Periodically, someone will had visited my desk to inquiry on the membership of any one or multiple groups within Active Directory. Here is a simple clean way to collect the data you require without losing your mind with format exports.

Pre-Requisites: PowerShell Module for Active Directory.

1. Collect the group names you want to review (i.e. Domain Admins, Account Operators).

2. Create a directory named scripts on your Windows system (i.e. C:\scripts).

3. Place the names of groups on separate lines in file (i.e. c:\scripts\identity.txt).

Example:

Domain Admins
Account Operators

4. Launch PowerShell Module for Active Directory.

5. Copy and paste the following command:

Get-Contents C:\scripts\identity.txt | Get-ADGroupMember -recursive | fl name,SamAccountName | out-file C:\scripts\members.txt

           NOTE: -recursive switch will cover any nested accounts.

6. Example of contents of c:\scripts\members.txt

name           : ellen.ripley

SamAccountName : ellen.ripley

name            : bishop

SamAccountName : bishop

That’s the quick easy way to produce group membership for your finance or general IT audits with PowerShell.

Read More:

How to Install the Active Directory Module for Windows PowerShell (mikepfeiffer.net)
Get-ADGroupMember (technet.microsoft.com)