locked
Powershell export from AD RRS feed

  • Question

  • Good morning,

    I have a PowerShell script to export a CSV of users from a specific OU in AD.
    It lists the username on the left, email address, account status, last login date.

    I am curious if there is a way to include two additional columns and list beside each user if they are members of specific security groups?

    If they are not a member that can be empty, but if they are a member it can list the name of the security group?

    For example:
    Scott Green, scott.green@axiomlaw.com, Active, 11-11-2018 10:00, grp_securitygroup1, grp_securitygroup2

    Thanks,

    Curtis

     
    Thursday, January 3, 2019 11:14 AM

All replies

  • Thursday, January 3, 2019 12:07 PM
  • Here's one way...

    # Identity to search for:
    $Identity = 'Some.User'
    
    # Group to look for:
    $GroupName = 'Domain Users'
    
    $OutputFile = 'C:\temp\output.csv'
    
    Get-ADUser -Identity $Identity -properties DisplayName,EmailAddress, Enabled, LastLogonDate | Select-Object `
        @{Name="DisplayName";    Expression={$_.DisplayName}},
        @{Name="EmailAddress";   Expression={$_.EmailAddress}},
        @{Name="Enabled";        Expression={$_.Enabled}},
        @{Name="Last Logon";     Expression={$_.LastLogonDate}},
        @{Name="MemberOfGroup"; Expression={((Get-ADPrincipalGroupMembership -Identity $_.SamAccountName) -match $GroupName)}} | Export-Csv -Path $OutputFile -Force -NoTypeInformation

    Thursday, January 3, 2019 12:07 PM
  • Or something similar..:

    # Identity to search for:
    $Identity = 'some.user'
    
    # Group to look for:
    $GroupName = 'Domain Users'
    
    $OutputFile = 'C:\temp\output.csv'
    
    Get-ADUser -Identity $Identity -properties DisplayName,EmailAddress, Enabled, LastLogonDate | Select-Object {
        $PSObject = New-Object -TypeName PSObject
        $PSObject | Add-Member -Name 'DisplayName' -MemberType Noteproperty -Value $_.DisplayName
        $PSObject | Add-Member -Name 'EmailAddress' -MemberType Noteproperty -Value $_.EmailAddress
        $PSObject | Add-Member -Name 'Enabled' -MemberType Noteproperty -Value $_.Enabled
        $PSObject | Add-Member -Name 'Last Logon' -MemberType Noteproperty -Value $_.LastLogonDate
        $PSObject | Add-Member -Name 'MemberOfGroup' -MemberType Noteproperty -Value ((Get-ADPrincipalGroupMembership -Identity $identity) -match $GroupName).DistinguishedName
        $PSObject | Export-Csv -Path $OutputFile -Force -NoTypeInformation
    }
    


    Thursday, January 3, 2019 12:27 PM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Lee


    Just do it.

    Tuesday, January 8, 2019 8:27 AM