Solved

active directory list of users with group and email

Posted on 2009-05-12
23
1,148 Views
Last Modified: 2012-05-06
create a report showing alll users with the groups they are a member of and emails and email groups they participate in.
0
Comment
Question by:1030071002
  • 7
  • 6
  • 5
  • +2
23 Comments
 
LVL 13

Assisted Solution

by:marine7275
marine7275 earned 35 total points
ID: 24367975
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 24368052
you could also try adfind
http://www.joeware.net/freetools/tools/adfind/index.htm
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses
see if that gives you what you need
Thanks
Mike
0
 
LVL 4

Assisted Solution

by:delyan_valchev
delyan_valchev earned 140 total points
ID: 24368181
Here is a PowerShell script with Quest's Commands for Active Directory ( http://www.quest.com/powershell ) which generates a CSV report including:
- DN
- User names
- Logon username
- Email
- List of group memberships separated by semicolons
You can import it in Excel and format it the way you like.
Hope it helps!
$act={
	$QT='"'
	echo "DN,Name,Username,email,Description,Group membership"
	Get-QADUser -SearchRoot 'mydomain.com/Users' | foreach-object {
		$grp=''
		foreach ($i in $_.memberof) 
			{$a=(Get-QADgroup -identity $i).name
			$grp=$grp+$a+";"}
		select-object	
		
		$uname=$QT + $_.name +$QT
		$udn=$QT+ $_.dn +$QT
		$usamid=$QT+ $_.samaccountname +$QT
		$uemail=$QT+ $_.email +$QT
		$udesc=$QT+ $_.description +$QT
	
		
		echo ($udn + "," + $uname + "," +$usamid+ "," +$uemail + "," + $udesc+ "," + $grp)
	}
}
 
&$act > Userlist.csv

Open in new window

0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 175 total points
ID: 24368272

@delyan_valchev

It's lovely to be able to create your own output... but... there's Export-CSV.

Something like this:

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ $_.memberOf | %{ Get-QADGroup | Select-Object Name }}} | `
  Export-CSV "out.csv"

Chris
0
 

Author Comment

by:1030071002
ID: 24368336
it work how can I print this or write it to a file
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 150 total points
ID: 24368399
If you are talking about the adfind you can send it to a text file
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses  > c:\Users.txt
or if you want it in csv format
adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof proxyaddresses -csv > c:\users.csv
What chris provided should already give you a file called out.csv
Thanks
Mike
 
0
 
LVL 4

Assisted Solution

by:delyan_valchev
delyan_valchev earned 140 total points
ID: 24368407
@Chris,
Thanks for the tip! Is it also possible to have the "reduced" version of my script so that the list of group memberships is separated by semicolon, while the other fields are separated by coma? It's useful for subsequent separate formatting of the user properties and the memberships.
0
 

Author Comment

by:1030071002
ID: 24368455
Chris-Dent where do i do that
0
 

Author Comment

by:1030071002
ID: 24368479
Sage how do i get the info to print or to a file
0
 

Author Comment

by:1030071002
ID: 24368487
quest.com/powershell it says I need sp 3.5 sorry
0
 
LVL 4

Assisted Solution

by:delyan_valchev
delyan_valchev earned 140 total points
ID: 24368508
0
 

Author Comment

by:1030071002
ID: 24368541
C:\>Get-QADUser -SearchRoot 'mydomain.com/Users' | ` Select-Object Name, DN, sAM
AccountName, Email, Description, ` @{n='Groups';e={ $_.memberOf | %{ Get-QADGrou
p | Select-Object Name }}} | ` Export-CSV "out.csv"
'Get-QADUser' is not recognized as an internal or external command,
operable program or batch file.
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 175 total points
ID: 24368582

> reduced" version of my script so that the list of group memberships is separated by semicolon

Yeah, did it work as I posted? Blimey :)

Lets have Groups as an array and join it together... might work like this:

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ [String]::Join(",", ($_.memberOf | %{ (Get-QADGroup $_).Name }) }} | `
  Export-CSV "out.csv"

Sorry for the lack of certainty, my server here is broken, haven't got round to fixing it so testing stuff only happens at work ;)

Chris
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 175 total points
ID: 24368590

> is not recognized as an internal or external command,

You'll need to run the PowerShell shortcut from the Quest folder in the start menu, or run this command first:

Get-PsSnapIn -Reg | Add-PsSnapIn -EA 0

It needs to load the commands before they can be used.

Chris
0
 

Author Comment

by:1030071002
ID: 24368596
mkline71 how can write the file out it run perfect but i cant write the file out
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 24368620
mkline71 how can write the file out it run perfect but i cant write the file out
See my answer in comment ID:24368399
...gave some examples about writing to a file.
Thanks
Mike
0
 
LVL 4

Assisted Solution

by:delyan_valchev
delyan_valchev earned 140 total points
ID: 24368687
Chris,
I'm also theorizing there at home and I'm no PowerShell guru. Will test tomorrow at work as well. Noticed a small typo in the Join:
 [String]::Join(";", ($_.memberOf | %{ (Get-QADGroup $_).Name
Correct me if I'm wrong.
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 175 total points
ID: 24368720

Ahh sorry, I'd read it as comma delimited :) Anyway, I think PowerShell adds appropriate quoting to Export-CSV.

Chris
0
 
LVL 70

Assisted Solution

by:Chris Dent
Chris Dent earned 175 total points
ID: 24369201

If Mike's solution helped you should accept Mike's response.  Objecting to the close on the grounds that it is impolite to request closure as self answered with no good reason.

Chris
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 150 total points
ID: 24369296
...both adfind and powershell can do the trick here (as with many tasks).  I'd personally give points for both answers.  Chris & delyan did a lot here too.
Thanks
Mike
 
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24372546

Tested and fixed the PowerShell snippets... just in case.

I'd have to find a better way for a large domain, it's painful pulling the group names like this, far too many calls to AD.

Chris
Get-QADUser -SearchRoot 'mydomain.com/Users' | `
  Select-Object Name, DN, sAMAccountName, Email, Description, `
  @{n='Groups';e={ [String]::Join(";", @($_.memberOf | %{ (Get-QADGroup $_).Name })) }} | `
  Export-CSV "out.csv"

Open in new window

0
 
LVL 4

Expert Comment

by:delyan_valchev
ID: 24372738
Found a new cmdlet in AD Management Shell 1.2 - Get-QADMemberOf which should do the optimization trick. I have revised a bit the script. Seems to be working ;)

Get-QADUser -SearchRoot 'mydomain.com/Users' | `
Select-Object Name, DN, sAMAccountName, Email, Description, `
@{n='Groups';e={ [String]::Join(";",($_|Get-QADMemberOf|%{$_.Name}))}} | `
Export-Csv "out.csv"

Open in new window

0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24372816

Mmm yes, that is rather nicer :)

Chris
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question