Explore Active Directory Users with PowerShell Out-GridView

Doctor Scripto

Summary: Microsoft Scripting Guy, Ed Wilson, talks about using the Windows PowerShell Out-Gridview cmdlet to examine user information in Active Directory.


Hey, Scripting Guy! Question Hey, Scripting Guy! I would like a way to use Windows PowerShell to view user information from Active Directory. I would like to be able to explore the returned information and be able to see what is going on. In other words, I need kind of an Active Directory microscope. You don’t happen to have one do you?


Hey, Scripting Guy! Answer Hello BJ,

Microsoft Scripting Guy, Ed Wilson, is here. This has been a really busy week, and it is now 30 days until the Windows PowerShell Summit in in Redmond, Washington. The Scripting Wife and I are looking forward to attending this event. In fact, we have been looking forward to it for months. Finally, it is coming together. In one way, it will be a bit strange. This is because we are staying at the same hotel as a couple of members from the Charlotte, North Carolina Windows PowerShell User Group, so I know we will be hanging out some. But of course, the big reason for attending the event is to spend time with some of the world’s best Windows PowerShell scripters. It will be a total geek fest the entire time. I will be making three presentations, and so next week I need to spend a decent amount of time honing them.

Note   This is the fifth blog in a series about using the Active Directory module.

Using Out-GridView to explore Active Directory user info 

One of the cool things I like to do with Windows PowerShell is pipe user information that I need to peruse to the Out-GridView cmdlet. I find it a very convenient way to explore user information. The result of this exploration can be a further refinement of an AD DS query, or it can be the end game itself. The command is simplicity itself. In the command that follows, I am on the Charlotte OU portion of my AD: drive. I use the dir alias (alias for Get-ChildItem), and I specify that I want all properties by using a wildcard character. I pipe the results to Out-Gridview. That is it! 

PS AD:\ou=charlotte,dc=iammred,dc=net> dir -Properties * | Out-GridView

Sorting and filtering data with Out-GridView 

The initial display of information is not all that great. In fact, it seems a bit cluttered, and even jumbled. This is shown in the image that follows. 

Image of command output

The strength of using Out-GridView comes by adding a criteria. This is shown here.

Image of menu

After I select the attributes that I am interested in working with, I click Add. Now, the GridView changes to permit modifying the operator and adding the criteria. This is shown here.

Image of menu 

Storing results and further parsing

In Windows PowerShell 3.0, Out-GridView picks up a PassThru parameter. This means that the filtering conducted in the Out-GridView can feed back to the Windows PowerShell console. In the following example, I throw all the user objects (and their associated properties) from the Charlotte OU to the Out-GridView. I then filter the results and I store the results in a variable. Next I use Windows PowerShell to further work with the results. The command is shown here:

PS AD:\ou=charlotte,dc=iammred,dc=net> $user = dir -Properties * | Out-GridView –PassThru 

The Out-GridView that is created by the command is shown here. 

Image of menu

Note   If you do not highlight all the lines, only the one line that is highlighted by default returns. So in the previous image, the filter criterion returns three objects. But right now, only the first line is highlighted, so only that object would return. Therefore, all three lines need to be highlighted, and then when OK is pressed, all three objects return to the variable.

After filtering the objects with more than 500 logons, I go back to the Windows PowerShell console, and investigate the $user variable that contains the returned objects.

PS AD:\ou=charlotte,dc=iammred,dc=net> $user = dir -Properties * | out-gridview -Pass 


PS AD:\ou=charlotte,dc=iammred,dc=net> $user.Count 

I do not even need to use an intermediate variable because I can pipe the results to another cmdlet. The following command pipes the results from whatever is filtered in the Out-Gridview cmdlet to Group-Object, where the objects are grouped by the name property.

PS AD:\ou=charlotte,dc=iammred,dc=net> dir -Properties * | out-gridview -PassThru | group name  

Count Name                      Group 

—– —-                      —–

    1 ED-PC                     {CN=ED-PC,OU=Charlotte,DC=iammred,DC=net}

    1 ed wilson                 {CN=ed wilson,OU=Charlotte,DC=iammred,DC=net}

    1 EDLT                      {CN=EDLT,OU=Charlotte,DC=iammred,DC=net}

    1 HYPERV2                   {CN=HYPERV2,OU=Charlotte,DC=iammred,DC=net}

    1 Regular User              {CN=Regular User,OU=Charlotte,DC=iammred,DC=net}

    1 Sample User               {CN=Sample User,OU=Charlotte,DC=iammred,DC=net}

    1 SQL                       {CN=SQL,OU=Charlotte,DC=iammred,DC=net

    1 Teresa Wilson             {CN=Teresa Wilson,OU=Charlotte,DC=iammred,DC=net}

BJ, that is all there is to using the Active Directory module provider with the Out-GridView cmdlet. Active Directory Week will continue tomorrow when I will talk about discovering attribute names by using Windows PowerShell.

I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.

Ed Wilson, Microsoft Scripting Guy 


Discussion is closed.

Feedback usabilla icon