Chapter 3 - Discovering objects, properties, and methods
My first introduction to computers was a Commodore 64, but my first modern computer was a 286 12-Mhz IBM clone with 1 megabyte of memory, a 40-megabyte hard drive, and one 5-1/4 inch floppy disk drive with a CGA monitor running Microsoft DOS 3.3.
Many IT Pros, like myself, are no stranger to the command line, but when the subject of objects, properties, and methods comes up, they get the deer in the headlights look and say, "I'm not a developer." Guess what? You don't have to be a developer to be successful with PowerShell. Don't get bogged down in the terminology. Not everything may make sense initially, but after a little hands-on experience you'll start to have those "light bulb" moments. "Aha! So that's what the book was talking about."
Be sure to try the examples on your computer to gain some of that hands-on experience.
Requirements
The Active Directory PowerShell module is required by some of the examples shown in this chapter. The module is part of the Remote Server Administration Tools (RSAT) for Windows. For the 1809 (or higher) build of Windows, the RSAT tools are installed as a Windows feature. Support for Active Directory is not available on Windows Home.
- For information about installing the RSAT tools, see Windows Management modules.
- For older versions of Windows, see RSAT for Windows.
Get-Member
Get-Member
helps you discover what objects, properties, and methods are available for commands.
Any command that produces object-based output can be piped to Get-Member
. A property is a
characteristic about an item. Your drivers license has a property called eye color and the most
common values for that property are blue and brown. A method is an action that can be taken on an
item. In staying with the drivers license example, one of the methods is "Revoke" because the
department of motor vehicles can revoke your drivers license.
Properties
In the following example, I'll retrieve information about the Windows Time service running on my computer.
Get-Service -Name w32time
Status Name DisplayName
------ ---- -----------
Running w32time Windows Time
Status, Name, and DisplayName are examples of properties as shown in the previous set of
results. The value for the Status property is Running
, the value for the Name property is
w32time
, and the value for DisplayName is Windows Time
.
Now I'll pipe that same command to Get-Member
:
Get-Service -Name w32time | Get-Member
TypeName: System.ServiceProcess.ServiceController
Name MemberType Definition
---- ---------- ----------
Name AliasProperty Name = ServiceName
RequiredServices AliasProperty RequiredServices = ServicesDependedOn
Disposed Event System.EventHandler Disposed(System.Object, Sy...
Close Method void Close()
Continue Method void Continue()
CreateObjRef Method System.Runtime.Remoting.ObjRef CreateObjRef(ty...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
ExecuteCommand Method void ExecuteCommand(int command)
GetHashCode Method int GetHashCode()
GetLifetimeService Method System.Object GetLifetimeService()
GetType Method type GetType()
InitializeLifetimeService Method System.Object InitializeLifetimeService()
Pause Method void Pause()
Refresh Method void Refresh()
Start Method void Start(), void Start(string[] args)
Stop Method void Stop()
WaitForStatus Method void WaitForStatus(System.ServiceProcess.Servi...
CanPauseAndContinue Property bool CanPauseAndContinue {get;}
CanShutdown Property bool CanShutdown {get;}
CanStop Property bool CanStop {get;}
Container Property System.ComponentModel.IContainer Container {get;}
DependentServices Property System.ServiceProcess.ServiceController[] Depe...
DisplayName Property string DisplayName {get;set;}
MachineName Property string MachineName {get;set;}
ServiceHandle Property System.Runtime.InteropServices.SafeHandle Serv...
ServiceName Property string ServiceName {get;set;}
ServicesDependedOn Property System.ServiceProcess.ServiceController[] Serv...
ServiceType Property System.ServiceProcess.ServiceType ServiceType ...
Site Property System.ComponentModel.ISite Site {get;set;}
StartType Property System.ServiceProcess.ServiceStartMode StartTy...
Status Property System.ServiceProcess.ServiceControllerStatus ...
ToString ScriptMethod System.Object ToString();
The first line of the results in the previous example contains one piece of very important information. TypeName tells you what type of object was returned. In this example, a System.ServiceProcess.ServiceController object was returned. This is often abbreviated as the portion of the TypeName just after the last period; ServiceController in this example.
Once you know what type of object a command produces, you can use this information to find commands that accept that type of object as input.
Get-Command -ParameterType ServiceController
CommandType Name Version Source
----------- ---- ------- ------
Cmdlet Get-Service 3.1.0.0 Microsof...
Cmdlet Restart-Service 3.1.0.0 Microsof...
Cmdlet Resume-Service 3.1.0.0 Microsof...
Cmdlet Set-Service 3.1.0.0 Microsof...
Cmdlet Start-Service 3.1.0.0 Microsof...
Cmdlet Stop-Service 3.1.0.0 Microsof...
Cmdlet Suspend-Service 3.1.0.0 Microsof...
All of those commands have a parameter that accepts a ServiceController object type by pipeline, parameter input, or both.
Notice that there are more properties than are displayed by default. Although these additional
properties aren't displayed by default, they can be selected from the pipeline by piping the command
to the Select-Object
cmdlet and using the Property parameter. The following example selects
all of the properties by piping the results of Get-Service
to Select-Object
and specifying the
*
wildcard character as the value for the Property parameter.
Get-Service -Name w32time | Select-Object -Property *
Name : w32time
RequiredServices : {}
CanPauseAndContinue : False
CanShutdown : True
CanStop : True
DisplayName : Windows Time
DependentServices : {}
MachineName : .
ServiceName : w32time
ServicesDependedOn : {}
ServiceHandle : SafeServiceHandle
Status : Running
ServiceType : Win32ShareProcess
StartType : Manual
Site :
Container :
Specific properties can also be selected using a comma-separated list for the value of the Property parameter.
Get-Service -Name w32time | Select-Object -Property Status, Name, DisplayName, ServiceType
Status Name DisplayName ServiceType
------ ---- ----------- -----------
Running w32time Windows Time Win32ShareProcess
By default, four properties are returned in a table and five or more are returned in a list. Some
commands use custom formatting to override how many properties are displayed by default in a table.
There are several Format-*
cmdlets that can be used to manually override these defaults. The most
common ones are Format-Table
and Format-List
, both of which will be covered in an upcoming
chapter.
Wildcard characters can be used when specifying the property names with Select-Object
.
Get-Service -Name w32time | Select-Object -Property Status, DisplayName, Can*
Status : Running
DisplayName : Windows Time
CanPauseAndContinue : False
CanShutdown : True
CanStop : True
In the previous example, Can*
was used as one of the values for the Property parameter to
return all the properties that start with Can
. These include CanPauseAndContinue,
CanShutdown, and CanStop.
Methods
Methods are an action that can be taken. Use the MemberType parameter to narrow down the results
of Get-Member
to only show the methods for Get-Service
.
Get-Service -Name w32time | Get-Member -MemberType Method
TypeName: System.ServiceProcess.ServiceController
Name MemberType Definition
---- ---------- ----------
Close Method void Close()
Continue Method void Continue()
CreateObjRef Method System.Runtime.Remoting.ObjRef CreateObjRef(type ...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
ExecuteCommand Method void ExecuteCommand(int command)
GetHashCode Method int GetHashCode()
GetLifetimeService Method System.Object GetLifetimeService()
GetType Method type GetType()
InitializeLifetimeService Method System.Object InitializeLifetimeService()
Pause Method void Pause()
Refresh Method void Refresh()
Start Method void Start(), void Start(string[] args)
Stop Method void Stop()
WaitForStatus Method void WaitForStatus(System.ServiceProcess.ServiceC...
As you can see, there are many methods. The Stop method can be used to stop a Windows service.
(Get-Service -Name w32time).Stop()
Now to verify the Windows time service has indeed been stopped.
Get-Service -Name w32time
Status Name DisplayName
------ ---- -----------
Stopped w32time Windows Time
I rarely find myself using methods, but they're something you need to be aware of. There are times
that you'll come across a Get-*
command without a corresponding command to modify that item.
Often, a method can be used to perform an action that modifies it. The Get-SqlAgentJob
cmdlet in
the SqlServer PowerShell module is a good example of this. The module installs as part of
SQL Server Management Studio (SMSS). No corresponding Set-*
cmdlet exists, but a
method can be used to complete the same task.
Another reason to be aware of methods is that many beginners assume destructive changes can't be
made with Get-*
commands. But they indeed can cause serious problems if used inappropriately.
A better option is to use a cmdlet to perform the action if one exists. Go ahead and start the Windows Time service, except this time use the cmdlet for starting services.
Get-Service -Name w32time | Start-Service -PassThru
Status Name DisplayName
------ ---- -----------
Running w32time Windows Time
By default, Start-Service
doesn't return any results just like the start method of Get-Service
.
But one of the benefits of using a cmdlet is that many times the cmdlet offers additional
functionality that isn't available with a method. In the previous example, the PassThru
parameter was used. This causes a cmdlet that doesn't normally produce output, to produce output.
Be careful with assumptions about the output of a cmdlet. We all know what happens when you assume things. I'll retrieve information about the PowerShell process running on my Windows 10 lab environment computer.
Get-Process -Name PowerShell
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName
------- ------ ----- ----- ------ -- -- -----------
922 48 107984 140552 2.84 9020 1 powershell
Now I'll pipe that same command to Get-Member:
Get-Process -Name PowerShell | Get-Member
TypeName: System.Diagnostics.Process
Name MemberType Definition
---- ---------- ----------
Handles AliasProperty Handles = Handlecount
Name AliasProperty Name = ProcessName
NPM AliasProperty NPM = NonpagedSystemMemorySize64
PM AliasProperty PM = PagedMemorySize64
SI AliasProperty SI = SessionId
VM AliasProperty VM = VirtualMemorySize64
WS AliasProperty WS = WorkingSet64
Disposed Event System.EventHandler Disposed(System.Object, ...
ErrorDataReceived Event System.Diagnostics.DataReceivedEventHandler ...
Exited Event System.EventHandler Exited(System.Object, Sy...
OutputDataReceived Event System.Diagnostics.DataReceivedEventHandler ...
BeginErrorReadLine Method void BeginErrorReadLine()
BeginOutputReadLine Method void BeginOutputReadLine()
CancelErrorRead Method void CancelErrorRead()
CancelOutputRead Method void CancelOutputRead()
Close Method void Close()
CloseMainWindow Method bool CloseMainWindow()
CreateObjRef Method System.Runtime.Remoting.ObjRef CreateObjRef(...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
GetHashCode Method int GetHashCode()
GetLifetimeService Method System.Object GetLifetimeService()
GetType Method type GetType()
InitializeLifetimeService Method System.Object InitializeLifetimeService()
Kill Method void Kill()
Refresh Method void Refresh()
Start Method bool Start()
ToString Method string ToString()
WaitForExit Method bool WaitForExit(int milliseconds), void Wai...
WaitForInputIdle Method bool WaitForInputIdle(int milliseconds), boo...
__NounName NoteProperty string __NounName=Process
BasePriority Property int BasePriority {get;}
Container Property System.ComponentModel.IContainer Container {...
EnableRaisingEvents Property bool EnableRaisingEvents {get;set;}
ExitCode Property int ExitCode {get;}
ExitTime Property datetime ExitTime {get;}
Handle Property System.IntPtr Handle {get;}
HandleCount Property int HandleCount {get;}
HasExited Property bool HasExited {get;}
Id Property int Id {get;}
MachineName Property string MachineName {get;}
MainModule Property System.Diagnostics.ProcessModule MainModule ...
MainWindowHandle Property System.IntPtr MainWindowHandle {get;}
MainWindowTitle Property string MainWindowTitle {get;}
MaxWorkingSet Property System.IntPtr MaxWorkingSet {get;set;}
MinWorkingSet Property System.IntPtr MinWorkingSet {get;set;}
Modules Property System.Diagnostics.ProcessModuleCollection M...
NonpagedSystemMemorySize Property int NonpagedSystemMemorySize {get;}
NonpagedSystemMemorySize64 Property long NonpagedSystemMemorySize64 {get;}
PagedMemorySize Property int PagedMemorySize {get;}
PagedMemorySize64 Property long PagedMemorySize64 {get;}
PagedSystemMemorySize Property int PagedSystemMemorySize {get;}
PagedSystemMemorySize64 Property long PagedSystemMemorySize64 {get;}
PeakPagedMemorySize Property int PeakPagedMemorySize {get;}
PeakPagedMemorySize64 Property long PeakPagedMemorySize64 {get;}
PeakVirtualMemorySize Property int PeakVirtualMemorySize {get;}
PeakVirtualMemorySize64 Property long PeakVirtualMemorySize64 {get;}
PeakWorkingSet Property int PeakWorkingSet {get;}
PeakWorkingSet64 Property long PeakWorkingSet64 {get;}
PriorityBoostEnabled Property bool PriorityBoostEnabled {get;set;}
PriorityClass Property System.Diagnostics.ProcessPriorityClass Prio...
PrivateMemorySize Property int PrivateMemorySize {get;}
PrivateMemorySize64 Property long PrivateMemorySize64 {get;}
PrivilegedProcessorTime Property timespan PrivilegedProcessorTime {get;}
ProcessName Property string ProcessName {get;}
ProcessorAffinity Property System.IntPtr ProcessorAffinity {get;set;}
Responding Property bool Responding {get;}
SafeHandle Property Microsoft.Win32.SafeHandles.SafeProcessHandl...
SessionId Property int SessionId {get;}
Site Property System.ComponentModel.ISite Site {get;set;}
StandardError Property System.IO.StreamReader StandardError {get;}
StandardInput Property System.IO.StreamWriter StandardInput {get;}
StandardOutput Property System.IO.StreamReader StandardOutput {get;}
StartInfo Property System.Diagnostics.ProcessStartInfo StartInf...
StartTime Property datetime StartTime {get;}
SynchronizingObject Property System.ComponentModel.ISynchronizeInvoke Syn...
Threads Property System.Diagnostics.ProcessThreadCollection T...
TotalProcessorTime Property timespan TotalProcessorTime {get;}
UserProcessorTime Property timespan UserProcessorTime {get;}
VirtualMemorySize Property int VirtualMemorySize {get;}
VirtualMemorySize64 Property long VirtualMemorySize64 {get;}
WorkingSet Property int WorkingSet {get;}
WorkingSet64 Property long WorkingSet64 {get;}
PSConfiguration PropertySet PSConfiguration {Name, Id, PriorityClass, Fi...
PSResources PropertySet PSResources {Name, Id, Handlecount, WorkingS...
Company ScriptProperty System.Object Company {get=$this.Mainmodule....
CPU ScriptProperty System.Object CPU {get=$this.TotalProcessorT...
Description ScriptProperty System.Object Description {get=$this.Mainmod...
FileVersion ScriptProperty System.Object FileVersion {get=$this.Mainmod...
Path ScriptProperty System.Object Path {get=$this.Mainmodule.Fil...
Product ScriptProperty System.Object Product {get=$this.Mainmodule....
ProductVersion ScriptProperty System.Object ProductVersion {get=$this.Main...
Notice that there are more properties listed than are displayed by default. A number of the default
properties displayed don't show up as properties when viewing the results of Get-Member
. This is
because many of the displayed values, such as NPM(K)
, PM(K)
, WS(K)
, and CPU(s)
, are
calculated properties. To determine the actual property names, the command must be piped to
Get-Member
.
If a command does not produce output, it can't be piped to Get-Member
. Since Start-Service
doesn't produce any output by default, it generates an error when you try to pipe it to
Get-Member
.
Start-Service -Name w32time | Get-Member
Get-Member : You must specify an object for the Get-Member cmdlet.
At line:1 char:31
+ Start-Service -Name w32time | Get-Member
+
+ CategoryInfo : CloseError: (:) [Get-Member], InvalidOperationException
+ FullyQualifiedErrorId : NoObjectInGetMember,Microsoft.PowerShell.Commands.GetMembe
rCommand
The PassThru parameter can be specified with the Start-Service
cmdlet make it produce output,
which is then piped to Get-Member
without error.
Start-Service -Name w32time -PassThru | Get-Member
TypeName: System.ServiceProcess.ServiceController
Name MemberType Definition
---- ---------- ----------
Name AliasProperty Name = ServiceName
RequiredServices AliasProperty RequiredServices = ServicesDependedOn
Disposed Event System.EventHandler Disposed(System.Object, Sy...
Close Method void Close()
Continue Method void Continue()
CreateObjRef Method System.Runtime.Remoting.ObjRef CreateObjRef(ty...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
ExecuteCommand Method void ExecuteCommand(int command)
GetHashCode Method int GetHashCode()
GetLifetimeService Method System.Object GetLifetimeService()
GetType Method type GetType()
InitializeLifetimeService Method System.Object InitializeLifetimeService()
Pause Method void Pause()
Refresh Method void Refresh()
Start Method void Start(), void Start(string[] args)
Stop Method void Stop()
WaitForStatus Method void WaitForStatus(System.ServiceProcess.Servi...
CanPauseAndContinue Property bool CanPauseAndContinue {get;}
CanShutdown Property bool CanShutdown {get;}
CanStop Property bool CanStop {get;}
Container Property System.ComponentModel.IContainer Container {get;}
DependentServices Property System.ServiceProcess.ServiceController[] Depe...
DisplayName Property string DisplayName {get;set;}
MachineName Property string MachineName {get;set;}
ServiceHandle Property System.Runtime.InteropServices.SafeHandle Serv...
ServiceName Property string ServiceName {get;set;}
ServicesDependedOn Property System.ServiceProcess.ServiceController[] Serv...
ServiceType Property System.ServiceProcess.ServiceType ServiceType ...
Site Property System.ComponentModel.ISite Site {get;set;}
StartType Property System.ServiceProcess.ServiceStartMode StartTy...
Status Property System.ServiceProcess.ServiceControllerStatus ...
ToString ScriptMethod System.Object ToString();
To be piped to Get-Member
, a command must produce object-based output.
Get-Service -Name w32time | Out-Host | Get-Member
Status Name DisplayName
------ ---- -----------
Running w32time Windows Time
Get-Member : You must specify an object for the Get-Member cmdlet.
At line:1 char:40
+ Get-Service -Name w32time | Out-Host | Get-Member
+
+ CategoryInfo : CloseError: (:) [Get-Member], InvalidOperationException
+ FullyQualifiedErrorId : NoObjectInGetMember,Microsoft.PowerShell.Commands.GetMemberCommand
Out-Host
writes directly to the PowerShell host, but it doesn't produce object-based output for
the pipeline. So it can't be piped to Get-Member
.
Active Directory
Note
The Remote Server Administration Tools listed in the requirements section of this chapter are required to complete this section. Also, as mentioned in the introduction to this book, your Windows 10 lab environment computer must be a member of the lab environment domain.
Use Get-Command
with the Module parameter to determine what commands were added as part of the
ActiveDirectory PowerShell module when the remote server administration tools were installed.
Get-Command -Module ActiveDirectory
CommandType Name Version Source
----------- ---- ------- ------
Cmdlet Add-ADCentralAccessPolicyMember 1.0.0.0 ActiveDi...
Cmdlet Add-ADComputerServiceAccount 1.0.0.0 ActiveDi...
Cmdlet Add-ADDomainControllerPasswordReplicationPolicy 1.0.0.0 ActiveDi...
Cmdlet Add-ADFineGrainedPasswordPolicySubject 1.0.0.0 ActiveDi...
Cmdlet Add-ADGroupMember 1.0.0.0 ActiveDi...
Cmdlet Add-ADPrincipalGroupMembership 1.0.0.0 ActiveDi...
Cmdlet Add-ADResourcePropertyListMember 1.0.0.0 ActiveDi...
Cmdlet Clear-ADAccountExpiration 1.0.0.0 ActiveDi...
Cmdlet Clear-ADClaimTransformLink 1.0.0.0 ActiveDi...
Cmdlet Disable-ADAccount 1.0.0.0 ActiveDi...
...
A total of 147 commands were added as part of the ActiveDirectory PowerShell module. Some commands of these commands only return a portion of the available properties by default.
Did you notice anything different about the names of the commands in this module? The noun portion of the commands has an AD prefix. This is common to see on the commands of most modules. The prefix is designed to help prevent naming conflicts.
Get-ADUser -Identity mike | Get-Member
TypeName: Microsoft.ActiveDirectory.Management.ADUser
Name MemberType Definition
---- ---------- ----------
Contains Method bool Contains(string propertyName)
Equals Method bool Equals(System.Object obj)
GetEnumerator Method System.Collections.IDictionaryEnumerator GetEn...
GetHashCode Method int GetHashCode()
GetType Method type GetType()
ToString Method string ToString()
Item ParameterizedProperty Microsoft.ActiveDirectory.Management.ADPropert...
DistinguishedName Property System.String DistinguishedName {get;set;}
Enabled Property System.Boolean Enabled {get;set;}
GivenName Property System.String GivenName {get;set;}
Name Property System.String Name {get;}
ObjectClass Property System.String ObjectClass {get;set;}
ObjectGUID Property System.Nullable`1[[System.Guid, mscorlib, Vers...
SamAccountName Property System.String SamAccountName {get;set;}
SID Property System.Security.Principal.SecurityIdentifier S...
Surname Property System.String Surname {get;set;}
UserPrincipalName Property System.String UserPrincipalName {get;set;}
Even if you're only vaguely familiar with Active Directory, you're probably aware that a user account has more properties than are shown in this example.
The Get-ADUser
cmdlet has a Properties parameter that is used to specify the additional
(non-default) properties you want to return. Specifying the *
wildcard character returns all of
them.
Get-ADUser -Identity mike -Properties * | Get-Member
TypeName: Microsoft.ActiveDirectory.Management.ADUser
Name MemberType Definition
---- ---------- ----------
Contains Method bool Contains(string proper...
Equals Method bool Equals(System.Object obj)
GetEnumerator Method System.Collections.IDiction...
GetHashCode Method int GetHashCode()
GetType Method type GetType()
ToString Method string ToString()
Item ParameterizedProperty Microsoft.ActiveDirectory.M...
AccountExpirationDate Property System.DateTime AccountExpi...
accountExpires Property System.Int64 accountExpires...
AccountLockoutTime Property System.DateTime AccountLock...
AccountNotDelegated Property System.Boolean AccountNotDe...
AllowReversiblePasswordEncryption Property System.Boolean AllowReversi...
AuthenticationPolicy Property Microsoft.ActiveDirectory.M...
AuthenticationPolicySilo Property Microsoft.ActiveDirectory.M...
BadLogonCount Property System.Int32 BadLogonCount ...
badPasswordTime Property System.Int64 badPasswordTim...
badPwdCount Property System.Int32 badPwdCount {g...
CannotChangePassword Property System.Boolean CannotChange...
CanonicalName Property System.String CanonicalName...
Certificates Property Microsoft.ActiveDirectory.M...
City Property System.String City {get;set;}
CN Property System.String CN {get;}
codePage Property System.Int32 codePage {get;...
Company Property System.String Company {get;...
CompoundIdentitySupported Property Microsoft.ActiveDirectory.M...
Country Property System.String Country {get;...
countryCode Property System.Int32 countryCode {g...
Created Property System.DateTime Created {get;}
createTimeStamp Property System.DateTime createTimeS...
Deleted Property System.Boolean Deleted {get;}
Department Property System.String Department {g...
Description Property System.String Description {...
DisplayName Property System.String DisplayName {...
DistinguishedName Property System.String Distinguished...
Division Property System.String Division {get...
DoesNotRequirePreAuth Property System.Boolean DoesNotRequi...
dSCorePropagationData Property Microsoft.ActiveDirectory.M...
EmailAddress Property System.String EmailAddress ...
EmployeeID Property System.String EmployeeID {g...
EmployeeNumber Property System.String EmployeeNumbe...
Enabled Property System.Boolean Enabled {get...
Fax Property System.String Fax {get;set;}
GivenName Property System.String GivenName {ge...
HomeDirectory Property System.String HomeDirectory...
HomedirRequired Property System.Boolean HomedirRequi...
HomeDrive Property System.String HomeDrive {ge...
HomePage Property System.String HomePage {get...
HomePhone Property System.String HomePhone {ge...
Initials Property System.String Initials {get...
instanceType Property System.Int32 instanceType {...
isDeleted Property System.Boolean isDeleted {g...
KerberosEncryptionType Property Microsoft.ActiveDirectory.M...
LastBadPasswordAttempt Property System.DateTime LastBadPass...
LastKnownParent Property System.String LastKnownPare...
lastLogoff Property System.Int64 lastLogoff {ge...
lastLogon Property System.Int64 lastLogon {get...
LastLogonDate Property System.DateTime LastLogonDa...
lastLogonTimestamp Property System.Int64 lastLogonTimes...
LockedOut Property System.Boolean LockedOut {g...
logonCount Property System.Int32 logonCount {ge...
LogonWorkstations Property System.String LogonWorkstat...
Manager Property System.String Manager {get;...
MemberOf Property Microsoft.ActiveDirectory.M...
MNSLogonAccount Property System.Boolean MNSLogonAcco...
MobilePhone Property System.String MobilePhone {...
Modified Property System.DateTime Modified {g...
modifyTimeStamp Property System.DateTime modifyTimeS...
msDS-User-Account-Control-Computed Property System.Int32 msDS-User-Acco...
Name Property System.String Name {get;}
nTSecurityDescriptor Property System.DirectoryServices.Ac...
ObjectCategory Property System.String ObjectCategor...
ObjectClass Property System.String ObjectClass {...
ObjectGUID Property System.Nullable`1[[System.G...
objectSid Property System.Security.Principal.S...
Office Property System.String Office {get;s...
OfficePhone Property System.String OfficePhone {...
Organization Property System.String Organization ...
OtherName Property System.String OtherName {ge...
PasswordExpired Property System.Boolean PasswordExpi...
PasswordLastSet Property System.DateTime PasswordLas...
PasswordNeverExpires Property System.Boolean PasswordNeve...
PasswordNotRequired Property System.Boolean PasswordNotR...
POBox Property System.String POBox {get;set;}
PostalCode Property System.String PostalCode {g...
PrimaryGroup Property System.String PrimaryGroup ...
primaryGroupID Property System.Int32 primaryGroupID...
PrincipalsAllowedToDelegateToAccount Property Microsoft.ActiveDirectory.M...
ProfilePath Property System.String ProfilePath {...
ProtectedFromAccidentalDeletion Property System.Boolean ProtectedFro...
pwdAnswer Property System.String pwdAnswer {ge...
pwdLastSet Property System.Int64 pwdLastSet {ge...
pwdQuestion Property System.String pwdQuestion {...
SamAccountName Property System.String SamAccountNam...
sAMAccountType Property System.Int32 sAMAccountType...
ScriptPath Property System.String ScriptPath {g...
sDRightsEffective Property System.Int32 sDRightsEffect...
ServicePrincipalNames Property Microsoft.ActiveDirectory.M...
SID Property System.Security.Principal.S...
SIDHistory Property Microsoft.ActiveDirectory.M...
SmartcardLogonRequired Property System.Boolean SmartcardLog...
sn Property System.String sn {get;set;}
State Property System.String State {get;set;}
StreetAddress Property System.String StreetAddress...
Surname Property System.String Surname {get;...
Title Property System.String Title {get;set;}
TrustedForDelegation Property System.Boolean TrustedForDe...
TrustedToAuthForDelegation Property System.Boolean TrustedToAut...
UseDESKeyOnly Property System.Boolean UseDESKeyOnl...
userAccountControl Property System.Int32 userAccountCon...
userCertificate Property Microsoft.ActiveDirectory.M...
UserPrincipalName Property System.String UserPrincipal...
uSNChanged Property System.Int64 uSNChanged {get;}
uSNCreated Property System.Int64 uSNCreated {get;}
whenChanged Property System.DateTime whenChanged...
whenCreated Property System.DateTime whenCreated...
Now that looks more like it.
Can you think of a reason why the properties of an Active Directory user account would be so limited by default? Imagine if you returned every property for every user account in your production Active Directory environment. Think of the performance degradation that you could cause, not only to the domain controllers themselves, but also to your network. It's doubtful that you'll actually need every property anyway. Returning all of the properties for a single user account is perfectly acceptable when you're trying to determine what properties exist.
It's not uncommon to run a command many times when prototyping it. If you're going to perform some huge query, query it once and store the results in a variable. Then work with the contents of the variable instead of repeatedly using some expensive query.
$Users = Get-ADUser -Identity mike -Properties *
Use the contents of the $Users
variable instead of running the previous command numerous times.
Keep in mind that the contents of the variable aren't updated when changes are made to that user in
Active Directory.
You could pipe the $Users
variable to Get-Member
to discover the available properties.
$Users | Get-Member
Then select the individual properties by piping $Users
to Select-Object
, all without ever having
to query Active Directory more than one time.
$Users | Select-Object -Property Name, LastLogonDate, LastBadPasswordAttempt
If you are going to query Active Directory more than once, use the Properties parameter to specify any non-default properties you want.
Get-ADUser -Identity mike -Properties LastLogonDate, LastBadPasswordAttempt
DistinguishedName : CN=Mike F. Robbins,OU=Sales,DC=mikefrobbins,DC=com
Enabled : True
GivenName : Mike
LastBadPasswordAttempt : 2/4/2017 10:46:15 AM
LastLogonDate : 2/18/2017 12:45:14 AM
Name : Mike F. Robbins
ObjectClass : user
ObjectGUID : a82a8c58-1332-4a57-a6e2-68e0c750ea56
SamAccountName : mike
SID : S-1-5-21-2989741381-570885089-3319121794-1108
Surname : Robbins
UserPrincipalName : miker@mikefrobbins.com
Summary
In this chapter, you've learned how to determine what type of object a command produces, how to determine what properties and methods are available for a command, and how to work with commands that limit the properties that are returned by default.
Review
- What type of object does the
Get-Process
cmdlet produce? - How do you determine what the available properties are for a command?
- If a command exists for getting something but not for setting the same thing, what should you check for?
- How can certain commands that don't produce output by default be made to produce output?
- If you're going to be working with the results of a command that produces an enormous amount of output, what should you consider doing?
Recommended Reading
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for