Finding Disabled Users:

get-qaduser –disabled

Create a new Active Directory user:

new-QADUser -name '<User CN>' -parentContainer '<Parent DN>' -UserPassword
'<Password>' -FirstName '<User First Name>' -LastName '<User Last Name>'
-UserPrincipalName '<User UPN>'

Create multiple users in Active Directory:

$parentDN = “<ParentDN>" $strPass = “userPaswd” For ($i = 1; $i -le 1000; $i++) { $strUserName = “User” + $i New-QADUser -name $strUserName -parentContainer $parentDN -UserPassword $strPass }

Modify Attributes for several users:

$strfileServer = "\Servername"
$objOU = [ADSI] "LDAP://<OU DN>"
$objOU.psbase.Children |% {
    $uac = [int](($_.userAccountControl).ToString())
    if (($_.objectClass -eq "user") -and (($uac -band 2) -eq 0))
    {
        $_.put("homeDirectory", $strFileServer + $_.sAMAccountName)
        $_.SetInfo()
    }
}

Delete user in Active Directory

remove-QADObject -identity <User DN>

Set user profile in Active Directory

get-QADUser -identity "<User DN>" |
set-QADUser -HomeDirectory '\ServernameKatrin' -HomeDrive 
'H:' -ProfilePath '\server1profilesjsmith' 
-scriptpath '\dcnamenetlogonlogonscript.vbs'

Move User to other OU

move-QADObject -Identity <UserDN> -NewParentContainerName <New OU DN>

Find Locked User Accounts

Get-QADuser -locked

Unlock User Account

Unlock-QADUser -Identity <UserDN>

Retrieve Password lockout policy

Get-QADObject domainname.com | format-list Name, *password*, *lockout*