName + " " + $user.Surname + " = " + $user.UserPrincipalName + " = " + $DC3eMail)

            # Output to CSV
            New-Object -TypeName PSCustomObject -Property @{
                Email1 = $user.UserPrincipalName
                Email2 = $DC3eMail 
            } | Export-Csv -Append -NoTypeInformation -Path $OutputFilePath -Delimiter ';'

            } else {
                # Output 'Not Found' to another CSV
                New-Object -TypeName PSCustomObject -Property @{
                    Email1 = $user.UserPrincipalName            
                } | Export-Csv -Append -NoTypeInformation -Path $NotFoundOutputFilePath -Delimiter ';'

                Write-Information ("No or bad email in " + $DC2 + " for " + $user.GivenName + " " + $user.Surname)
            }
        }
    }  
}