Active Directory User membership report

How can I create a report for the certain OUs members and to what groups they belong to?  ADUC query or need additional tools for that?
LVL 17
Who is Participating?
Stelian StanConnect With a Mentor Network AdministratorCommented:
If you are running 2008 or 2008 R2 run:
Get-ADGroup "GroupName" | EXPORT-CSV C:\group.csv

dsget group "CN=GroupName,DC=domain,DC=name,DC=com" -members

dsquery group -name "GroupName" | dsget group -members -expand
Tiras25Author Commented:
Hi Clony, see I have OU container that has 100s users.  Those users are members of various Global Security Groups.  So how can I generate a report per individual OU that would show me users and their memberships?
Sarang TinguriaConnect With a Mentor Sr EngineerCommented:
Chris has a great tool for all theese stuffs

Cjwdev | AD Info - Active Directory Reporting


AdFind by joe
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Mike KlineConnect With a Mentor Commented:
adinfo and adfind...sounds like an answer I've given :)

I looked at adinfo and can't see how to make it focus on one OU

adfind can

adfind -b "dn of your OU"  -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof -nodn


Sarang TinguriaSr EngineerCommented:
:) Mike thanks for detailed info
Tiras25Author Commented:
Mike, looks like it works! Thanks.
I just need to find a better output to make it more presentable.  Awesome!
Tiras25Author Commented:
IF you have an idea on how to make it more readable and presentable to non-admin people that'll be great.  So it doesn't show that extra lingo in the report. CN=xx OU=xx, DC=xx
Or if you can point me to another tool that can produce a clean report.
Thank you!
Satish AutiConnect With a Mentor Senior System AdministratorCommented:
For output i have just modified Mike's command.

adfind -b "dn of your OU"  -f "&(objectcategory=person)(objectclass=user)" samaccountname memberof -nodn > C:\nameofoutputfile.txt

then you can open output fiel into comma seprated file in excel.
Tiras25Author Commented:
I did that already.  Thanks auti.  I was looking for something that can remove that AD lingo for the clients to read better.  I guess I need a paid tool for that.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.