Forum Discussion

keeganjjk's avatar
keeganjjk
Copper Contributor
Oct 09, 2024

Getting messageUnable to find type [Microsoft.ActiveDirectory.Management.ADUser].

I am running a script that was posted online at theposhwolf.com that gets information regarding account lockouts in AD.

This has been great for gaining insight about the nature of our account lockouts as we recently witnessed lockouts created by an unauthorized user from outside of our network.

The problem is, the script is a Function definition for "Get-ADUserLockouts", containing the line: 

Param(

...

     [Microsoft.ActiveDirectory.Management.ADUser]$Identity

...)

After defining the function, and then trying to run it, I get the error message:

Unable to find type [Microsoft.ActiveDirectory.Management.ADUser].

But when I run:

Search-AdAccount -LockedOut

then run the Get-ADUserLockouts function, it works without a problem.

I am somewhat of a novice with PowerShell, but it seems to me like the [Microsoft.ActiveDirectory.Management.ADUser] data type is defined in the AD Cmdlets, and is brought into my environment when I run the Search-AdAccount cmdlet, after which the Get-ADUserLockouts function works properly.

How can I bring the [Microsoft.ActiveDirectory.Management.ADUser] data type into the function, so that I don't need to run the Search-AdAccount function.

My goal is to move this into my $Profile on my Domain Controllers so that I can just open a PowerShell window, and run the Get-AdUserLockouts function without having to load it every time.

Thanks in Advance for your replies,

John Keegan

  • LainRobertson's avatar
    LainRobertson
    Silver Contributor

    keeganjjk 

     

    Hi, John.

     

    Microsoft ships a module called ActiveDirectory as either part of the RSAT tools for Windows clients, or as part of Windows Server via the feature named "RSAT-AD-PowerShell".

     

    If that ActiveDirectory module is installed (which it almost certainly will be by default on a domain controller, but may not be on anything that's not a domain controller) then you simply need to import the ActiveDirectory module prior to calling any of the functions you're defining.

     

    Import-Module -Name ActiveDirectory;

     

    Example

     

    There are other ways but this is the most practical (without diverging into why).

     

    Cheers,

    Lain

  • MonirMS's avatar
    MonirMS
    Copper Contributor

    keeganjjk 

     

    1. Open PowerShell as administrator.

    2. Install RSAT AD for powershell using this - 

    Install-WindowsFeature -Name "RSAT-AD-PowerShell" -IncludeAllSubFeature

     

     

    3. Execute the following command to verify the module is available, run the following:

    Get-Module -Name ActiveDirectory -ListAvailable

    if you see the output like this the you're good to proceed -

     

    3. Import the module using - 

    Import-Module -Name ActiveDirectory

     

     

    Happy Life!!!

     

Resources