AD PowerShell Module

#Get Current Domain: 
Get-ADDomain

#Get Object of Another Domain: 
Get-ADDomain -Identity <domain_name>

#Get Domain SID for Current Domain: 
(Get-ADDomain).DomainSID

#Get Domain Controllers for Current Domain: 
Get-ADDomainController

#Get Domain Controllers for Another Domain: 
Get-ADDomainController -DomainName <other_domain_name> -Discover

#Default Domain Policy
Get-ADDefaultDomainPasswordPolicy

#Get List of Users in Domain: 
Get-ADUser -Filter * -Properties *

#Get List of Users with Select Properties, save to file
Get-ADUser -Filter * -Properties CN, Country, Created, createTimeStamp, Department, Description, DisplayName, DistinguishedName, Division, EmailAddress, Enabled, GivenName, LastLogonDate, LockedOut, Name, PasswordLastSet, PasswordNeverExpires, PasswordNotRequired, SamAccountName, UserPrincipalName | Export-Csv ADUsers.csv -NoTypeInformation

#Get List of Users (All Properties) and save to file
Get-ADUser -Filter * -Properties * | Export-Csv ADUsers_AllInfo.csv -NoTypeInformation

#Get Information of Specified Domain User: 
Get-ADUser -Identity <domain_user> -Properties *

#Get List of All Properties for Users in Domain: 
Get-ADUser -Filter * -Properties * | select -First 1 | Get-Member -Membertype *Property | select Name

#Get Specified Properties for Specified Domain User: 
Get-ADUser -Filter * -Properties * | select name,logoncount,@{express={[datetime]::fromFileTime($_.pwdlastset)}}

#Search for String in User's Attribute(s): 
Get-ADUser -Filter 'Description -like "*<string>*"' -Properties Description | select name,Description

#Get List of Computers in Current Domain:
Get-ADComputer -Filter * -Properties *
Get-ADComputer -Filter * | select Name

#Get List of Filtered Computers in Current Domain: 
Get-ADComputer -Filter 'OperatingSystem -like "*<filter>*"' -Properties OperatingSystem | select Name,OperatingSystem

#Get List of Filtered Computers and IP Addresses in Current Domain:
Get-ADComputer -Filter * -Properties DNSHostName | %{Test-Connection -Count 1 -ComputerName $_.DNSHostName}

#Get list of computers created within the past 365 days
$Joined = [DateTime]::Today.AddDays(-365)
Get-ADComputer -Filter 'WhenCreated -ge $joined' -Properties * | select CN, Created, DNSHostName, Name, SamAccountName, OperatingSystem, OperatingSystemVersion, IPv4Address, IPv6Address | Export-CSV <FILENAME>.csv -NoTypeInformation

#Get All Groups in Current Domain:
Get-ADGroup -Filter * -Properties *
Get-ADGroup -Filter * | select Name

#Get List of Groups with Select Properties, save to file
Get-ADGroup -Filter * | select Name, sAMAccountName, Description, DisplayName, DistinguishedName  | Export-Csv ADGroups.csv -NoTypeInformation

#Get All Filtered Groups in Current Domain:
Get-ADGroup -Filter 'Name -like "*<filter>*"' | select Name

#Get All Groups in Specified Domain:
Get-ADGroup -Filter 'Name -like "*<filter>*"' -Server <other_domain_name> | select Name

#Get All User Members of Specified Group (Recursively):
Get-ADGroupMember -Identity "<group_name>" -Server <domain_name> -Recursive

#Get All User Members of Specified Group (Recursively) with Additional User Attributes and Save to File
Get-ADGroupMember -Identity <AD_GROUP_NAME> -Server <DOMAIN_NAME> -Recursive | %{Get-ADUser -Identity $_.samaccountname -Server <DOMAIN_NAME> -Properties CN, Country, Created, createTimeStamp, Department, Description, DisplayName, DistinguishedName, Division, EmailAddress, Enabled, GivenName, LastLogonDate, LockedOut, Name, PasswordLastSet, PasswordNeverExpires, PasswordNotRequired, SamAccountName, UserPrincipalName} | Export-Csv Group_Membership_ADUsers.csv -NoTypeInformation

#Get List of Group Members with Select Properties, save to file
Get-ADGroupMember -Identity "<group_name>" -Recursive | select name, SamAccountName, distinguishedName | Export-Csv GroupMembership.csv -NoTypeInformation

#Get the Group Membership for a User:
Get-ADPrincipalGroupMembership -Identity <username>

#Get All OUs in Current Domain:
Get-ADOrganizationalUnit -Filter * -Properties *

AccountExpirationDate
accountExpires
AccountLockoutTime
AccountNotDelegated
AllowReversiblePasswordEncryption
AuthenticationPolicy
AuthenticationPolicySilo
BadLogonCount
badPasswordTime
badPwdCount
CannotChangePassword
CanonicalName
Certificates
City
CN
codePage
Company
CompoundIdentitySupported
Country
countryCode
Created
createTimeStamp
Deleted
Department
Description
DisplayName
DistinguishedName
Division
DoesNotRequirePreAuth
dSCorePropagationData
EmailAddress
EmployeeID
EmployeeNumber
Enabled
Fax
GivenName
HomeDirectory
HomedirRequired
HomeDrive
HomePage
HomePhone
Initials
instanceType
isDeleted
KerberosEncryptionType
LastBadPasswordAttempt
LastKnownParent
lastLogoff
lastLogon
LastLogonDate
lastLogonTimestamp
LockedOut
logonCount
LogonWorkstations
Manager
MemberOf
MNSLogonAccount
MobilePhone
Modified
modifyTimeStamp
msDS-User-Account-Control-Computed
Name
nTSecurityDescriptor
ObjectCategory
ObjectClass
ObjectGUID
objectSid
Office
OfficePhone
Organization
OtherName
PasswordExpired
PasswordLastSet
PasswordNeverExpires
PasswordNotRequired
POBox
PostalCode
PrimaryGroup
primaryGroupID
PrincipalsAllowedToDelegateToAccount
ProfilePath
ProtectedFromAccidentalDeletion
pwdLastSet
SamAccountName
sAMAccountType
ScriptPath
sDRightsEffective
ServicePrincipalNames
SID
SIDHistory
SmartcardLogonRequired
sn
State
StreetAddress
Surname
Title
TrustedForDelegation
TrustedToAuthForDelegation
UseDESKeyOnly
userAccountControl
userCertificate
UserPrincipalName
uSNChanged
uSNCreated
whenChanged
whenCreated

AccountExpirationDate
accountExpires
AccountLockoutTime
AccountNotDelegated
AllowReversiblePasswordEncryption
AuthenticationPolicy
AuthenticationPolicySilo
BadLogonCount
badPasswordTime
badPwdCount
CannotChangePassword
CanonicalName
Certificates
CN
codePage
CompoundIdentitySupported
countryCode
Created
createTimeStamp
Deleted
Description
DisplayName
DistinguishedName
DNSHostName
DoesNotRequirePreAuth
dSCorePropagationData
Enabled
HomedirRequired
HomePage
instanceType
IPv4Address
IPv6Address
isCriticalSystemObject
isDeleted
KerberosEncryptionType
LastBadPasswordAttempt
LastKnownParent
lastLogoff
lastLogon
LastLogonDate
lastLogonTimestamp
localPolicyFlags
Location
LockedOut
logonCount
ManagedBy
MemberOf
MNSLogonAccount
Modified
modifyTimeStamp
msDFSR-ComputerReferenceBL
msDS-GenerationId
msDS-SupportedEncryptionTypes
msDS-User-Account-Control-Computed
Name
nTSecurityDescriptor
ObjectCategory
ObjectClass
ObjectGUID
objectSid
OperatingSystem
OperatingSystemHotfix
OperatingSystemServicePack
OperatingSystemVersion
PasswordExpired
PasswordLastSet
PasswordNeverExpires
PasswordNotRequired
PrimaryGroup
primaryGroupID
PrincipalsAllowedToDelegateToAccount
ProtectedFromAccidentalDeletion
pwdLastSet
rIDSetReferences
SamAccountName
sAMAccountType
sDRightsEffective
serverReferenceBL
ServiceAccount
servicePrincipalName
ServicePrincipalNames
SID
SIDHistory
TrustedForDelegation
TrustedToAuthForDelegation
UseDESKeyOnly
userAccountControl
userCertificate
UserPrincipalName
uSNChanged
uSNCreated
whenChanged
whenCreated

CanonicalName
CN
Created
createTimeStamp
Deleted
Description
DisplayName
DistinguishedName
dSCorePropagationData
GroupCategory
GroupScope
groupType
HomePage
instanceType
isDeleted
LastKnownParent
ManagedBy
member
MemberOf
Members
Modified
modifyTimeStamp
Name
nTSecurityDescriptor
ObjectCategory
ObjectClass
ObjectGUID
objectSid
ProtectedFromAccidentalDeletion
SamAccountName
sAMAccountType
sDRightsEffective
SID
SIDHistory
uSNChanged
uSNCreated
whenChanged
whenCreated

CanonicalName
City
CN
Country
Created
createTimeStamp
Deleted
Description
DisplayName
DistinguishedName
dSCorePropagationData
gPLink
instanceType
isCriticalSystemObject
isDeleted
LastKnownParent
LinkedGroupPolicyObjects
ManagedBy
Modified
modifyTimeStamp
Name
nTSecurityDescriptor
ObjectCategory
ObjectClass
ObjectGUID
ou
PostalCode
ProtectedFromAccidentalDeletion
sDRightsEffective
showInAdvancedViewOnly
State
StreetAddress
systemFlags
uSNChanged
uSNCreated
whenChanged
whenCreated