Wednesday, October 15, 2014

Export AD Users from a Group via PowerShell

I have to write this script recenely to export user and their few properties via PowerShell.
Import-Module ActiveDirectory

$ADGroup = "GroupName"
write-host "Accessing all users from group:" $ADGroup
Get-ADGroupMember -identity $ADGroup -recursive | select distinguishedName,name | Export-csv -path C:\Temp\users.csv -NoTypeInformation
write-host "Done."

Watch For:
You might see the following error:
Get-ADGroupMember : The size limit for this request was exceeded

Reason:
Default number of objects returned from AD are limited to 5,000 by default.

Resolution: Open the config file for ADWS
C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe.config
and add the following line under <appsettings> tag
<add key="MaxGroupOrMemberEntries" value="25000">