Useful PowerShell for extracting / reporting on AD users and groups

get_AD_users_and_groups.ps1

Import-Module ActiveDirectory
 
#users
$users = Get-ADUser -filter * -properties AccountExpirationDate, AccountLockoutTime, AccountNotDelegated, AllowReversiblePasswordEncryption, CannotChangePassword, CanonicalName, Created, Deleted, Description, DisplayName, DistinguishedName, EmailAddress, EmployeeID, EmployeeNumber, Enabled, GivenName, HomeDirectory, HomedirRequired, LastBadPasswordAttempt, LastLogonDate, LockedOut, LogonWorkstations, Modified, Name, PasswordExpired, PasswordLastSet, PasswordNeverExpires, PasswordNotRequired, PrimaryGroup, ProfilePath, SamAccountName, SID, SIDHistory, Surname, Title, TrustedForDelegation, TrustedToAuthForDelegation, UserPrincipalName 
#$users | export-clixml "C:\temp\ADUsers.xml"

#Groups (with members)
$groups = Get-ADGroup -filter * -properties CanonicalName, Created, Deleted, Description, DisplayName, DistinguishedName, GroupCategory, GroupScope, ManagedBy, MemberOf, Members, Modified, Name, ObjectCategory, ObjectClass, ObjectGUID, SamAccountName, SID  
#$groups | export-clixml "C:\temp\ADGroups.xml"
 
$users | export-csv -NoTypeInformation AD-users.csv
$groups | export-csv -NoTypeInformation AD-groups.csv

$groups | ForEach-Object {foreach ($m in $_.members) { [System.Tuple]::Create($_.distinguishedname, $m)}} | export-csv -NoTypeInformation -Path C:\temp\ad-groupmembers.csv