Snippet Name: Check_AD_User_Existence

Tags:

Created Date: 2025-06-16 13:12:42
Last Modified Date: 2025-05-31 10:31:43

Dependencies:

DBA Notes:

Sample Output:

Title: Check AD User Existence
Author: user
in powershell, i am checking for Logins that are no longer part of our Active Directory domain. when using "Get-ADUser $userName", how can  i check if no results were returned without an error

Author: ChatGPT
In PowerShell, when you use the `Get-ADUser` cmdlet to retrieve an Active Directory user, it will return an error if the user is not found. To handle this situation gracefully without generating an error, you can use a try-catch block or by checking if the returned object is null. Here's how you can do it both ways:

### Using `try-catch`:

```powershell
$userName = "exampleUser"

try {
    $user = Get-ADUser -Identity $userName -ErrorAction Stop
    # If the user is found, the code will continue here
    Write-Output "User $userName found: $($user.Name)"
} catch {
    # If the user is not found, the code will jump here
    Write-Output "User $userName does not exist in Active Directory."
}
```

### Checking if the returned object is null:

```powershell
$userName = "exampleUser"
$user = Get-ADUser -Identity $userName -ErrorAction SilentlyContinue

if ($null -eq $user) {
    Write-Output "User $userName does not exist in Active Directory."
} else {
    Write-Output "User $userName found: $($user.Name)"
}
```

In the first example, `-ErrorAction Stop` is used to force `Get-ADUser` to throw an exception if the user is not found, which is then caught by the `catch` block.

In the second example, `-ErrorAction SilentlyContinue` suppresses the error message, allowing the script to continue running. The result is then checked to see if it is null.

Both methods are effective, but the second method is typically simpler and preferred for straightforward existence checks.