• Home
  • How-to
  • Get Members of an Active Directory Group and Export to CSV Using PowerShell

Get Members of an Active Directory Group and Export to CSV Using PowerShell

Export members of AD Groups with Lepide Active Directory Auditor
x
Or Deploy With Our Virtual Appliance
3 min read | Updated On - April 19, 2023
In This Article

In this post, I’ll show you how to use Get-ADGroupMember (PowerShell) to get the members of an Active Directory Group and how to export them to CSV.

Use Get-ADGroupMember cmdlet to List Members of an Active Directory Group

The PowerShell Get-ADGroupMember cmdlet is used to list the members of an Active Directory group. You can just type the cmdlet in a PowerShell window and you’ll be prompted to enter the name of the group you want to use.

Figure 1

Note that you must be logged in to Windows with a domain user account that has permission to read the group(s) you want to list. You must also have the Active Directory module for Windows PowerShell installed on the device where you want to run the Get-ADGroupMember cmdlet.

You can add the name of the group to the command as shown below and format the output by piping the results to the Select-Object cmdlet:

Get-ADGroupMember -Identity Administrators | Select-Object name, objectClass,distinguishedName

Combine the Get-ADGroup and Get-ADGroupMember cmdlets to perform more complex searches. In the example below, I list all members of groups with domain local scope:

Get-ADGroup -Filter {GroupScope -eq "DomainLocal"} | Get-ADGroupMember | Select-Object name, objectClass,distinguishedName
Figure 2

You can add the -Recursive parameter to Get-ADGroupMember to list all members of child groups.

Get-ADGroupMember -Identity 'Enterprise Admins' -Recursive

Note that the group name is enclosed using apostrophes because it contains a space. Don’t forget that Out-GridView can be useful for sorting and filtering the results using a simple GUI interface.

Get-ADGroupMember -Identity Administrators | Select-Object name, objectClass,distinguishedName | Out-GridView

Export List of Active Directory Group Members to CSV

If you want a keepsake or want to perform further processing, you can export the list to a comma-delimited file that can be opened in Excel or used by another program. The command below saves the group members list to the current working directory in a file called adgroupmembers.csv.

Get-ADGroupMember -Identity Administrators | Select-Object name, objectClass,distinguishedName | Export-CSV -Path “adgroupmembers.csv”

How Lepide Auditor Helps

This method of exporting group members using PowerShell is time-consuming and requires a good knowledge of PowerShell scripting. In addition, the results returned using this method are in a format that’s very hard to read and difficult to analyze.

A more straightforward approach is to use the Lepide Auditor for Active Directory. The List All Group Members Report can be used to show all members of Active Directory groups:

Get AD Members using Lepide Auditor
Lepide Auditor Report

To run this report:

  • Click the User & Entity Behavior Analytics icon and select the List all Group Members Report from the Active Directory Reports
  • Click Generate Report to run the report
  • The report can be filtered to report on a particular Group Name and can be grouped to list all members by their group
  • The report can be saved and exported to CSV, PDF or MHT format

Related Articles:
Related Solutions:
Check out our AD Auditing Solution
x
Or Deploy With Our Virtual Appliance
Learn More

Export members of AD Groups with Lepide Active Directory Auditor

x
Or Deploy With Our Virtual Appliance
Learn More
DMCA