Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska Kiswahili ไทย Türkçe Українська Tiếng Việt 简体中文 中文 (香港) 繁體中文

How Can I Import Users from Active Directory Using PowerShell?

Avatar
Tim Ng
Updated
Follow

Active Directory Export Using PowerShell

The easiest and most efficient way to integrate users from Active Directory to your KnowBe4 console is to use our Active Directory Integration (ADI) feature. For more information on this feature, see our ADI Configuration Guide.

If you prefer to manually integrate your Active Directory information, you can use PowerShell to export your user data as a CSV file. Once the CSV file is exported, import your users by following the instructions in our article titled How Do I Import Users With a CSV File? 

 

Jump to:

Export All Enabled Users

Export Users Based on Specific Criteria

 

Export Emails Using PowerShell

If you would like to add all of your Active Directory users to your KnowB4 console, follow the steps below. 

  1. Open PowerShell in Administrator Mode.
  2. Run the following command to import the Active Directory Module:
    Import-Module ActiveDirectory
  3. Next, run the following command to generate a CSV file of all enabled users. The generated CSV file will include each user’s email address, first name, last name, and OU (Organizational Unit).
    Get-ADUser -Properties * -Filter {Enabled -eq 'True'} | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation
    Click here to download a sample script.

Once the CSV file is generated, review the file for accuracy. Then, view our article titled How Do I Import Users With a CSV File? to learn how to add these users to your KnowBe4 console.

Back to top

 

Export Users Based on Specific Criteria

You can also use PowerShell to export a list of users who fit specific criteria. This allows you to only import those specific users to your KnowBe4 console. Below are three common use cases for criteria-based user lists. Click on a use case to learn more and to view sample commands.

Generate a List of Users from a Specific Security Group

To export a list of users who belong to a specific security group in Active Directory, follow the steps below. 

  1. Open PowerShell in Administrator Mode.
  2. Run the following command to import the Active Directory Module:
    Import-Module ActiveDirectory
  3. Next, enter the following command and change *ExampleSecurityGroup* to the specific security group in your Active Directory.
    Get-ADUser -Properties * -Filter {Enabled -eq 'True'} | Where-Object {($_.memberof -like "*ExampleSecurityGroup*")} | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation

Click here to download a sample script.

Once the CSV file is generated, review the file for accuracy. Then, view our article titled How Do I Import Users With a CSV File? to learn how to add these users to your KnowBe4 console.  

Generate a List of Users within a Specific OU

To export a list of users within a specific OU (Organizational Unit), follow the steps below. 

  1. Open PowerShell in Administrator Mode.
  2. Run the following command to import the Active Directory Module:
    Import-Module ActiveDirectory
  3. Next, enter the following command and change OU=ExampleOU, DC=Domain, DC=com to the specific information for your Active Directory.
    Get-ADUser -Properties * -Filter {Enabled -eq 'True'} -SearchBase "OU=ExampleOU, DC=Domain, DC=com" | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation

Click here to download a sample script.

Once the CSV file is generated, review the file for accuracy. Then, view our article titled How Do I Import Users With a CSV File? to learn how to add these users to your KnowBe4 console. 

Generate a List of Users from a Specific Distribution Group

To export a list of users who belong to a specific distribution group in Active Directory, follow the steps below. 

  1. Open PowerShell in Administrator Mode.
  2. Run the following command to import the Active Directory Module:
    Import-Module ActiveDirectory
  3. Next, enter the following command and change ExampleDistributionGroup to the specific distribution group in your Active Directory.
    $Members = Get-ADGroupMember -Recursive "ExampleDistributionGroup"
    $Obj = @()
    ForEach ($Member in $Members)
    {
    $User = Get-ADUser -Filter {Name -eq $Member.name -and Enabled -eq 'True'} -Properties *
    $GroupObj = New-Object PSObject
    $GroupObj | Add-Member -MemberType NoteProperty -Name "Email" -Value $User.EmailAddress
    $GroupObj | Add-Member -MemberType NoteProperty -Name "First Name" -Value $User.GivenName
    $GroupObj | Add-Member -MemberType NoteProperty -Name "Last Name" -Value $User.Surname
    $GroupObj | Add-Member -MemberType NoteProperty -Name "Group" -Value (($User.canonicalname -Split "/")[-2])
    $Obj += $GroupObj
    }
    $Obj | Export-Csv users.csv -NoTypeInformation

Click here to download a sample script.

Once the CSV file is generated, review the file for accuracy. Then, view our article titled How Do I Import Users With a CSV File? to learn how to add these users to your KnowBe4 console.  

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles