How to generate and export Active Directory (AD) users from multiple OUs
The following is a comparison between the steps required for generating a report on AD users from multiple OUs with the Get-ADUser cmdlet of Windows PowerShell and ADManager Plus.
Windows PowerShell
Steps to obtain a list of AD users from specific OUs using PowerShell :
- Choose which domain you want to generate the report for.
- Select the LDAP filters that you'll use as parameters for generating the report.
- Within the Properties parameter, specify additional user object properties that should appear in the report.
- Establish the format in which you want to export the report.
- Double-check that you've adhered to the appropriate syntax when writing the script.
- Use Windows PowerShell to compile and execute the script.
- To generate the report in a different format, or to add additional properties to the reports, modify the script accordingly.
Sample Script:
Copied
import-module activedirectory
$ous = 'OU= Sample1,DC=example1,DC=com','OU=Sample2,DC=example2,DC=com
$ous| ForEach { Get-ADUser -Filter * -SearchBase $_ | Select name,DistinguishedName | export-csv -Path "C:\export.csv" -NoTypeInformation
Click to copy entire script
ADManager Plus
To obtain the report:
- Select the All Users Report from the General Reports column of the User Reports section.
- Select the Domain and OUs. Generate the report.
- Use the Export As option to export the report in any of the desired format-CSV, PDF, XLSX, HTML and CSVDE.
Screenshot
» Start 30-day Free Trial
In Active Directory (AD), the Get-ADUser cmdlet along with filters help retrieve users from multiple OUs. However, using the Get-ADUser cmdlet to retrieve AD users from different OUs can prove to be a difficult task because:
- Minute syntax errors or typographical errors can lead to execution failures.
- Adding even minor details to the report—such as adding additional attributes —require scripts to be modified and executed again, which is time-consuming.
- If OU name contains special characters, then escape characters need to be used to escape them.
- Even the exclusion of child OUs increases the complexity of the script.
- Furthermore, script complexity also increases if the report has to exported in a specific format.
- These scripts can only be executed on computers that have Active Directory Domain Services role.
Therefore, a better and easier way to generate AD reports is by using ADManager Plus, an Active Directory management and reporting tool.
ADManager Plus is a web-based solution for all your AD, Exchange, Skype for Business, Google Workspace, and Office 365 management needs. It simplifies several routine tasks such as provisioning users, cleaning up dormant accounts, managing NTFS and share permissions, and more. Besides reporting, you can also build a custom workflow structure that will assist you in ticketing and compliance, automate routine AD tasks such as user provisioning and de-provisioning, and more. Download a free trial today to explore all these features.
Highlights of using ADManager Plus to generate AD reports
ADManager Plus simplifies the process of AD reporting by:
- Providing script-free reporting.
- Offering over 150 pre-packaged AD reports that cover the most important information about all AD objects.
- Allowing you to create your own report using the custom reports feature.
- Letting you automatically generate reports using the report scheduler. You can also choose to email these reports or store them at a specific location.
- Enabling on-the-fly management tasks to be performed from within those reports. For instance, perform actions like delete, disable, move, etc, on inactive users generated from the inactive users reports.
