Query AD to find the Manager information of users

  • If you want a list for all users objects run the following

    Get-ADUser -filter * -Properties * | select displayname,manager

    Else you can scope it with the following:

    Get-ADUser <samaccountname> -Properties * | select displayname,manager

    Monday, March 20, 2017 8:22 PM
  • Check the help for Get-ADUser. I would not use -Properties *, as the resultset will be much larger than necessary, and if the first user retrieved has no manager assigned, the resultset will not include that attribute for any of the users. I suggest using -Properties manager. Then select sAMAccountName (a default property so it is always retrieved) and manager. The sAMAccountName uniquely identifies the users, while displayName does not, and is not even mandatory. The manager attribute is a distinguishedName.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Proposed as answer by jrv Monday, March 20, 2017 9:04 PM
    Monday, March 20, 2017 8:34 PM
  • Thank you very much for the quick answer.

    If the users are located in different OUs\Sub-OUs manage by same manager is there is a way to query AD and create a list of those users under the same manager?

    Tuesday, March 21, 2017 1:43 PM
  • The LDAP syntax query for all users with the same manager would be similar to:

    "(manager=cn=Jim Smith,ou=Sales,ou=West,dc=MyDomain,dc=com)"

    This can used with the dsquery * command line utility (using the -Filter parameter), or ADFind, or the -LDAPfilter parameter of PowerShell Get-ADUser. You must specify the full distinguished name of the manager.

    If you use the -Filter parameter of Get-ADUser, you would use the PowerShell syntax, similar to:

    -Filter {manager -eq "cn=Jim Smith,ou=Sales,ou=West,dc=MyDomain,dc=com"}

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Tuesday, March 21, 2017 3:10 PM