Using PowerShell to Export a List of all the Users in a Security Group in Active Directory

 

PowerShell is known with its power of Active Directory management. If you really into simplifying your daily complicated time consuming tasks, this might be very interesting for you. Lately, for a small project I needed to make a list of all the users in a “Security Group” in Active Directory. The security group is called “Color Printing” and we had about 20 users in that “Security Group”. I did not want to write down all the names one by one in a excel sheet so I’ve started to make a research about how to export the list of users in security group. I know that when your users are only in an “Organization Unit”, it’s very easy to do this task, but when it’s a security group, you don’t have the “Export” option.
Here what I found to complete a task of this kind! You can download free cmdlets from http://www.quest.com/powershell/activeroles-server.aspx for “Active Directory” management tasks. Once the right setup is downloaded and installed in your computer (in my case X64 version because I use an X64 computer). You can open “PowerShell” and add the snapin into PowerShell.
1- Open PowerShell and type in “Add-PSSnapin Quest.ActiveRoles.ADManagement” without quotes.
2- Now you can try to run a cmdlet to try if your snapin is installed correctly. To try, type in the command “get-help get-qaduser
If you get the help description, which means that the snapin is installed with no problem. If you close your PowerShell and re-open it, you will notice that the snapin that you added before is no longer available. If you want that snapin to be available all the time when you start your PowerShell, you have to do the following instructions…
1- Open PowerShell and type in “new-item -itemtype file -path $profile -force" without quotes.
2- This should create a folder called "WindowsPowerShell" under "C:\Users\%username%\My Documents\" with a file called "Microsoft.PowerShell_profile.ps1"
3- Right click on the file “Microsoft.PowerShell_profile.ps1” and open it with Notepad or any text editor and add your commands that you want them start with your PowerShell! In our case, we will only enter the following command and save the file as it is.
Add-PSSnapin Quest.ActiveRoles.ADManagement
4- Restart your PowerShell and try the “get-help get-qaduser” command to see if your snapin is loaded when you start your PowerShell.
Now that we have everything that we need in order to complete our task, let’s begin…
To export a list of all users in a Security Group in your Active Directory environment, follow the instructions here…
1- Open your PowerShell, and use the following command to export the list. You should modify the command with your organization’s values.
Get-QADGroupMember “Color Printing” | Export-CSV -path “C:\colorprinting.csv” -notypeinformation
This command will generate a list of all the members of the “Color Printing” security group in your Active Directory in “C:\colorprinting.csv” file.

Comments

Post a Comment

Popular posts from this blog

System.Messaging.MessageQueueException (0x80004005): A workgroup installation computer does not support the operation (Public Queue create issue)

This is a weird issue that I don't fully understand why it would happen. But the symptoms are very persistent as we're able to reproduce these behavior easily. Issue: The MSMQ (Microsoft Message Queuing) fails to create Public Queues and throws  "the System.Messaging.MessageQueueException (0x80004005): A workgroup installation computer does not support the operation" exception.
Read more

Veeam Backup Error : Failed to prepare guest for hot backup. Error: VSSControl

Image
Problem Description; I had this issue on one of my backup jobs recently and I was able to fix the issue with the solution explained below. After a quick google search, I realized that I'm not the only one and neither you are :) Full Error Description; Failed to prepare guest for hot backup. Error: VSSControl: Failed to prepare guest for freeze, wait tim eout 9 00 sec Error: VSSControl: Failed to prepare guest for freeze, wait timeout 900 sec
Read more

warning: Win32API is deprecated after Ruby 1.9.1; use fiddle directly instead - Chef Development Kit Update

Today, I needed to do some tests with a newer version of the Chef Client and test my cookbooks. To version 14.12.9-1 to be precise. I also upgraded my ChefDK on my workstation to the 4.2.0 version. I believe that upgrades Ruby version as well and now I have ruby version 2.6.3p62 Right after the upgrade, I tried with a basic knife node list command to see if I needed to reboot or anything was broke... Everything seems to be working fine, except I get this annoying "warning" message. As it's just a warning, I don't really care about it as it just seems to annonce something that is deprecated... Problem; You receive "warning: Win32API is deprecated after Ruby 1.9.1; use fiddle directly instead" warning when using ruby or chef knife commands. Solution; You need to comment out that warning message in Ruby lib scripts.
Read more