Turning AD User into a Hash Table

by May 1, 2017

Sometimes it could be useful to load all attributes from a given AD user into a hash table. This way, you could edit them, and then use Set-ADUser with its -Add or -Replace parameters to apply them to another user account.

Here is how you read in all AD User attributes into a hash table:

#requires -Version 3.0 -Modules ActiveDirectory 

$blacklist = 'SID', 'LastLogonDate', 'SAMAccountName'

$user = Get-ADUser -Identity NAMEOFUSER -Properties *
$name = $user | Get-Member -MemberType *property | Select-Object -ExpandProperty Name

$hash = [Ordered]@{}
$name | 
  Sort-Object |
  Where-Object {
    $_ -notin $blacklist
  } |
  ForEach-Object {
  $hash[$_] = $user.$_ 

Note the use of $blacklist: this list can contain the names of any attributes you want to exclude.

Twitter This Tip! ReTweet this Tip!