{"id":354,"date":"2014-10-07T15:17:18","date_gmt":"2014-10-07T19:17:18","guid":{"rendered":"http:\/\/adsecurity.org\/?p=354"},"modified":"2014-10-28T22:20:55","modified_gmt":"2014-10-29T02:20:55","slug":"powershell-code-find-user-in-active-directory-forest","status":"publish","type":"post","link":"https:\/\/adsecurity.org\/?p=354","title":{"rendered":"PowerShell Code: Find User in Active Directory Forest"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>PowerShell Code: Find User in Active Directory Forest<\/p>\n<p>There are times when you have a userid, but don&#8217;t know where in a multi-domain forest a user is located. Here&#8217;s some PowerShell code for locating the user&#8217;s domain.<br \/>\nPowerShell code leverages the Active Directory PowerShell module to query a local Global Catalog (GC) server in order to identify the user&#8217;s domain.<\/p>\n<p><code><br \/>\nParam<br \/>\n(<br \/>\n$UserID<br \/>\n)<\/code><\/p>\n<p>import-module activedirectory<\/p>\n<p>$LocalSite = (Get-ADDomainController -Discover).Site<br \/>\n$NewTargetGC = Get-ADDomainController -Discover -Service 6 -SiteName $LocalSite<br \/>\nIF (!$NewTargetGC)<br \/>\n{ $NewTargetGC = Get-ADDomainController -Discover -Service 6 -NextClosestSite }<br \/>\n$NewTargetGCHostName = $NewTargetGC.HostName<br \/>\n$LocalGC = &#8220;$NewTargetGCHostName&#8221; + &#8220;:3268&#8221;<\/p>\n<p>Write-Output &#8220;Identify User and Computer Objects with configured Service Principal Names `r &#8221;<br \/>\nGet-ADUser $UserID -Server &#8220;$LocalGC&#8221;<\/p>\n<p>Get-ADUser -Server $LocalGC -filter { sAMAccountName -eq $UserID }<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; PowerShell Code: Find User in Active Directory Forest There are times when you have a userid, but don&#8217;t know where in a multi-domain forest a user is located. Here&#8217;s some PowerShell code for locating the user&#8217;s domain. PowerShell code leverages the Active Directory PowerShell module to query a local Global Catalog (GC) server in &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/adsecurity.org\/?p=354\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[20,161,160,162,22],"class_list":["post-354","post","type-post","status-publish","format-standard","hentry","category-powershell","tag-activedirectory","tag-activedirectorypowershellmodule","tag-finduserdomain","tag-globalcatalog","tag-powershellcode","item-wrap"],"_links":{"self":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/354","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=354"}],"version-history":[{"count":1,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/354\/revisions"}],"predecessor-version":[{"id":355,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/354\/revisions\/355"}],"wp:attachment":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=354"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=354"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=354"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}