EDUCBA

Home Data Science Data Science Tutorials PowerShell Tutorial PowerShell User List

PowerShell User List

Updated March 6, 2023

PowerShell User List

 

 

Definition of PowerShell User List

PowerShell User list is a way to retrieve the users from the local windows machines or the active directory users using the specific cmdlets like Get-LocalUser for the local users on windows OS and Get-ADUsers for the active directory users to retrieve the user details like Distinguished Name (DN), GUID, Security Identifier (SID), Security Account Manager (SAM) or name and can be exported to the CSV or the text file.

Start Your Free Data Science Course

Hadoop, Data Science, Statistics & others

Syntax

Syntax of PowerShell User List are given below:

Get-LocalUser syntax:

Get-LocalUser
[[-Name] <String[]>] [<CommonParameters>] Get-LocalUser
[[-SID] <SecurityIdentifier[]>] [<CommonParameters>]

Get-ADUser syntax:

Get-ADUser
[-AuthType <ADAuthType>] [-Credential <PSCredential>] -Filter <String>
[-Properties <String[]>] [-ResultPageSize <Int32>] [-ResultSetSize <Int32>] [-SearchBase <String>] [-SearchScope <ADSearchScope>] [-Server <String>] [<CommonParameters>]

Get-ADUser
[-AuthType <ADAuthType>] [-Credential <PSCredential>] [-Identity] <ADUser>
[-Partition <String>] [-Properties <String[]>] [-Server <String>] [<CommonParameters>]

Get-ADUser
[-AuthType <ADAuthType>] [-Credential <PSCredential>] -LDAPFilter <String>
[-Properties <String[]>] [-ResultPageSize <Int32>] [-ResultSetSize <Int32>] [-SearchBase <String>] [-SearchScope <ADSearchScope>] [-Server <String>] [<CommonParameters>]

From the Get-ADUser syntax, you can use any set of combinations and similarly for the Get-LocalUser account. You can’t use the -Filter and -Identity property together in Get-ADUser cmdlet and -Name and -SID property in Get-LocalUser cmdlet.

We can also use the WMI or CIMInstance class Win32_UserAccount  to retrieve the local user details from the local or the remote computers. In addition “Net User” command in cmd is also helpful to retrieve the local user list.

How to List Users in PowerShell?

There are various methods to list the users in the PowerShell by using the Native commands like Get-LocalUser which retrieves the local user account details from the local computer or the remote computers or the Get-ADUser which retrieves the users from the Active Directory domain.

Get-LocalUser command was introduced in PowerShell 5.1 and it is part of Microsoft.PowerShell.LocalAccounts module. In the earlier PowerShell version, to retrieve the list of users you either need to download the local accounts module or you need to use the cmd command like Net User (which still works) or the WMI method class Win32_UserAccount.

If you are remoting to the older PowerShell version machines then the Get-LocalUser command won’t work there. When you run the local user commands on the domain controller, it will provide you the active directory users because DC doesn’t have the local users.

Examples of PowerShell User List

Following are the examples are given below:

Example #1: Getting Local User Accounts List Using Cmd

We can use the “Net User” cmd command to retrieve the user list from the cmd or the PowerShell.

net user

Output:

PowerShell User List-2.1

  • To get the local users list from the remote computer use Invoke-Command in PowerShell,

Invoke-Command -ComputerName LabMachine2k16 -ScriptBlock { net user}

Output:

PowerShell User List-2.2

The above output is from the remote computer LabMachine2k16. 

Example #2: Retrieving the Local Users Using the Wmi Method

We can use the WMI method or the CIM instance method class Win32_UserAccount to retrieve the user list.

gwmi win32_UserAccount | Select Name, FullName, Caption, Domain, SID | ft -AutoSize

Output:

PowerShell User List-2.3

  • To get the local user details on the remote computer, you need to add the -ComputerName

Invoke-Command -ComputerName LabMachine2k16 { gwmi win32_UserAccount} | Select Name, FullName, Caption, Domain, SID | ft -AutoSize

You can also use the Get-CimInstance command instead of the gwmi method.

You can export the output file to the text or CSV as shown below. In the below example, the output will be exported to the UserAccounts.Csv file.

gwmi win32_UserAccount | Select Name, FullName, Caption, Domain, SID | Export-Csv C:\Temp\Useracccounts.csv -NoTypeInformation

To export into the text file.

gwmi win32_UserAccount | Select Name, FullName, Caption, Domain, SID | Out-File C:\temp\UserAccounts.txt

If you want to check the specific user or the domain user list,

gwmi win32_UserAccount | where{$_.Domain -like "LabMachine2k16*"} | Select Name, FullName, Caption, Domain, SID  | ft -AutoSize

Output:

Output-2.4

  • To retrieve the local accounts only with the Password properties use the below command,

gwmi win32_useraccount | where{$_.LocalAccount -eq $true}  | Select Name, LocalAccount, PasswordChangeable, PasswordRequired

Example #3: Retrieving the ADUsers List

To get the domain user list, you can use the Get-ADUser command. To run this command you need to make sure that you have the RSAT (Remote Server Administration Tools) installed on the computer.

Get-ADUser -Filter *

The above command will get all users from the active directory domain.

Output-2.5

  • To expose all the properties of the users, you can use the -Property

Get-ADUser -Filter * -Properties *

  • To filter the specific properties,

Get-ADUser -Filter * -Properties * | Select Name, DisplayName, SamAccountName, UserPrincipalName

Output:

Output-2.6

  • To get the list of the users who have accounts Disabled and export it to the CSV file, use the below command.

Get-ADUser -Filter * | where {$_.Enabled -eq $false} | Export-Csv C:\DisabledUserAccounts.csv -NoTypeInformation

  • To get the specific user accounts details,

Get-ADUser -Identity beta -Properties *

You need to use the SamAccountName property in the -Identity parameter.

  • To retrieve the users from the specific Organization Unit (OU), use the below command.

Get-ADUser -Filter * -Properties * | where{$_.DistinguishedName -like "*CN=Users*"} | Select Name, DisplayName, userPrincipalName, SAMAccountName

  • Retrieving the list of users in the active directory domain whose password is expired or set to never expires with password properties in the output.
  • Retrieves the Expired Password user accounts.

Get-ADUser -Filter * -Properties * | where{$_.PasswordExpired -eq $true} | Select Name, SAMAccountName, PasswordExpired, PasswordLastSet

  • Retrieves the Password never expires user accounts.

Get-ADUser -Filter * -Properties * | where{$_.PasswordNeverExpires -eq $true} | Select Name, SAMAccountName, PasswordNeverExpires

Conclusion

As explained in this article, PowerShell uses the various commands to retrieve the list of the Users from the windows computer or from the active directory domain and that is helpful for administrators for their audit and clean-up tasks.  You can use the task scheduler to send emails to Administrators for the list of created, expired, about to expire accounts monthly.

Recommended Articles

This is a guide to PowerShell User List. Here we also discuss the definition and syntax of PowerShell User List along with different examples and its code implementation. You may also have a look at the following articles to learn more –

  1. PowerShell Environment Variable
  2. PowerShell Write to Console
  3. PowerShell ZIP
  4. PowerShell Multiline String