POWERSHELL GUIDE TO

EXTRACT INFORMATION
Learn how to extract information from the ACTIVE DIRECTORY and how its syntax is applied in POWERSHELL
together with its other features.

By Edward Carlos Raymond

1. EXTRACT USER INFORMATION

To extract information about users, departments or any other attributes, PowerShell can help you
retrieve what you need. Before even accessing the Active Directory always ensure that we import
the Active Directory module into the PowerShell. This is done by typing the syntax IMPORTMODULE ACTIVEDIRECTORY and presses ENTER. PowerShell will successfully import the module
and user than can access the Active Directories.
Simple Basic Syntax for POWERSHELL to retrieve available information which is: Using the GET-ADUSER command or cmdlet which help retrieve users information. There are more
syntax which can help extracts other information besides users information.
Example of retrieving available users under one department such as name, use the syntax GetADUser -filter * -Properties <attribute name> (The attribute name can be users name, users
department, users office and so on.) Example:*note the filter * syntax purpose is to only get the attribute that you need and remove unwanted
attributes.
GET-ADUSER -filter * -Properties Name

A whole available of users will be listed out and the list keeps on going until it collects the final users
in the end. Even when only names are prompt to display to the PowerShell but other info such as
GIVEN NAME, SURNAME, SAM ACCOUNT NAME also appears. If you are only requesting for the
names of the users, use the same syntax but with the addition of SELECT-OBJECT cmdlet typed
after PROPERTIES (*USE THE KEY | TO SEPARATE between Properties and Select-Object to
ensure POWERSHELL understands your request) example:-

Syntax : GET-ADUSER FILTER * -PROPERTIES <attribute name> | SELECT-OBJECT <attribute name>

GET-ADUSER FILTER * -PROPERTIES NAME | SELECT-OBJECT NAME

Again a whole list of users still appears, this is because the syntax tells PowerShell to show all users
in the directories. If you want a more specific type of info from a specific type of department use the
same syntax but with the addition of -SEARCHBASE cmdlet. This function is to only get information
about the users in an available unit such as users only under IT Department.

SYNTAX : Get-ADUser -Filter * -SearchBase "ou=OUNAME,dc=DomainName,dc=com" -Properties

NAME | SELECT-OBJECT NAME

*Notice after the SEARCHBASE there is a double quotation which contains a directory. This directory
is where you going to extract data from. Key in the directory between the double quotations.
>OU stands for ORGANIZATIONAL UNIT NAME
>DC stands for THE DOMAIN NAME
*Note that the directories must be accurate to enable PowerShell to search accurately.
Example : SYNTAX : Get-ADUser -Filter * -SearchBase "ou=IT,ou=KEM,
ou=Knowles,dc=Knowles,dc=com" -Properties NAME | SELECT-OBJECT NAME

*Notice PowerShell only extracted users from IT department and the directories was accurate
enabling POWERSHELL to find the directories.
Besides Names, users can also extract multiple attributes such as user department, office, job title
and any other properties at the same time making it a fast excess and fast result to display. Just add
in the Attributes into properties syntax separating each attribute with a , symbol. Same goes to the
select-object syntax.

If you are searching information about 1 user, it can be done by typing the GET-ADUSER syntax
and press Enter. A filter message will appear asking users to filter any kind of attribute but with the
condition of entering the value in it.
Example:-

In the filter, type <attribute> -like value. This is the syntax which should be type in the filter.

<attribute> means the name of the attribute such as NAME, SURNAME, GIVENNAME
value means the value in the attribute
-like is another word for equal to

A closer example:-

*Notice the typed syntax in the filter part. This is the accurate way to extract only one user
information. Try searching for your GIVENNAME in the filter part.

2. FORMAT
Heres an effective method to show all attributes in a single view without messing up the
information extracted. Using a syntax called FORMAT which enables viewers to have a better view
of what they have collected. There are three types of Format which are:

Format-Table (recommended)*
Format-List
Format-wide

This syntax should be included after the Select-Object syntax with a | to separate the format type.
Example : SYNTAX : Get-ADUser -Filter * -SearchBase "ou=IT,ou=KEM,
ou=Knowles,dc=Knowles,dc=com" -Properties NAME, GIVENNAME, SAMACCOUNTNAME | SELECTOBJECT NAME, GIVENNAME, SAMACCOUNTNAME | FORMAT-TABLE

Above is an example of a table format which is highly recommended for better view of users
information. Noted that the attributes listed did appear and is more neat and easy to view. Try
listing the same attributes but this time in different formats.

3. EXPORTING COLLECTED INFORMATION

PowerShell enables the features to export the extracted information and convert it into HTML,
EXCEL or Notepad. These could save you more time than to retype the syntax all over again just to
extract the same information back again. Exporting it is much better as you can retrieve the file at
any time when needed.
The syntax for exporting is easy, just type EXPORT | CSV <directory path> <filename.csv> -Encoding
ascii -NoTypeInformation. This syntax should be type at the end of all the other syntax.
Example : Get-ADUser -Filter * -SearchBase "ou=IT,ou=KEM, ou=Knowles,dc=Knowles,dc=com" Properties NAME, GIVENNAME, SAMACCOUNTNAME | SELECT-OBJECT NAME, GIVENNAME,
SAMACCOUNTNAME | EXPORT-CSV C:\Users\John\Documents\ExportExtracted.csv Encoding
ascii -NoTypeInformation
Files can be save in such forms:
EXCEL
EXPORT | CSV <directory path><filename.csv> Encoding ascii NoTypeInformation

NOTEPAD
OUT-FILE <directory path><filename.txt> -Encoding utf8

HTML
OUT-FILE <directory path><filename.htm>