Solved

Issue with powershell script / List users in child domains

Posted on 2014-11-11
6
818 Views
Last Modified: 2014-11-11
I have a forest with a number of domains under it, and I need a script that will crawl the directories of the child domains and list the users in each domain.  What I have is:

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -SearchBase "$((Get-ADDomain).distinguishedname)" | Select Name, sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window


This works and will list users in the C:\ drive labeled to the child domains but in the text file the users are all from the root forest level.  

I've tried tweaking this but can't seem to get it to produce the results I need- am I missing something obvious here?  Any help is appreciated.
0
Comment
Question by:Uptime Legal Systems
  • 4
6 Comments
 
LVL 16

Accepted Solution

by:
Joshua Grantom earned 250 total points
ID: 40435962
I think I am the one who gave you this script. Try this instead.

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -Server $_ | Select Name,sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window

0
 
LVL 19

Assisted Solution

by:Raheman M. Abdul
Raheman M. Abdul earned 250 total points
ID: 40435972
Try this:
Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -server "$((Get-ADDomain).distinguishedname)" | Select Name, sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40435981
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 6

Author Closing Comment

by:Uptime Legal Systems
ID: 40435983
I believe you are Josh!  Thanks again for your previous (and this reply).

I got around to testing on a larger forest and found that it was only listing the users from the top level but it looks like it was a minor change.   Thanks again for both of the answers.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40435988
You're welcome!
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40436002
Also, using this

$((Get-ADDomain).distinguishedname) will always return the domain that your user account is in, that was my fault, I didnt think that through.

Rahemans post is incorrect as well.

The proper way for the other script to work is this.

Import-Module ActiveDirectory
(Get-ADForest).domains | % {
Get-ADUser -filter * -SearchBase "OU=Accounts,$((Get-ADDomain -Server $_).distinguishedname)" -Server $_ | Select Name,sAMAccountName | Export-CSV "C:\$_ User Accounts.csv" -nti
}

Open in new window


I will post the revised script on the other post as well.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question