Saturday, 1 November 2014

Export AD Users to CSV using Powershell Script

Description:

We can easily export Active Directory users to CSV file using Powershell cmdlets Get-ADUser and Export-CSV. In this article, I am going to write Powershell script samples to Export AD Users to CSV file and Export AD Users from Specific OU to CSV file using Powershell Script.

Summary:

Export AD Users to CSV using Powershell

The following command export the selected properties of all Active Directory users to CSV file. You can add more attributes as per your wish, refer this article:Get-ADUser Default and Extended Properties to know more supported AD attributes.
Import-Module ActiveDirectory
Get-ADUser -Filter * -Properties * |
 Select -Property Name,Mail,Department | 
 Export-CSV "C:\\AllADUsers.csv" -NoTypeInformation -Encoding UTF8
Export AD Users to CSV using Powershell Script

Export AD Users to CSV with Filter using Powershell

This command export the selected properties to CSV file of AD users whose City contains the text 'Austin'.
Note: Refer this article:Get-ADUser Default and Extended Properties to know more supported AD attributes.
Import-Module ActiveDirectory
Get-ADUser -Filter 'City -like "*Austin*"' -Properties * |
  Select -Property Name,City,Mail,Department,DistinguishedName | 
  Export-CSV "C:\\ADUsers.csv" -NoTypeInformation -Encoding UTF8

Export AD Users by LDAP Filter:

Instead of SQL Like Filter, you can also use LDAP Filter to select only required users. Refer this article (AD LDAP Filter Examples) to get more LDAP filter examples. The below command exports all the users who are belongs to Admin department.
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter '(Department=*Admin*)' -Properties * |
  Select -Property Name,City,Mail,Department,DistinguishedName | 
  Export-CSV "C:\\AdminUsers.csv" -NoTypeInformation -Encoding UTF8

Export ADUsers CSV output:

Get-ADUser - Export Selected properties to CSV file

Export AD Users from specific OU to CSV using Powershell

We can set target OU scope by using the parameter SearchBase. This following command select all the AD users from the Organization Unit 'Austin' and export it to CSV file.
Import-Module ActiveDirectory
Get-ADUser -Filter * -SearchBase "OU=Austin,DC=TestDomain,DC=Local" -Properties * |
 Select -Property Name,Mail,Department | 
 Export-CSV "C:\\AustinUsers.csv" -NoTypeInformation -Encoding UTF8
Export AD Users from specific OU to CSV using Powershell Script

Thanks,
Morgan
Software Developer

Advertisements
Advertisements

8 comments:

  1. Hi Morgan,
    How can I schedule a task that export AD users to CSV using Powershell? Thanks.

    ReplyDelete
    Replies
    1. Hi 名家幼稚園, I have written new article for you. checkout this: http://www.morgantechspace.com/2014/11/Schedule-Task-to-Export-AD-Users-to-CSV-using-Powershell.html

      Delete
    2. HI Morgan,
      Thank you very much. I am a newbie for the Powershell. Your articles are very helpful to me.

      Delete
  2. Hi Morgan, your article is simple and very powerfull. I am still beginner, but you help me much. Thank you Jiri

    ReplyDelete
  3. Hi Morgan,

    I tried Export AD Users from specific OU to CSV using Powershell in my client laptop, but unfortunately i recieved Invalid Enumeration Context Error and created CSV partially with only 256 items.

    Do you have any fix\suggestion for the issue i am facing? Awaiting your response.

    Thanks,
    Praveen

    ReplyDelete
    Replies
    1. Hi Praveen,

      I strongly believe the above script should not return any error. Have you tried again? or constantly getting the same error?.
      Can you try the below script:

      $Result = Get-ADUser -Filter * -SearchBase "OU=TestOU,DC=TestDomain,DC=Local" -Properties * | Select -Property Name,Mail,Department

      $Result | Export-CSV "C:\\AustinUsers.csv" -NoTypeInformation -Encoding UTF8

      Delete
  4. Hi Morgan

    Presently i want to export ad users from multiple windows servers using powershell script??.

    Can you help on this issue

    ReplyDelete
    Replies
    1. Hi sankar, do you mean different AD domains? or different severs in single AD domain?...because all the AD attributes will be replicated into every domain controllers (severs) except last logon details in a single AD domain, so, querying single server is enough.

      Delete