0

#PSTip Extending the default output property set for Active Directory objects

Note: This tip requires PowerShell 3.0 or above.

When you get user objects from Active Directory using the Active Directory module cmdlets, you get a ‘thin’ output object that includes just a few properties.

PS> Get-ADUser shay

DistinguishedName : CN=shay,CN=Users,DC=domain,DC=com
Enabled           : True
GivenName         : Shay
Name              : Shay
ObjectClass       : user
ObjectGUID        : 3a596c36-c876-43a5-a0af-55865cd0cb1d
SamAccountName    : Shay
SID               : S-1-5-21-17886608-6971410453-5352618669-29132
Surname           : Shay
UserPrincipalName : shay@domain.com

This can boost your performance when you issue a query that returns many objects. Sometimes, however, you’ll want to return more data contained in properties that are not included in the default set. You can do that by specifying a comma separated list of property names in the Properties parameter. Wildcards are also permitted, and specifying an asterisk ‘*’ will get all properties. The following command adds the Office,Department,mail, and GivenName properties to the output object.

PS> Get-ADUser shay -Properties Office,Department,mail,GivenName,sn

Department        : Computers
DistinguishedName : CN=shay,CN=Users,DC=domain,DC=com
Enabled           : True
GivenName         : Shay
mail              : shay@domain.com
Name              : Shay
ObjectClass       : user
ObjectGUID        : 3a596c36-c876-43a5-a0af-55865cd0cb1d
Office            : Computers
SamAccountName    : Shay
SID               : S-1-5-21-17886608-6971410453-5352618669-29132
Surname           : Levy
UserPrincipalName : shay@domain.com

Great but most of the time this is how you’ll want your result to look like by default and not having to explicitly declare it each time you run the command.

There is no cmdlet that let’s configure this, but luckily you can control it with a new feature of PowerShell 3.0: Parameters default values. This feature allows us to specify custom default values for any cmdlet or advanced function. Let’s see how we can use it with the Get-ADUser command:

PS> $PSDefaultParameterValues=@{'Get-ADUser:Properties' = 'Office','Department','mail','GivenName','sn'}
PS> Get-ADUser shay

Department        : Computers
DistinguishedName : CN=shay,CN=Users,DC=domain,DC=com
Enabled           : True
GivenName         : Shay
mail              : shay@domain.com
Name              : Shay
ObjectClass       : user
ObjectGUID        : 3a596c36-c876-43a5-a0af-55865cd0cb1d
Office            : Computers
SamAccountName    : Shay
SID               : S-1-5-21-17886608-6971410453-5352618669-29132
Surname           : Levy
UserPrincipalName : shay@domain.com

Awesome! All that’s left to do is add the $PSDefaultParameterValues command to your PowerShell profile so that each time you run Get-ADUser, the output object will have an extended set of attributes. In a similar manner, you can create default sets for computer objects and so on.

Filed in: Columns, Tips and Tricks Tags: , , ,

Leave a Reply

Submit Comment

© 2016 PowerShell Magazine. All rights reserved. XHTML / CSS Valid.
Proudly designed by Theme Junkie.
%d bloggers like this: