Active Directory - Export Microsoft Domain to CSV File

Active Directory - Export Microsoft Domain to CSV File

How to Export User Accounts Using Active Directory Users and Computers 

You'll be happy to know you can easily export all Active Directory information through the GUI ADUC or with a Powershell script.  You only need to open ADUC, navigate to your desired OU, and click the Export List button. This will export all of the accounts in the OU to a tab delimited text file. If you want to view the data in CSV form just change the extension from .txt to .csv (or right click and open in Excel and do a save as CSV).

GUI

Screenshot showing ad export users

Filtering Results

  1. Open Active Directory Users and Computers at Start > Administrative tools > Active Directory Users and Computers:

  1. After your ADUC snap-in tool is open choose the name of your domain and go to Users.


  1. A complete list of users will appear. However, there are also security and distribution groups included. To get rid of them, use filters (funnel icon highlighted in red below). Instead of showing all types of objects, choose Show only the following types of objects, check Users and click the OK button.



  1. 4. The next step is choosing which attributes to export to a CSV file. Now, which fields you choose depends on what you need your CSV file for. If you want to create a migration batch, your file will need User Logon Name, First Name, Last Name, Email Address. To acheive this navigate to View > Add/Remove Columns, then choose OK to save you choices. 

How to export users from Active Directory GUI 4

  1. 5. By clicking on Export list (highlighted in the red square below) in the top menu, you can export your users. You just have to name the new file and make sure that it is saved in the *.csv format.

How to export users from Active Directory GUI 5

  1. Repeat the steps for the Computers on the network. If you have hosts that are not in the Directory open a CMD or Powershell and run the command hostname and add the ouput host's name to your csv file.
  2. Unfortunately, neither Active Directory Users and Computers (ADUC) nor Active Directory Administrative Center (ADAC) snap-ins have built in functionality to export a list of group members. Fortunately, we can use PowerShell with the Get-ADGroup and Get-ADGroupMember cmdlet to list AD group members and export them to CSV very quickly and easily.

Powershell

RSAT and PowerShell Module

Windows Server 2012, 2016, 2019, or 2022

If the server you’re using is a Domain Controller or is running the Active Directory Domain Services (AD DS) or Active Directory Lightweight Domain Services (AD LDS) then you’ll already have the ActiveDirectory PowerShell Module installed. If the server is a member server and runs Windows Server 2012, 2016, 2019, or 2022 then you can simply enable the AD DS and AD LDS Tools feature in Server Manager -> Manage -> Add Roles and Features -> Features -> Remote Server Administration Tools -> Role Administration Tools. You can also run the PowerShell command from an Administrator Shell:

  1. Add-WindowsFeature RSAT-AD-PowerShell

Alternatively, on Windows 10 and Windows 11 you can obtain the ActiveDirectory PowerShell Module by installing the Remote Server Administration Tools (RSAT). You can verify that you have the ActiveDirectory Module installed by running the following command in an elevated PowerShell window:

  1. Get-Module -ListAvailable
Which will result in the following output:



If you have ActiveDirectory listed at the bottom to the right of Manifest you are ready.

PS Script 

Windows Server 2012, 2016, 2019, or 2022

Add the following commands to a file named exportAD.ps1  and then from an administrator Powershell run ./exportAD.ps1. This will create a directory named AD_Backup where you run the script, extract all of the Directory to 5 .csv files, archive the .csv files to ActiveDirectory-CSV.zip, and finally open File Explorer to reveal the .zip file. 

  1. # Set error action preference to continue on non-terminating errors
  2. $ErrorActionPreference = "Continue"

  4. # Create a timestamp for the backup
  5. $timestamp = Get-Date -Format "yyyyMMdd-HHmmss"

  7. # Create a directory for the backup
  8. $backupDir = "AD-Backup-$timestamp"
  9. New-Item -ItemType Directory -Path $backupDir | Out-Null

  11. Write-Output "Collecting Domain Users and Computers"

  13. # Collect Domain Controllers
  14. Get-ADDomainController -Filter * | 
  15.     Select-Object Name, Domain, IPv4Address, ServerObjectDN |
  16.     Export-Csv -Path "$backupDir\ad-domain.csv" -NoTypeInformation

  18. # Collect Users (limiting properties for efficiency)
  19. Get-ADUser -Filter * -Properties GivenName, Surname, SamAccountName, EmailAddress, DistinguishedName |
  20.     Select-Object GivenName, Surname, SamAccountName, EmailAddress, DistinguishedName, ObjectClass |
  21.     Export-Csv -Path "$backupDir\ad-users.csv" -NoTypeInformation

  23. # Collect Groups and Members
  24. Get-ADGroup -Filter * | ForEach-Object {
  25.     $group = $_
  26.     Get-ADGroupMember -Identity $group -Recursive | 
  27.         Select-Object @{N='GroupName';E={$group.Name}}, Name, SamAccountName, DistinguishedName
  28. } | Export-Csv -Path "$backupDir\ad-groups.csv" -NoTypeInformation

  30. # Collect Computers (limiting properties for efficiency)
  31. Get-ADComputer -Filter * -Properties CN, DNSHostName, PrimaryGroup |
  32.     Select-Object CN, DNSHostName, PrimaryGroup |
  33.     Export-Csv -Path "$backupDir\ad-computers.csv" -NoTypeInformation

  35. # Collect GPOs
  36. Get-GPO -All | Select-Object DisplayName, ID, CreationTime, ModificationTime |
  37.     Export-Csv -Path "$backupDir\ad-GPOs.csv" -NoTypeInformation

  39. # Get the current directory
  40. $currentDir = Get-Location

  42. # Create ZIP archive in the current directory
  43. $zipPath = Join-Path $currentDir "ActiveDirectory-CSV-$timestamp.zip"
  44. Compress-Archive -Path "$backupDir\*.csv" -DestinationPath $zipPath

  46. # Open File Explorer in the current directory
  47. explorer.exe $currentDir

  49. Write-Output "Backup completed. CSV files are in $backupDir"
  50. Write-Output "ZIP archive is located at: $zipPath"
    Windows File Explorer will automatically open to the working directory. There will be a directory named AD-Backup-$timestamp for your review and a .zip archive named ActiveDirectory-CSV-$timestamp.zip containing the files for you send to us. 

Windows Small Business Server 2008 - 2011

There may be compatibility issues with some of the commands in this script. If you are have any issues please send us the error and use the GUI method located at the top of this article. 

  1. # Check if Active Directory module is available, if not,  import it
  2. if (-not (Get-Module -ListAvailable -Name ActiveDirectory)) {
  3.     Import-Module ServerManager
  4.     Add-WindowsFeature RSAT-AD-PowerShell
  5. }

  7. # Set error action preference to continue on non-terminating errors
  8. $ErrorActionPreference = "Continue"

  10. # Create a timestamp for the backup
  11. $timestamp = Get-Date -Format "yyyyMMdd-HHmmss"

  13. # Create a directory for the backup
  14. $backupDir = "AD-Backup-$timestamp"
  15. New-Item -ItemType Directory -Path $backupDir | Out-Null

  17. Write-Output "Collecting Domain Users and Computers"

  19. # Collect Domain Controllers
  20. Get-ADDomainController -Filter * | 
  21.     Select-Object Name, Domain, IPv4Address, ServerObjectGUID |
  22.     Export-Csv -Path "$backupDir\ad-domain.csv" -NoTypeInformation

  24. # Collect Users
  25. Get-ADUser -Filter * -Properties GivenName, Surname, SamAccountName, EmailAddress, DistinguishedName |
  26.     Select-Object GivenName, Surname, SamAccountName, EmailAddress, DistinguishedName, ObjectClass |
  27.     Export-Csv -Path "$backupDir\ad-users.csv" -NoTypeInformation

  29. # Collect Groups and Members
  30. Get-ADGroup -Filter * | ForEach-Object {
  31.     $group = $_
  32.     Get-ADGroupMember -Identity $group | 
  33.         Select-Object @{N='GroupName';E={$group.Name}}, Name, SamAccountName, DistinguishedName
  34. } | Export-Csv -Path "$backupDir\ad-groups.csv" -NoTypeInformation

  36. # Collect Computers
  37. Get-ADComputer -Filter * -Properties CN, DNSHostName |
  38.     Select-Object CN, DNSHostName |
  39.     Export-Csv -Path "$backupDir\ad-computers.csv" -NoTypeInformation

  41. # Collect GPOs (requires GroupPolicy module)
  42. if (Get-Module -ListAvailable -Name GroupPolicy) {
  43.     Import-Module GroupPolicy
  44.     Get-GPO -All | Select-Object DisplayName, ID, CreationTime, ModificationTime |
  45.         Export-Csv -Path "$backupDir\ad-GPOs.csv" -NoTypeInformation
  46. } else {
  47.     Write-Output "GroupPolicy module not available. Skipping GPO export."
  48. }

  50. # Get the current directory
  51. $currentDir = Get-Location

  53. # Create ZIP archive in the current directory (requires PowerShell 3.0 or later)
  54. $zipPath = Join-Path $currentDir "ActiveDirectory-CSV-$timestamp.zip"
  55. Add-Type -AssemblyName System.IO.Compression.FileSystem
  56. [System.IO.Compression.ZipFile]::CreateFromDirectory($backupDir, $zipPath)

  58. # Open File Explorer in the current directory
  59. explorer.exe $currentDir

  61. Write-Output "Backup completed. CSV files are in $backupDir"
  62. Write-Output "ZIP archive is located at: $zipPath"

Mapped Drives

Mapped drives are not part of Active Directory, this info is stored separately on each host. Create a .ps1 script with the following commands and run on each host for each user that logs in.
  1. Get-ChildItem "HKCU:Network\" |
  2.      ForEach-Object {
  3.        [PsCustomObject]@{
  4.         DriveLetter = $_.PSChildName
  5.          RemotePath = (Get-ItemProperty $_.PSPath).RemotePath            
  6.       }
  7. }

    • Related Articles

    • Domain Controller (Active Directory) Setup

      Introduction There aren't any guidelines or instructions on the functioning of the Uplevel Domain Controller because it acts essentially identically to a conventional Microsoft Domain Controller from the standpoint of workstations. Microsoft offers a ...

    • Active Directory GPO - Folder Redirection

      Microsoft Documentation https://learn.microsoft.com/en-us/windows-server/storage/folder-redirection/folder-redirection-rup-overview If you deploy roaming user profiles with folder redirection in an environment with existing local user profiles, ...

    • Active Directory GPO - Folder Redirection

      Microsoft Documentation https://learn.microsoft.com/en-us/windows-server/storage/folder-redirection/folder-redirection-rup-overview Introduction When a user with the folder redirection GPO logs into a Domain joined host, a copy of their directories ...

    • Active Directory GPO - Roaming Profiles

      Microsoft Documentation https://learn.microsoft.com/en-us/windows-server/storage/folder-redirection/deploy-roaming-user-profiles Introduction A roaming user profile is a file synchronization concept in the Windows operating system that allows users ...

    • Azure vs. Uplevel Active Directory

      Portions of this article are from the Blog post on our website - https://www.uplevelsystems.com/blog/uplevel-ad-vs-azure-ad-whats-the-difference Introduction On-premises Microsoft Active Directory, Uplevel Active Directory compatible Directory ...