Technical Guides
      Back to home
      1. Knowledge Base
      2. Technical Guides

      How do I create an export of the members of a specific group from AD to a CSV file for importing into SPAS?

      Regardless of location in the AD structure, below are the steps to export for a specific group:

      We highly recommend using a workstation or member server for this process.

      You will need an elevated command prompt if the RSAT tools are not already installed and you are running the PowerShell from a member machine, not a DC.  Don't install/remove RSAT if running on a DC.

      • Open a PowerShell prompt (elevated as needed) and launch ISE to make it easier to run the script.
      • Copy the script from below into the script pane in ISE.
      • Optionally you can copy the script to a .ps1 file and edit it, then run it from the PowerShell prompt.
      • The example below looks for the group "2FA" and exports the members' info to c:\temp\outputfile.csv for later import into our SPAS.
      • Change the group name to match what you need; in this example we use $groupName = "2FA".
      • Change the C:\temp path to match what you want for an output location.
      • Change the filename as needed.
      • Make sure to change the 2 locations where c;\temp\outputfile.csv exists in the script. (bottom portion of the script)
      # Begin Script
      # PowerShell Script to export members of a specific AD group to a CSV file

      # We highly recommend using a workstation or member server for this process.
      # You will need an elevated command prompt if the RSAT tools are not already installed
      # and you are running the PowerShell from a member machine, not a DC.
      # Don't install/remove RSAT if running on a DC.

      # Add RSAT tools if not already installed (Don't do this on a DC)
      # Add-WindowsCapability -Online -Name "Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0"

      # Load the AD module for PowerShell
      Import-Module ActiveDirectory

      # Define the group name you want to filter by (example shown below)
      $groupName = "2FA"

      # Get the group object using the group name
      $group = Get-ADGroup -Filter { Name -eq $groupName }

      # Get the members of the group
      $members = Get-ADGroupMember -Identity $group -Recursive

      # Create an empty array to store user information
      $userInfo = @()

      # Loop through each member and get user details
      foreach ($member in $members) {
          if ($member.objectClass -eq "user") {
              $user = Get-ADUser -Identity $member -Properties GivenName, Surname, sAMAccountName, EmailAddress
              $userInfo += [PSCustomObject]@{
                  FirstName   = $user.GivenName
                  LastName    = $user.Surname
                  LoginName   = $user.sAMAccountName
                  Email       = $user.EmailAddress
              }
          }
      }

      # Export the user information to a CSV file
      $userInfo | Export-Csv -Path "C:\temp\outputfile.csv" -NoTypeInformation

      Write-Host "Export completed successfully!"

      # Display the contents of the CSV file
      Get-Content -Path "C:\temp\outputfile.csv"

      # Uncomment the following lines to unload the AD module and remove RSAT tools
      # (don't do this on a DC)
      # Remove-Module ActiveDirectory
      # Remove-WindowsCapability -Online -Name "Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0"
      # End Script