Defining Active Directory Identity with PowerShell

There are two sets of cmdlets for working with Active Directory – Microsoft and Quest. Unfortunately they offer slightly different options for defining the identity of the user you want to work with.

The Microsoft cmdlets offer these options:

Distinguished Name = "CN=GREEN Mike,CN=Users,DC=Manticore,DC=org"
GUID  = 53837835-1de0-4686-ae3f-b8cf23890ce3
Sid = S-1-5-21-3881460461-1879668979-35955009-6273
sAMAccountName = mgreen

By contrast the Quest cmdlets offer these options for defining Identity:

DN = DistinguishedName = "CN=GREEN Mike,CN=Users,DC=Manticore,DC=org"
SID = S-1-5-21-3881460461-1879668979-35955009-6273
GUID = 53837835-1de0-4686-ae3f-b8cf23890ce3
UPN = UserPrincipalName =
Domain\UserName = MANTICORE\mgreen

If you not using the cmdlets and relying on the ADSI interface – all you can use is the distinguished name

$user = [ADSI]”LDAP://CN=GREEN Mike,CN=Users,DC=Manticore,DC=org"

Leave a Reply