SurePassID Authentication Server
      Back to home
      1. Knowledge Base
      2. SurePassID Authentication Server

      How do I create an export of users from an OU in my AD to then import into the SPAS directory?

      This article provides an example PowerShell script that can export to a CSV file the members of a specific OU in an AD domain.

      We highly recommend using a workstation or member server for this process.

      You will need an elevated command prompt if the RSAT tools are not already installed and you are running the PowerShell from a member machine, not a DC.  Don't install/remove RSAT if running on a DC.

      • Open a PowerShell prompt (elevated as needed) and launch ISE to make it easier to run the script.
      • Optionally you can copy the script text to a .ps1 file and edit that, then run it from the PowerShell prompt.
      • Copy the script from below into the script pane in ISE.
      • The example below looks for the OU of "OU=MyUsers,DC=yourco,DC=com" and exports the members' info to c:\temp\outputfile.csv for later import into our SPAS.
      • Change the $ouPath = "OU=MyUsers,DC=yourco,DC=com" string to match what you need.
      • You will need to use the Distinguished Name (DN) of the OU object and can get that by using the Attribute Editor in ADUC in the properties section of the OU object:
      • Change the C:\temp path to match what you want for an output location.
      • Change the filename as needed.
      • Make sure to change the 2 locations where c;\temp\outputfile.csv exists in the script. (bottom portion of the script.
      # Begin Script
      # PowerShell Script to export members of a specific AD OU to a CSV file
      # We highly recommend using a workstation or member server for this process.
      # You will need an elevated command prompt if the RSAT tools are not already installed
      # and you are running the PowerShell from a member machine, not a DC.
      # Don't install/remove RSAT if running on a DC.

      # Add RSAT tools if not already installed (Don't do this on a DC)
      # Add-WindowsCapability -Online -Name "Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0"

      # Import the Active Directory module
      Import-Module ActiveDirectory

      # Define the OU path (example shown below)
      $ouPath = "OU=MyUsers,DC=yourco,DC=com"

      # Get the users in the specified OU
      $users = Get-ADUser -Filter * -SearchBase $ouPath -Properties GivenName, Surname, sAMAccountName, EmailAddress

      # Create an empty array to store user information
      $userInfo = @()

      # Loop through each user and get user details
      foreach ($user in $users) {
          $userInfo += [PSCustomObject]@{
              FirstName   = $user.GivenName
              LastName    = $user.Surname
              LoginName   = $user.sAMAccountName
              Email       = $user.EmailAddress
          }
      }

      # Export the user information to a CSV file
      $userInfo | Export-Csv -Path "C:\temp\outputfile.csv" -NoTypeInformation

      Write-Host "Export completed successfully!"

      # Display the contents of the CSV file
      Get-Content -Path "C:\temp\outputfile.csv"

      # Uncomment the following lines to unload the AD module and remove RSAT tools
      # (Don't do this on a DC)
      # Remove-Module ActiveDirectory
      # Remove-WindowsCapability -Online -Name "Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0"