In this article, I am going write PowerShell script to find and list Active Directory Groups of an AD user is a Member Of using the PowerShell’s cmdlet Get-ADPrincipalGroupMembership.
Run the following command to import Active Directory cmdlets.
Import-Module ActiveDirectory
The below powershell command find and list all the Active Directory Groups which contains the user account Morgan as member.
Get-ADPrincipalGroupMembership Morgan | Select Name,DistinguishedName
Export set of AD User’s Group Membership to CSV
The below PowerShell script get AD users from the OU TestOU and enumerate membership of all AD Users. It writes the group membership output into csv file using the powershell cmdlet Export-CSV.
$users = Get-ADUser -SearchBase "OU=TestOU,DC=TestDomain,DC=com" -Filter *
$users | ForEach-Object {
$user= $_.Name
$groupNames = ""
$groups = Get-ADPrincipalGroupMembership $_.SamAccountName
$groups | ForEach-Object {
if($groupNames -eq "")
{
$groupNames = $_.Name
}
else
{
$groupNames = $groupNames +";"+$_.Name
}
New-Object -TypeName PSObject -Property @{
UserName= $user
Groups = $groupNames }
}} | Export-CSV "C:\ADGroupMembership.csv" -NoTypeInformation -Encoding UTF8
CSV Output of Group Membership for AD Users:
Advertisement