Get-ADUser issue

Posted on Wednesday 6 November 2013 by richardsiddaway

By default Get-ADUser returns a limited number of properties.  If you wanted to see all properties on a user account you would do this

Get-Aduser –Identity richard –Properties *

This option appears to be broken in Windows 2012 R2 / PowerShell 4

PS C:\Windows\system32> Get-ADUser -Identity richard -Properties *

Get-ADUser : One or more properties are invalid.
Parameter name: msDS-AssignedAuthNPolicy
At line:1 char:1
+ Get-ADUser -Identity richard -Properties *
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (richard:ADUser) [Get-ADUser], ArgumentException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Commands.GetADUser

You can work round the problem like this:

Get-ADUser -Identity richard| Get-ADObject -Properties *

This entry was posted in PowerShell and Active Directory, PowerShell v4, Windows Server 2012 R2. Bookmark the permalink.

3 Responses to Get-ADUser issue

  2. Pingback: Password Expiry Notification Script | Adam Fowler - I.T. From Australia

  3. Pingback: Konstiga beteenden för Get-ADUser | JohanPersson.nu

Leave a comment