How to list all Active Directory Users and their group membership

windows active-directory powershell

Install the Quest CMDlets and then run this code:

Add-PSSnapin Quest.ActiveRoles.ADManagement
$memberships = @()

Get-QADGroup -SizeLimit 0 | Foreach-Object {
        $NameGroup = $_.Name
        Write-Host "Working with $NameGroup"
        $membership = Get-QADGroupMember $_.DN -Enabled -SizeLimit 0
        if ($membership -ne $null ) {
        $membership | Add-Member -type NoteProperty -name AuditGroupUserIsMemberOf -value $_.Name
        $memberships += $membership
        }
    }

$memberships | Select-Object AuditGroupUserIsMemberOf, NTAccountname | Export-Csv "GroupsWithUsers.csv"

This will give you a 1 record per group-user connection so expect multiple occurrences of users and groups. If you wan't other fields, you can just edit the Select-Object statement. Use $memberships | gm to see all the possibilities for the users. If you want more fields for the groups, use Get-QADGroup | gm, you will then need to add these by adding a new NoteProperty.

If you don't really care about more options, here is a one-liner you can just mash in the terminal:

Get-QADGroup -sizeLimit 0 | select @{name="Group";expression={$_.name}} -expand members | select Group,@{n='User';e={ (Get-QADObject $_).NTAccountName}} | Export-Csv "MyUsersAndGroups.csv"

Related

Fast search for IMAP?
DISM deployed Windows 10 apps wont launch
Downloads pause and time out frequently
Backup of machines running linux and windows
Programmatically remove MSFT Security Essentials Anti-Virus from XP and Win7 machines
comparing disk performance of machines
What does the Cisco ASA command "management-access" do?
ESXi 5 network performance is slow
SSH - slow authentication
Issue provisioning IIS 7.5 server using Web Farm Framework 2
VMWare Esxi Looking for Bottlenecks
Apache returning text/html on some png files