locked
Exporting Enabled AD Users that are Members of a Group to a CSV file RRS feed

  • Question

  • Hi I have been trying to work out how to Export the User Names of Members of a particular OU, that are Members of a Particular Security Group to a CSV File

    I can get the List of Users to Output correctly using Write-Host but it will not give the same output if I use Export-Csv

    Any ideas where I am going wrong my Script is

     
    import-module activedirectory
    
    $Site= "SiteName"
    $Users = Get-ADUser  -SearchBase "OU=$Site,OU=XXXXXXX,DC=XXXXXXX.DC=Local" -filter 'enabled -eq $true'
    $group = "Name Of Security Group"
    $members = Get-ADGroupMember -Identity $group -Recursive | Select -ExpandProperty Name
    
    $users | ForEach-Object {
    $user = $_.name
    If ($members -contains $user) {
    
    Write-Host "$user"
    
    
    } }
    

    This works perfectly I get a List of the Enabled Users for the Site OU that are Members of the Security Group

    But if I replace Write Host with

    "$user" | Export-Csv -Path "C:\$site.csv" -NoTypeInformation

    It Creates the CSV file but the Users name are not Listed instead I get

    Length

    11

    In the first 2 cells.

    Any ideas on how to get this to work correctly?

     

    Tuesday, January 2, 2018 1:48 PM

Answers

  • To get the information you're after you can do it this way:
    $GroupName = 'your group name'
    $SearchBase = 'your searchbase'
    $GroupDistinguishedName = Get-ADGroup -Identity $GroupName | Select-Object -ExpandProperty DistinguishedName
    Get-ADUser -Filter {Enabled -eq $false} -SearchBase $SearchBase -Properties MemberOf | 
        Where-Object {
            $_.MemberOf -contains $GroupDistinguishedName
        } | Select-Object -Property Name
     .... and of course you can pipe this to an Export-CSV if needed.

    Best regards,

    (79,108,97,102|%{[char]$_})-join''


    • Edited by BOfH-666 Tuesday, January 2, 2018 2:31 PM
    • Proposed as answer by Richard MuellerMVP Tuesday, January 2, 2018 2:51 PM
    • Marked as answer by Steve-PW Tuesday, January 2, 2018 3:38 PM
    Tuesday, January 2, 2018 2:31 PM
  • I would use the -Properties parameter of Get-ADUser to specify all of the properties you want. The script BOfH_666 posted works because Name is a default property, so it is retrieved whether or not you specify it. The MemberOf property is an extended property which must be specified.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Marked as answer by Steve-PW Tuesday, January 2, 2018 3:38 PM
    Tuesday, January 2, 2018 2:55 PM

All replies

  • To get the information you're after you can do it this way:
    $GroupName = 'your group name'
    $SearchBase = 'your searchbase'
    $GroupDistinguishedName = Get-ADGroup -Identity $GroupName | Select-Object -ExpandProperty DistinguishedName
    Get-ADUser -Filter {Enabled -eq $false} -SearchBase $SearchBase -Properties MemberOf | 
        Where-Object {
            $_.MemberOf -contains $GroupDistinguishedName
        } | Select-Object -Property Name
     .... and of course you can pipe this to an Export-CSV if needed.

    Best regards,

    (79,108,97,102|%{[char]$_})-join''


    • Edited by BOfH-666 Tuesday, January 2, 2018 2:31 PM
    • Proposed as answer by Richard MuellerMVP Tuesday, January 2, 2018 2:51 PM
    • Marked as answer by Steve-PW Tuesday, January 2, 2018 3:38 PM
    Tuesday, January 2, 2018 2:31 PM
  • I would use the -Properties parameter of Get-ADUser to specify all of the properties you want. The script BOfH_666 posted works because Name is a default property, so it is retrieved whether or not you specify it. The MemberOf property is an extended property which must be specified.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Marked as answer by Steve-PW Tuesday, January 2, 2018 3:38 PM
    Tuesday, January 2, 2018 2:55 PM
  • Hi Richard

    Thanks for the swift response this works perfectly for what I need

    Regards

    Steve

    Tuesday, January 2, 2018 3:40 PM
  • Great, glad it worked.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Tuesday, January 2, 2018 3:53 PM