Previous

Modern Approach

A script that will enumerate the AD users along with all the properties of those user accounts.

Save file with name enum.ps1 :-

$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$PDC = ($domainObj.PdcRoleOwner).Name
$SearchString = "LDAP://"
$SearchString += $PDC + "/"
$DistinguishedName = "DC=$($domainObj.Name.Replace('.', ',DC='))" $SearchString += $DistinguishedName
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$Searcher.SearchRoot = $objDomain
$Searcher.filter="samAccountType=
805306368"
$Result = $Searcher.FindAll()
Foreach($obj in $Result)
{
Foreach($prop in $obj.Properties)
{
$prop
}
Write-Host "------------------------"
}

Note: 805306368 might change depending on what to search . 805306368 is decmal value of 0X30000000 get from link https://msdn.microsoft.com/en-us/library/ms679637(v=vs.85).aspx . To find decimal value just google 0x30000000 in decimal