How to Show All Domain Users & Their Group Membership (Active Directory)

Question

I would like to find a way (VB Script or PowerShell preferably) of generating a report which displays all user accounts on the domain, and displays the groups of which they are a member.

I would like this to be exported to a Excel spreadsheet in the following format:

Username1 | Group1, Group 2, Group 3, Group 4, Group 5 etc.
Username2 | Group1, Group 2, Group 3, Group 4, Group 5 etc.

I have been playing around with Quest Powershell Commands for AD and came up with the following:

get-qaduser * -sizelimit 0 | select Name,MemberOf | export-csv report.csv

However this displays in the output file as:

Username1 | System.String[]
Username2 | System.String[]
Username3 | System.String[]

Where System.String[] should be the group names.

What should I do?

Answer 1

Someting like this script (Not tested):

$users = get-qaduser * -sizelimit 0 

$a = @()

foreach ( $user in $users)
{  $al = New-Object System.Object

$al | Add-member -type Noteproperty -name Accountame $user.samaccountname
$al | add-member -type Noteproperty -name Groups $user.memberof

$a += $al

}

$a | export-csv report.csv  

Answer 2

Can you try

get-qaduser * -sizelimit 0 | select -Property @{N="my";E={$_.name}}, -ExpandProperty MemberOf | export-csv report.csv 

Answer 3

Try this, you need to join the group names:

$memberOf = @{n='MemberOf';e={ ($_.MemberOf -replace '^CN=([^,]+).+$','$1') -join ';' }}

Get-QADUser -SizeLimit 0 | `
Select-Object Name,DN,SamAccountName,$memberOf | `
Export-Csv report.csv