Help generating a csv file of users group membership with PowerShell
Hello Powershell Experts,
I'm trying to recreate my work domain on a virtual machine on my laptop to do some testing on. I have recreated the OU structure. I have recreated all of the groups (and they are in the proper OUs). I have recreated all of the user accounts (and they are in the proper OUs). I have used Powershell and CSV files to do all of the work up this point. Now I would like to recreate group membership using Poweshell. My thought was to do something like this in the production domain:
$Users = Get-QADUser | select samaccountname
foreach ($User in $Users){Get-QADGroup -ContainsMember $user.SamAccountName | select `
@{n="SamAccountName";e="$U
@{n="Group";e="$_.samaccou
}
I was anticipating an output like:
SamAccountName Group
NickD Domain Users
NickD Accounting
JimJ Domain Users
JimJ IT
JimJ Local Admins
DrewB Domain Users
DrewB HR
DrewB Benefit Admin
DrewB Payroll
I could then take this output and export it to a csv file to move to the test domains and add membership from this file.
The problem is my code doesn't generate any output. I just get:
SamAccountName Group
If I run the following, I get an accurate list of groups for the $user.samaccountname:
get-qadgroup -containsmember $user.samaccountname
Please help me out with what I'm doing wrong on this.
Thanks,
Nick
I'm trying to recreate my work domain on a virtual machine on my laptop to do some testing on. I have recreated the OU structure. I have recreated all of the groups (and they are in the proper OUs). I have recreated all of the user accounts (and they are in the proper OUs). I have used Powershell and CSV files to do all of the work up this point. Now I would like to recreate group membership using Poweshell. My thought was to do something like this in the production domain:
$Users = Get-QADUser | select samaccountname
foreach ($User in $Users){Get-QADGroup -ContainsMember $user.SamAccountName | select `
@{n="SamAccountName";e="$U
@{n="Group";e="$_.samaccou
}
I was anticipating an output like:
SamAccountName Group
NickD Domain Users
NickD Accounting
JimJ Domain Users
JimJ IT
JimJ Local Admins
DrewB Domain Users
DrewB HR
DrewB Benefit Admin
DrewB Payroll
I could then take this output and export it to a csv file to move to the test domains and add membership from this file.
The problem is my code doesn't generate any output. I just get:
SamAccountName Group
If I run the following, I get an accurate list of groups for the $user.samaccountname:
get-qadgroup -containsmember $user.samaccountname
Please help me out with what I'm doing wrong on this.
Thanks,
Nick
Hi, this should generate that CSV file for you.
Regards,
Rob.
Regards,
Rob.
Get-ADUser -filter {objectClass -eq "user"} |
foreach {
$samAccountName = $_.samaccountname
Get-ADPrincipalGroupMembership -Identity $($samAccountName) |
Select -ExpandProperty Name | Select @{n='User';e={$($samAccountName)}},@{n='Group';e={$_}}
} | Export-Csv -Path ".\UsersAndGroups.txt" -NoTypeInformation
Oh, and Get-QADUser is a Quest cmdlet, Powershell now has built in AD cmdlets if you have RSAT installed.
Rob.
Rob.
AD Web services is not available if all your DCs are Win2K3. Get-ADUSER will work with Win2K8 DCs (or if you have a Win2K8 or higher DC) with AD Web Services running on it.
Hi, if you want the same data, just sorted by group, put the sort before the Export-CSV cmdlet.
Get-ADUser -filter {objectClass -eq "user"} |
foreach {
$samAccountName = $_.samaccountname
Get-ADPrincipalGroupMembership -Identity $($samAccountName) |
Select -ExpandProperty Name | Select @{n='User';e={$($samAccountName)}},@{n='Group';e={$_}}
} | Sort-Object Group | Export-Csv -Path ".\UsersAndGroups.txt" -NoTypeInformation
Premium Content
You need an Expert Office subscription to comment.Start Free Trial