Issue with powershell script / List users in child domains

I have a forest with a number of domains under it, and I need a script that will crawl the directories of the child domains and list the users in each domain.  What I have is:

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -SearchBase "$((Get-ADDomain).distinguishedname)" | Select Name, sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window


This works and will list users in the C:\ drive labeled to the child domains but in the text file the users are all from the root forest level.  

I've tried tweaking this but can't seem to get it to produce the results I need- am I missing something obvious here?  Any help is appreciated.
LVL 6
Uptime Legal SystemsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joshua GrantomSenior Systems AdministratorCommented:
I think I am the one who gave you this script. Try this instead.

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -Server $_ | Select Name,sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Raheman M. AbdulSenior Infrastructure Support Analyst & Systems DeveloperCommented:
Try this:
Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -server "$((Get-ADDomain).distinguishedname)" | Select Name, sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}
0
Joshua GrantomSenior Systems AdministratorCommented:
0
Redefining Cyber Security w/ AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Join our webinar on Sept. 21st to learn more about leveraging AI and machine learning to protect your business.

Uptime Legal SystemsAuthor Commented:
I believe you are Josh!  Thanks again for your previous (and this reply).

I got around to testing on a larger forest and found that it was only listing the users from the top level but it looks like it was a minor change.   Thanks again for both of the answers.
0
Joshua GrantomSenior Systems AdministratorCommented:
You're welcome!
0
Joshua GrantomSenior Systems AdministratorCommented:
Also, using this

$((Get-ADDomain).distinguishedname) will always return the domain that your user account is in, that was my fault, I didnt think that through.

Rahemans post is incorrect as well.

The proper way for the other script to work is this.

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -SearchBase "OU=Accounts,$((Get-ADDomain -Server $_).distinguishedname)" -Server $_ | Select Name,sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window


I will post the revised script on the other post as well.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.