Get AD User and Group Membership and export to CSV

Welcome Forums General PowerShell Q&A Get AD User and Group Membership and export to CSV

This topic contains 2 replies, has 3 voices, and was last updated by

 
Participant
3 weeks, 3 days ago.

  • Author
    Posts
  • #179697

    Participant
    Topics: 1
    Replies: 0
    Points: 36
    Rank: Member

    Hello all,

    I have been a sysadmin for years now, but just got into powershell in the last few months or so, and I find that it is very useful for many small tasks that I have.  I usually search for scripts online and change them up to make them work for me.  Recently, I was able to get one to work that found all the AD users in my domain, and all of their group memberships, and exported them to a CSV file.  The user first and last names were in column A and all of the groups they are members of were in column B (column B was pretty messy; I had to do a lot of clean up with find/replace in Excel), but it worked.

    I then made the rookie mistake of losing the script, and I have not been able to recreate it successfully.  If anyone out there can help, I would greatly appreciate it.  I can say that I was able to do a one-liner script, and I remember using Get-ADUser -SearchBase "DC=xxxx, DC=local" (I think).  I just cannot get it to make the file like I made before.  Thanks all in advance.

    -Danial

  • #179763

    Participant
    Topics: 4
    Replies: 76
    Points: 91
    Helping Hand
    Rank: Member

    How would you like to have the groups? All to column B? The groups are in distinguishedname format, but of course in output we can show only group names.

    Edit1: It could be something funky like

    get-aduser -Filter * -Properties memberOf,displayName | select samAccountName,displayName,@{N='memberOf';e={($_.memberof | foreach {$_.split(',')[0].split('=')[1]}) -join ';'}} | export-csv -NoTypeInformation -Encoding UTF8 -Path test-export.csv
    
  • #179799

    Participant
    Topics: 2
    Replies: 5
    Points: 32
    Rank: Member

    Hello, here is the script I'm using.

    Get-ADUser -LDAPFilter "(name=*)" -SearchScope Subtree `
    -SearchBase "OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx" | %{
    $user = $_
    $user | Get-ADPrincipalGroupMembership |
    Select-Object @{N="User";E={$user.sAMAccountName}},@{N="Group";E={$_.Name}}
    } | Select-Object User,Group | Export-Csv C:\temp\report.csv -

    Have a nice day,

    Laurent.

You must be logged in to reply to this topic.