List Domain Users using Script | PowerShell

This is custom made code to output all users listed in Active Directory.
This code was rewritten using Powershell in order to make the output more clear and “visually pleasing”

Powershell Option (output to looks like this):

To use:

  1. Paste into notepad.
  2. Save as “DomainMembers.ps1”
  3. Run with Powershell (no progress will be displayed)
  4. Data result will be output to “DomainMembers.txt” located in the C:\DomainMembers.txt This can be specified under the varible ‘$path = “C:\DomainMember.txt”‘

Note:Sometimes the script will not run correctly and the following will be displayed:
“File cannot be loaded because the execution of scripts is disabled on this system”
This security can be removed using the following command.

Set-ExecutionPolicy Unrestricted -Force

#********************************************************************
#*
#* File: DomainMembers.ps1
#* Created: June 2012
#* Version: v2.1
#* Copyright (C): (Richard Deeming)
#*
#* Main Function: Listing All The User Related Infomations In The Domain.
#*
#********************************************************************
function Find-DefaultNamingContext()
{
	$root = New-Object System.DirectoryServices.DirectoryEntry("LDAP://rootDSE")
	if ($null -eq $root) { return null }
	return $root.Properties["defaultNamingContext"].Value
}
 
function Convert-SearchResult($result, $propertyMap)
{
	$item = New-Object PSObject
 
	foreach ($pair in $propertyMap.GetEnumerator())
	{
		$name = $pair.Name
		$realName = $pair.Value
		$value = ""
 
		$prop = $result.Properties[$name.ToLower()]
		if (($null -ne $prop) -and (0 -ne $prop.Count))
		{
			if (1 -eq $prop.Count)
			{
				$value = $prop[0]
			}
			else
			{
				$value = $prop | select-object
			}
		}
 
		Add-Member -InputObject $item -MemberType NoteProperty -Name $realName -Value $value
	}
 
	return $item
}
 
function List-DirectoryEntries([string] $rootPath, [string] $filter, [array] $propertiesToLoad, $propertyMap)
{
	$fullPath = "LDAP://$rootPath"
 
	$root = New-Object System.DirectoryServices.DirectoryEntry($fullPath)
	$searcher = New-Object System.DirectoryServices.DirectorySearcher($root, $filter, $propertiesToLoad)
 
	$searcher.PageSize = 10
	$searcher.SizeLimit = 10000
 
	$results = $searcher.FindAll()
 
	foreach ($result in $results){
		$item = Convert-SearchResult $result $propertyMap
		$item | select-object
	}
}
 
function List-Computers([string] $rootPath = "")
{
	if (0 -eq $rootPath.Length) { $rootPath = Find-DefaultNamingContext }
 
	$filter = "(objectCategory=computer)"
 
	$propertiesToLoad = @("name")
	$propertyMap = @{ "name" = "Name" }
 
	List-DirectoryEntries $rootPath $filter $propertiesToLoad $propertyMap
}
 
function List-Users([string] $rootPath = "", [string] $groupName = "")
{
	if (0 -eq $rootPath.Length) { $rootPath = Find-DefaultNamingContext }
 
	if (0 -eq $groupName.Length)
	{
		$filter = "(&(objectCategory=person)(objectClass=user))"
	}
	else
	{
		$filter = "(&(objectCategory=person)(objectClass=user)(memberOf=$groupName))"
	}
 
	$propertiesToLoad = @("samAccountName", "displayName", "description")
	$propertyMap = @{
		"samAccountName" = "Username"
		"displayName" = "DisplayName"
		"description" = "Description"
	}
 
	List-DirectoryEntries $rootPath $filter $propertiesToLoad $propertyMap
}
 
function List-Groups([string] $rootPath = "")
{
	if (0 -eq $rootPath.Length) { $rootPath = Find-DefaultNamingContext }
 
	$fullPath = "LDAP://$rootPath"
	$filter = "(objectCategory=group)"
	$propertiesToLoad = @("distinguishedname", "name")
 
	$root = New-Object System.DirectoryServices.DirectoryEntry($fullPath)
	$searcher = New-Object System.DirectoryServices.DirectorySearcher($root, $filter, $propertiesToLoad)
 
	$searcher.PageSize = 10
	$searcher.SizeLimit = 10000
 
	$results = $searcher.FindAll()
 
	foreach ($result in $results){
 
		$cn = $result.Properties["distinguishedname"][0]
		$name = $result.Properties["name"][0]
		$children = List-Users $rootPath $cn
 
		$properties = @{
			GroupName = $name
			Members = $children
		}
 
		New-Object PSObject -Property $properties
	}
}
 
function Get-DomainInfo([string] $rootPath = "")
{
	if (0 -eq $rootPath.Length) { $rootPath = Find-DefaultNamingContext }
 
	Write-Output "Computers:"
	Write-Output "----------"
	List-Computers $rootPath | sort-object Name | fw -property Name -column 1
	Write-Output ""
 
	Write-Output "Users:"
	Write-Output "------"
	List-Users $rootPath | sort-object Username | ft Username, DisplayName, Description -auto
	Write-Output ""
 
	Write-Output "Groups:"
	Write-Output "-------"
 
	$groups = List-Groups $rootPath | where-object { $_.Members -ne $null } | sort-object GroupName
	foreach ($group in $groups)
	{
		Write-Output "$($group.GroupName):"
		$group.Members | sort-object Username | ft Username, DisplayName -auto
	}
}
$path = "C:\DomainMembers.txt"
if(!(Test-Path -Path $path))
  {
   New-Item $path -type file
  }
else
  {
   Clear-Content $path
  }
Get-DomainInfo | Out-String | Add-Content $path

One thought on “List Domain Users using Script | PowerShell

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.