Menu

How Do I Get Emails From Active Directory Using PowerShell?

Avatar
Tim Ng
Updated
Follow

Active Directory Export Using PowerShell

If you're using Active Directory, we highly recommend that instead of pulling email addresses with the below method, that you integrate your Active Directory data with your KnowBe4 console. It is the easiest and most efficient way to maintain an updated user list within your console. To find out how to do this, view our Active Directory Integration manual, or check out our training video.

Otherwise, if you'd like to instead get a list of users which you can then import into your KnowBe4 console rather than automatically sync to Active Directory, you can use the below information to help you export your users from Active Directory using PowerShell.

After the scripts run correctly, a CSV file will be generated and saved in your current directory, and you can inspect the file to make sure the information is correct.

Once the CSV file is checked for accuracy, you can then upload it to the KnowBe4 console.

See more about importing users: 
-Users and Groups Product Manual
-Adding/Importing Users

 

Export Emails Using PowerShell

If you already have PowerShell open in Administrator Mode, run the following command to import the ActiveDirectory Module.

Import-Module ActiveDirectory

 

Generate a CSV of all enabled users

The script below will generate a CSV of all enabled users. It will pull the email, first name, last name, and OU for all enabled users listed in Active Directory. Download a sample script here.

Get-ADUser -Properties * -Filter {Enabled -eq 'True'} | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation

 

Generate a CSV of all enabled users who are a member of a particular security group

This example returns a CSV of all enabled users that are a member of a security group named “ExampleSecurityGroup”. Download a sample script here.

Import-Module ActiveDirectory

Get-ADUser -Properties * -Filter {Enabled -eq 'True'} | Where-Object {($_.memberof -like "*ExampleSecurityGroup*")} | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation

 

Generate a CSV of all enabled users that are contained in the OU with a specific Distinguished Name 

This example returns a CSV of all enabled users that are contained in the OU with Distinguished Name “OU=ExampleOU, DC=Domain, DC=com”. Download a sample script here.

Import-Module ActiveDirectory

Get-ADUser -Properties * -Filter {Enabled -eq 'True'} -SearchBase "OU=ExampleOU, DC=Domain, DC=com" | Select-Object @{Label = "Email";Expression = {$_.EmailAddress}}, @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Group";Expression = {($_.canonicalname -Split "/")[-2]}} | Export-Csv -Path users.csv -NoTypeInformation

 

Generate a CSV of all enabled users that are contained in a distribution group with a specific name

This example returns a CSV of all enabled users that are contained in a distribution group named “ExampleDistributionGroup” and child distribution groups. Download a sample script here.

Import-Module ActiveDirectory

$Members = Get-ADGroupMember -Recursive "ExampleDistributionGroup"
$Obj = @()
ForEach ($Member in $Members)
{
$User = Get-ADUser -Filter {Name -eq $Member.name -and Enabled -eq 'True'} -Properties *
$GroupObj = New-Object PSObject
$GroupObj | Add-Member -MemberType NoteProperty -Name "Email" -Value $User.EmailAddress
$GroupObj | Add-Member -MemberType NoteProperty -Name "First Name" -Value $User.GivenName
$GroupObj | Add-Member -MemberType NoteProperty -Name "Last Name" -Value $User.Surname
$GroupObj | Add-Member -MemberType NoteProperty -Name "Group" -Value (($User.canonicalname -Split "/")[-2])
$Obj += $GroupObj
}
$Obj | Export-Csv users.csv -NoTypeInformation
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles