Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1158
  • Last Modified:

active directory list of users with group and email

create a report showing alll users with the groups they are a member of and emails and email groups they participate in.
0
1030071002
Asked:
1030071002
  • 7
  • 6
  • 5
  • +2
14 Solutions
 
marine7275Commented:
0
 
Mike KlineCommented:
you could also try adfind
http://www.joeware.net/freetools/tools/adfind/index.htm
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses
see if that gives you what you need
Thanks
Mike
0
 
delyan_valchevCommented:
Here is a PowerShell script with Quest's Commands for Active Directory ( http://www.quest.com/powershell ) which generates a CSV report including:
- DN
- User names
- Logon username
- Email
- List of group memberships separated by semicolons
You can import it in Excel and format it the way you like.
Hope it helps!
$act={
	$QT='"'
	echo "DN,Name,Username,email,Description,Group membership"
	Get-QADUser -SearchRoot 'mydomain.com/Users' | foreach-object {
		$grp=''
		foreach ($i in $_.memberof) 
			{$a=(Get-QADgroup -identity $i).name
			$grp=$grp+$a+";"}
		select-object	
		
		$uname=$QT + $_.name +$QT
		$udn=$QT+ $_.dn +$QT
		$usamid=$QT+ $_.samaccountname +$QT
		$uemail=$QT+ $_.email +$QT
		$udesc=$QT+ $_.description +$QT
	
		
		echo ($udn + "," + $uname + "," +$usamid+ "," +$uemail + "," + $udesc+ "," + $grp)
	}
}
 
&$act > Userlist.csv

Open in new window

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Chris DentPowerShell DeveloperCommented:

@delyan_valchev

It's lovely to be able to create your own output... but... there's Export-CSV.

Something like this:

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ $_.memberOf | %{ Get-QADGroup | Select-Object Name }}} | `
  Export-CSV "out.csv"

Chris
0
 
1030071002Author Commented:
it work how can I print this or write it to a file
0
 
Mike KlineCommented:
If you are talking about the adfind you can send it to a text file
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses  > c:\Users.txt
or if you want it in csv format
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses -csv > c:\users.csv
What chris provided should already give you a file called out.csv
Thanks
Mike
 
0
 
delyan_valchevCommented:
@Chris,
Thanks for the tip! Is it also possible to have the "reduced" version of my script so that the list of group memberships is separated by semicolon, while the other fields are separated by coma? It's useful for subsequent separate formatting of the user properties and the memberships.
0
 
1030071002Author Commented:
Chris-Dent where do i do that
0
 
1030071002Author Commented:
Sage how do i get the info to print or to a file
0
 
1030071002Author Commented:
quest.com/powershell it says I need sp 3.5 sorry
0
 
delyan_valchevCommented:
0
 
1030071002Author Commented:
C:\>Get-QADUser -SearchRoot 'mydomain.com/Users' | ` Select-Object Name, DN, sAM
AccountName, Email, Description, ` @{n='Groups';e={ $_.memberOf | %{ Get-QADGrou
p | Select-Object Name }}} | ` Export-CSV "out.csv"
'Get-QADUser' is not recognized as an internal or external command,
operable program or batch file.
0
 
Chris DentPowerShell DeveloperCommented:

> reduced" version of my script so that the list of group memberships is separated by semicolon

Yeah, did it work as I posted? Blimey :)

Lets have Groups as an array and join it together... might work like this:

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ [String]::Join(",", ($_.memberOf | %{ (Get-QADGroup $_).Name }) }} | `
  Export-CSV "out.csv"

Sorry for the lack of certainty, my server here is broken, haven't got round to fixing it so testing stuff only happens at work ;)

Chris
0
 
Chris DentPowerShell DeveloperCommented:

> is not recognized as an internal or external command,

You'll need to run the PowerShell shortcut from the Quest folder in the start menu, or run this command first:

Get-PsSnapIn -Reg | Add-PsSnapIn -EA 0

It needs to load the commands before they can be used.

Chris
0
 
1030071002Author Commented:
mkline71 how can write the file out it run perfect but i cant write the file out
0
 
Mike KlineCommented:
mkline71 how can write the file out it run perfect but i cant write the file out
See my answer in comment ID:24368399
...gave some examples about writing to a file.
Thanks
Mike
0
 
delyan_valchevCommented:
Chris,
I'm also theorizing there at home and I'm no PowerShell guru. Will test tomorrow at work as well. Noticed a small typo in the Join:
 [String]::Join(";", ($_.memberOf | %{ (Get-QADGroup $_).Name
Correct me if I'm wrong.
0
 
Chris DentPowerShell DeveloperCommented:

Ahh sorry, I'd read it as comma delimited :) Anyway, I think PowerShell adds appropriate quoting to Export-CSV.

Chris
0
 
Chris DentPowerShell DeveloperCommented:

If Mike's solution helped you should accept Mike's response.  Objecting to the close on the grounds that it is impolite to request closure as self answered with no good reason.

Chris
0
 
Mike KlineCommented:
...both adfind and powershell can do the trick here (as with many tasks).  I'd personally give points for both answers.  Chris & delyan did a lot here too.
Thanks
Mike
 
0
 
Chris DentPowerShell DeveloperCommented:

Tested and fixed the PowerShell snippets... just in case.

I'd have to find a better way for a large domain, it's painful pulling the group names like this, far too many calls to AD.

Chris
Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ [String]::Join(";", @($_.memberOf | %{ (Get-QADGroup $_).Name })) }} | `
  Export-CSV "out.csv"

Open in new window

0
 
delyan_valchevCommented:
Found a new cmdlet in AD Management Shell 1.2 - Get-QADMemberOf which should do the optimization trick. I have revised a bit the script. Seems to be working ;)

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
Select-Object Name, DN, sAMAccountName, Email, Description, `
@{n='Groups';e={ [String]::Join(";",($_|Get-QADMemberOf|%{$_.Name}))}} | `
Export-Csv "out.csv"

Open in new window

0
 
Chris DentPowerShell DeveloperCommented:

Mmm yes, that is rather nicer :)

Chris
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 7
  • 6
  • 5
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now