The PowerShell command Get-ADUser is part of the Active Directory PowerShell module. Go to this article if you want to know how to install it.
You should use the Filter switch to search effectively for users in your Active Directory. Don’t extract all users and then search the result set.
Use Get-ADUser -Filter to search directly for improved performance.
Understand the Get-ADUser Filter Parameter
With the many various filtering options available (LDAP filtering, oData v3.0 filtering, etc.), the filter switch often causes confusion.
The filter switch used in the Get-ADUser and Get-ADGroup commands uses the PowerShell expression language in the query string.
This is different than, e.g., when using the Get-AzureADUser command (which uses oData v3.0 filtering)!
To understand the LDAPFilter switch read this article.
The following operators should cover most of your needs:
Operator | Meaning | Sample expression |
---|---|---|
-eq | Equal to | DisplayName -eq ‘Jonas Watt Boolsen’ |
-ne | Not equal to | Country -ne ‘DK’ |
-gt | Greater than | BadLogonCount -gt ‘0’ |
-ge | Greater than or equal | Modified -ge ’06-04-2021 12:00:00′ |
-lt | Less than | LastLogonTimeStamp -lt ’01-01-2021′ |
-le | Less than or equal | Created -le ’01-01-2020′ |
-like | Wildcard search | Mail -like ‘*@easy365manager.com’ |
-notlike | Wildcard search with negation | Department -notlike ‘*’ |
-and | And | Country -eq ‘DK’ -and Department -eq ‘Sales’ |
-or | Or | Country -eq ‘DK’ -or -Country -eq ‘DE’ |
Please notice the following in the above examples:
- Enclose the compared value(s) in apostrophes
- Use -like ‘*’ and -notlike ‘*’ to find empty or non-empty values
- Filter “cryptic” date/time formats directly with a DateTime variable (like e.g. the LastLogonTimeStamp attribute which uses the FileTime format)
Below you have some code snippets that should point you in the right direction on how to structure your filters for your Get-ADUser search queries:
Get-ADUser -Filter 'DisplayName -eq "Jonas Watt Boolsen"'
Get-ADUser -Filter 'Country -ne "DK"'
Get-ADUser -Filter 'BadLogonCount -gt "0"'
Get-ADUser -Filter 'Modified -ge "06-04-2021 12:00:00"'
$Date = (Get-Date).AddDays(-60)
Get-ADUser -Filter 'LastLogonTimeStamp -lt $Date'
Get-ADUser -Filter 'Created -le "01-01-2020"'
Get-ADUser -Filter 'Mail -like "*@easy365manager.com"'
Get-ADUser -Filter 'Department -notlike "*"'
Get-ADUser -Filter 'Country -eq "DK" -and Department -eq "Sales"'
Get-ADUser -Filter 'Country -eq "DK" -or -Country -eq "DE"'
Next Level Active Directory and Office 365 Management
- Manage AD and Office 365 in a single interface (AD Users & Computers)
- Offload complex tasks like calendar delegation to 1st-line support in seconds
- Remove your Exchange on-premises Server
Sounds almost too good to be true?
With Easy365Manager, you no longer have to log in to the Microsoft 365 Admin Center, the Exchange Online Admin Center, or the Azure Portal for daily user management.
Consider the following example where calendar delegation is configured in a few seconds without using complex PowerShell scripting:
Easy365Manager is a snap-in to AD Users & Computers that allows you to manage Office 365 mailboxes and licenses as part of your standard AD management.
Watch this on-demand webinar to learn more about Easy365Manager:
Easy365Manager extends user properties with two new tabs, so you no longer have to switch between multiple tools to perform daily management:


With Easy365Manager you can remove your on-premises Exchange server to avoid all future zero-day exploits.
Watch the extensive feature list here.
Try the 30-day trial now. It only takes a few minutes to install, and we guarantee you’ll be saving hours of work before the end of the week!