$AllUSers = get-aduser -filter {SamAccountName -like “z*” -and Enabled -eq $true } -Properties Memberof,EmployeeNumber -Server <Domain name> | ?{$PSItem.DistinguishedName -notmatch “OU=Service Accounts”}
$results = new-object System.Collections.ArrayList
foreach($user in $AllSers){
$grps = $user.MemberOf
$v = New-Object System.Collections.ArrayList
foreach($grp in $grps){
$Gobj = Get-ADGroup $grp -Server <Servername:3268> -Properties GroupCategory,GroupScope,Name | select @{l=”GroupName”;e={(($PSItem.DistinguishedName -split “,DC=”)[1])+”\”+$PSItem.SamAccountName}},GroupCategory,GroupScope
$l = $Gobj.GroupName+”,”+ $Gobj.GroupScope +”,”+ $Gobj.GroupCategory
$v.Add($l)
}
$o = [pscustomobject]@{
SamAccountName = $user.SamAccountName
#ProdEmail = $user.EmployeeNumber
Name = $user.GivenName + ” ” +$user.Surname
DevUPN = $user.UserPrincipalName
‘Groups(Name,Scope,Category)’ = $v -join “;”
“Memberof(RawData)” = $user.MemberOf -join “;”
}
$results.Add($o)
}
$results | export-csv C:\Temp\User_Groups.csv -NoTypeInformation
I love it when people come together and share opinions, great blog, keep it up.