PS: Find If User/Computer Exists Without AD Module

less than 1 minute read


Sometimes you may want to run a powershell script that checks against AD without actually importing the AD module to a server. For example, on a file server you may want to check certain directories that are mapped to usernames in AD in order to clean up old accounts.

To Resolve:

  1. Use this in your PS Script to check if a user or computer exists in AD:

    #user properties
    $san = 'myuser'
    $getad = (([adsisearcher]"(&(objectCategory=User)(samaccountname=$san))").findall()).properties
    If ($getad.count -gt 0)
    write-output "account exists: $getad"
    write-output "account DOESNT exists: $getad"
    #Computer properties
    $pc = 'computername'
    $getad = (([adsisearcher]"(&(objectCategory=Computer)(name=$pc))").findall()).properties
  2. Another option is ‘implicit remoting’ which I haven’t tested but seems to be the more supported way:

    function Get-ActiveDirectorySession 
       [string]$Server = ''
       $session = New-PSSession -ComputerName $Server
       Invoke-Command -Session $session -ScriptBlock {Import-Module ActiveDirectory}
       return $session
    #Then at the beginning of your script you can do something like this:
    if (Get-Module -ListAvailable ActiveDirectory)
    Import-Module ActiveDirectory
    else {
    Import-PSSession -Session (Get-ActiveDirectorySession) -Module ActiveDirectory | Out-Null