Skip to main content


This Script is part of the Active Directory Query Pack.#


Use the ad-get-user command in the Active Directory v2 integration instead.

Retrieves detailed information about a user account. The user can be specified by "name", "email" or as an "Active Directory Distinguished Name" (DN). If no filter is provided, the result will show all users.

Script Data#

Script Typepython
Tagsactive directory, enhancement, username


This script uses the following commands and scripts.

  • ad-search


Argument NameDescription
dnThe Active Directory Distinguished Name for the desired user.
nameThe name of the desired user.
attributesInclude these AD attributes of the resulting objects in addition to the default ones.
customFieldTypeSearch for a user by this custom field type.
customFieldDataSearch for a user by this custom field data (relevant only if customFieldType is provided).
headersThe columns headers to show the order by.
nestedSearchSelect "true" to allow nested groups search as well.
usernameThe samAccountName of the desire user.
limitThe maximum number of objects to return. The default is 20.
emailThe mail attribute of desire user.
userAccountControlOutInclude verbose translation for UserAccountControl flags.
usingThe instance name.


AccountThe Active Directory acount.Unknown
Account.TypeThe type of the Account entity.string
Account.IDThe unique Account DN (Distinguished Name).string
Account.UsernameThe Account username.string
Account.EmailThe email object associated with the Account.Unknown
Account.GroupsThe groups the Account is part of.string
Account.DisplayNameThe Account display name.string
Account.ManagerThe Account's manager.string
Account.Email.AddressThe email address object associated with the Account.string
DBotScore.IndicatorThe indicator value.string
DBotScore.TypeThe indicator's type.string
DBotScore.VendorThe indicator's vendor.string
DBotScore.ScoreThe indicator's score.number