When you download the free RSAT tools from Microsoft, these include the ActiveDirectory module. It contains a rich set of cmdlets to manage Active Directory accounts.
Provided you are connected to an Active Directory, you can use the following samples to get familiar with these new cmdlets:
# find your own user account by SAMAccountName Get-ADUser -Identity $env:USERNAME # find user account by DN Get-ADUser -Identity 'CN=TWeltner,OU=Users,OU=Hannover,OU=Trainees,DC=powershell,DC=local' # find your own user account and return all available attributes Get-ADUser -Identity $env:USERNAME -Properties * # find your own user account and change attributes Get-ADUser -Identity $env:USERNAME | Set-ADUser -Description 'My account' # find all user accounts where the SAMAccount name starts with "T" Get-ADUser -Filter 'SAMAccountName -like "T*"' # find user account "ThomasP" and use different logon details for AD # logon details for your AD $cred = Get-Credential $IPDC = '10.10.11.2' Get-ADUser -Identity ThomasP -Credential $cred -Server $IPDC # find all groups and output results to gridview Get-ADGroup -Filter * | Out-GridView # find all groups below a given search root Get-ADGroup -Filter * -SearchBase 'OU=test,DC=powershell,DC=local' # get all members of a group Get-ADGroupMember -Identity 'Domain Admins' # create new user account named "Tom" # define password $secret = 'Initial$$00' | ConvertTo-SecureString -AsPlainText -Force $secret = Read-Host -Prompt 'Password' -AsSecureString New-ADUser -Name Tom -SamAccountName Tom -ChangePasswordAtLogon $true -AccountPassword $secret -Enabled $true # delete user account "Tom" Remove-ADUser -Identity Tom -Confirm:$false # create an organizational unit named "NewOU1" in powershell.local New-ADOrganizationalUnit -Name 'NewOU1' -Path 'DC=powershell,DC=local' # all user accounts not used within last 180 days $FileTime = (Get-Date).AddDays(-180).ToFileTime() $ageLimit = "(lastLogontimestamp<=$FileTime)" Get-ADUser -LDAPFilter $ageLimit
