Export AD Users To CSV With PowerShell - ALI TAJRAN

We want to export AD users information to CSV with PowerShell. Why do we need to list the AD users with PowerShell? For example, we want to know if every AD user has the correct mobile phone number in Active Directory. That’s because the service desk looks up the information in Active Directory before they make a call. In this article, you will learn how to export Active Directory users to CSV file with PowerShell.

Table of contents

• Information export AD users PowerShell script
• Export Active Directory users to CSV with PowerShell
  • Step 1: Prepare export AD users PowerShell script
  • Step 2: Get distinguished name
  • Step 3: Run export AD users PowerShell script
  • Step 4: Open AD users report CSV file
• Conclusion

Information export AD users PowerShell script

The Export-ADUsers.ps1 PowerShell script will run against the distinguishedName that you set. After that, it will export the report to CSV file. You can open the CSV file with Microsoft Excel or any other application that supports the CSV file extension.

The script will gather the following information per user:

1. First name
2. Last name
3. Display name
4. User logon name
5. User principal name
6. Street
7. City
8. State/province
9. Zip/Postal Code
10. Country/region
11. Job Title
12. Department
13. Company
14. Manager display name
15. Manager UPN
16. OU
17. Description
18. Office
19. Telephone number
20. Other Telephone
21. E-mail
22. Mobile
23. Pager
24. Notes
25. Account status
26. User created date
27. Last logon date

Export Active Directory users to CSV with PowerShell

Let’s go through the steps and export Active Directory users to CSV file with PowerShell.

Step 1: Prepare export AD users PowerShell script

Download and place Export-ADUsers.ps1 PowerShell script on the Domain Controller C:\scripts folder. If you don’t have a scripts folder, create one.

Ensure that the file is unblocked to prevent any errors when running the script. Read more in the article Not digitally signed error when running PowerShell script.

Another option is to copy and paste the code below into Notepad. Give it the name Export-ADUsers.ps1 and place it in the C:\scripts folder.

<# .SYNOPSIS Export-ADUsers.ps1 .DESCRIPTION Export Active Directory users to CSV file. .LINK alitajran.com/export-ad-users-to-csv-powershell .NOTES Written by: ALI TAJRAN Website: alitajran.com LinkedIn: linkedin.com/in/alitajran .CHANGELOG V1.00, 05/24/2021 - Initial version V1.10, 04/01/2023 - Added progress bar, user created date, and OU info V1.20, 05/19/2023 - Added function for OU path extraction #> # Split path $Path = Split-Path -Parent "C:\scripts\*.*" # Create variable for the date stamp in log file $LogDate = Get-Date -f yyyyMMddhhmm # Define CSV and log file location variables # They have to be on the same location as the script $Csvfile = $Path + "\AllADUsers_$LogDate.csv" # Import Active Directory module Import-Module ActiveDirectory # Function to extract OU from DistinguishedName function Get-OUFromDistinguishedName { param( [string]$DistinguishedName ) $ouf = ($DistinguishedName -split ',', 2)[1] if (-not ($ouf.StartsWith('OU') -or $ouf.StartsWith('CN'))) { $ou = ($ouf -split ',', 2)[1] } else { $ou = $ouf } return $ou } # Set distinguishedName as searchbase, you can use one OU or multiple OUs # Or use the root domain like DC=exoip,DC=local $DNs = @( "OU=Sales,OU=Users,OU=Company,DC=exoip,DC=local", "OU=IT,OU=Users,OU=Company,DC=exoip,DC=local", "OU=Finance,OU=Users,OU=Company,DC=exoip,DC=local" ) # Initialize a List to store the data $Report = [System.Collections.Generic.List[Object]]::new() # Collect all users from all OUs $AllUsers = foreach ($DN in $DNs) { Get-ADUser -SearchBase $DN -Filter * -Properties * } # Loop through each user $progressCount = 0 foreach ($User in $AllUsers) { $progressParams = @{ Id = 0 Activity = "Retrieving User" Status = "$progressCount of $($AllUsers.Count)" PercentComplete = ($progressCount / $AllUsers.Count) * 100 } Write-Progress @progressParams # Get manager information $Manager = $null if ($User.Manager) { $Manager = Get-ADUser -Identity $User.Manager -Properties DisplayName, UserPrincipalName -ErrorAction SilentlyContinue } # Build the report line $ReportLine = [PSCustomObject]@{ "First name" = $User.GivenName "Last name" = $User.Surname "Display name" = $User.DisplayName "User logon name" = $User.SamAccountName "User principal name" = $User.UserPrincipalName "Street" = $User.StreetAddress "City" = $User.City "State/province" = $User.State "Zip/Postal Code" = $User.PostalCode "Country/region" = $User.Country "Job Title" = $User.Title "Department" = $User.Department "Company" = $User.Company "Manager display name" = if ($Manager) { $Manager.DisplayName } else { $null } "Manager UPN" = if ($Manager) { $Manager.UserPrincipalName } else { $null } "OU" = Get-OUFromDistinguishedName $User.DistinguishedName "Description" = $User.Description "Office" = $User.Office "Telephone number" = $User.telephoneNumber "Other Telephone" = if ($User.otherTelephone) { $User.otherTelephone -join ";" } else { $null } "E-mail" = $User.Mail "Mobile" = $User.mobile "Pager" = $User.pager "Notes" = $User.info "Account status" = if ($User.Enabled) { 'Enabled' } else { 'Disabled' } "User created date" = $User.WhenCreated "Last logon date" = $User.lastlogondate } # Add the report line to the List $Report.Add($ReportLine) $progressCount++ } # Sort and export CSV $SortReport = $Report | Sort-Object "Display name" $SortReport | Export-Csv -Path $Csvfile -NoTypeInformation -Encoding utf8 #-Delimiter ";"

• Line 54,55,56: Edit the target distinguishedName. You can have one OU or multiple OUs (in this example).

Step 2: Get distinguished name

You need to add the distinguished name value in the PowerShell script. Follow the steps below to get the distinguished name in Active Directory:

1. Start Active Directory Users and Computers
2. Right-click the target OU and click Properties
3. Go to the Attribute Editor tab
4. Find the attribute distuingedName in the attributes list
5. Double-click to open the string and copy the value

Note: If you don’t see the Attribute Editor tab, click in Active Directory Users and Computers in the menu bar on View and enable Advanced Features.

Step 3: Run export AD users PowerShell script

Run PowerShell as administrator and run the PowerShell script to export AD users to CSV file. Wait till it completes.

C:\scripts\.\Export-ADUsers.ps1

Step 4: Open AD users report CSV file

Go to the scripts folder and verify that you see the AllADUsers_ file.

Open the CSV file with your favorite application. In our example, it’s Microsoft Excel.

Everything looks great!

Read more: Remove users from group with PowerShell »

Conclusion

You learned how to Export AD users to CSV with PowerShell. There is a lot of information in every user account. With PowerShell, you can have a custom report that will suit your needs.

Did you enjoy this article? You may also like Get Organizational Units with PowerShell. Don’t forget to follow us and share this article.