How to Get and Set properties of the Active Directory user using PowerShell

How to Get and Set properties of the Active Directory user using PowerShell

In this article, we will discuss how to get and set properties of an Active Directory user using PowerShell.


Here’s how to get User Properties

To get user properties from Active Directory, Get-ADUser cmdlet can be used. Here is an example of how to retrieve the email address of a user:



  1. Get-ADUser -Identity "TechNoob" -Properties EmailAddress | Select-Object EmailAddress



  • In this example, we use the Get-ADUser cmdlet to retrieve the user object for the user "TechNoob". 
  • The -Properties parameter is used to specify the property we want to retrieve, which in this case is the EmailAddress property. 
  • We then channel the output to the Select-Object cmdlet to only display the EmailAddress property.



Here’s how to set User Properties


To set user properties in Active Directory, Set-ADUser cmdlet can be used. Here is an example of how to set the description of a user:



  1. Set-ADUser -Identity "TechNoob" -Description "New User Description"


In this example, we use the Set-ADUser cmdlet to set the description property for the user "TechNoob" to "New User Description".


Note that some properties, such as the samAccountName, cannot be changed once the user object has been created. Also, some properties require special permissions to modify.




    • Related Articles

    • Generate an Activity Report for Microsoft 365 Groups and Teams

      Introduction The activity reports available for Microsoft 365 groups and Teams can be beneficial for administrators in an organization. Microsoft 365 teams group activity reports provide insight into group activities, group workloads, group counts, ...

    • How to find unused Exchange Online mailboxes

      What are unused Exchange Online mailboxes and how to identify them? Unused Exchange Online mailboxes are user mailboxes which are currently not being used by their users. There are 3 ways in which we can identify if a mailbox is unused or not. They ...

    • How to get memberships of the Active Directory user using PowerShell

      One of the essential parts of Active Directory administration is to manage user memberships in Active Directory. There may be times when the membership of a specific user need to be identified. In this article, we will explain how to use PowerShell ...

    • Set Screen Saver Timeout

      Windows computers are usually configured to lock the screen after some time of inactivity. This is especially inconvenient if the remote desktop session keeps disconnecting each time after a few minutes of being idle. The Windows registry holds the ...

    • How to manage inactive Active Directory user accounts

      Over time, an organization's Active Directory (AD) network can start accumulating inactive user accounts. These accounts can be of employees who may have left the organization, temporary accounts, etc. The problem here is that these inactive AD ...