Share via

Export AD Group

Glenn Maxwell 12,876 Reputation points
2022-08-24T21:52:45.85+00:00

Hi All

i have an AD group lets say gp1 it has 100 AD groups with in it and 5 users. i want to export these AD groups and 5 users to csv file. my output should be 100AD groups and 5 users i.e 105. i dont want to export all the users with in the AD groups.

when i use the below syntax i am not getting the output. experts please correct me 

$Input = "Name,Description,UserprincipalName,SamAccountName,office,DepartmentNumber,Department" -split ','  
Get-ADGroupMember -Identity "GP1"  |   
Get-ADUser -Properties $Input  |   
Select-Object $Input  |   
Export-CSV -Path C:\temp\output.csv -NoTypeInformation
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | PowerShell
Windows for business | Windows Server | User experience | Other
0 comments
Accepted answer
  1. Rich Matheisen 47,901 Reputation points
    2022-08-25T02:17:46.517+00:00

    I think @Rafael da Rocha had it almost right. Revamping his code a bit to place the membership of each group into a separate CSV was, I think, what you were looking for though.

    Since you only want the membership of the main group and its immediate child groups you can do this without using recursion: 

    $Input_Users = "Name,Description,UserprincipalName,SamAccountName,office,DepartmentNumber,Department" -split ','  
$GroupNames = @()  
  
# get the users in the main group  
Get-ADGroupMember -Identity "GP1" |  
    ForEach-Object {   
        if ($_.objectClass -eq "user") {   
            Get-ADUser $_.SamAccountName -Properties $Input_Users | Select-Object $Input_Users   
        }   
        elseif ($_.objectClass -eq "Group") {   
            $GroupNames += $_.distinguishedName  
        }   
    } | Export-Csv -Path C:\temp\ParentGroupUsers.csv -NoTypeInformation  
# get the users (ignoring other ogject types) that are members of each child group  
# place the users in a unique CSV for each group  
ForEach ($group in GroupNames){  
    $g = "c:\temp\{0}.csv" -f (Get-ADGroup -Identity $group).Name  
    Get-ADGroupMember -Identity $group |  
        ForEach-Object{  
            Get-ADUser $_.SamAccountName | Select-Object $Input_Users  
        } | Export-Csv $g -NoTypeInformation  
}
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rafael da Rocha 5,251 Reputation points
    2022-08-24T22:58:19.667+00:00

    Hello,
    You're not getting the output probably because when get-aduser tries a group that is a member of the first one, it errors and breaks the script.
    Try this: 

    $Input_Users = "Name,Description,UserprincipalName,SamAccountName,office,DepartmentNumber,Department" -split ','  
$input_Groups = "Name,Description,SamAccountName" -split ','  
Get-ADGroupMember -Identity "GP1" |  
ForEach-Object {if ($_.objectClass -eq "user") {Get-ADUser $_.SamAccountName -Properties $Input_Users | Select-Object $Input_Users}   
elseif ($_.objectClass -eq "Group") {Get-ADGroup $_.SamAccountName -Properties $input_Groups | Select-Object $input_Groups}} |  
Export-CSV -Path C:\temp\output.csv -NoTypeInformation
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.