PowerShell – list AD users with their group membership

Posted on by was 
#-------------[deklarations]--------------------------
#source

#logs
#$successLog='fs00.domain.example\logs\done.LOG'
#$errorLog='fs00.domain.example\logs\error.LOG'
#$unreachableLog='fs00.domain.example\logs\unreachable.LOG'
$reportFile='fs00.domain.example\logs\users.csv'
#params
$header='Enabled;DisplayName;FirstName;LastName;SamAccountname;memberOf'
$users = Get-ADUser -Filter * -Properties Enabled,DisplayName,SamAccountname,memberOf
#-------------[]--------------------------
Add-Content -Value $header -Path $reportFile

foreach($user in $users) {
    $memberOf = ($user.memberof | Get-ADGroup | Select -expand Name)
    
    foreach($group in $memberOf) {
        $enabled = $user.Enabled
        $samAccountName = $user.SamAccountName

        if($user.DisplayName) {
            $displayName = $user.DisplayName.ToString()
            $firstName = $user.GivenName
            $lastName = $user.Surname
        }

        $userRecord = $enabled.ToString() + ';' + $displayName + ';' + $firstName  + ';' + $lastName + ';' + $samAccountName.ToString() + ';' + $group.ToString()
                
        Add-Content -Value $userRecord -Path $reportFile

        $userRecord
    }
}

Leave a Reply

Your email address will not be published. Required fields are marked *