Script repository

Export user properties to CSV file

December 13, 2023 Views: 1731
Export Data

Script 1: Email properties of the target user

The script exports specified properties of the target user to a CSV file and sends the file via email. To execute the script, create a scheduled task, a custom command or a business rule configured for the User object type.

Parameters:

  • $csvFilePath - Specifies the path to the CSV file to be created.
  • $removeCsvFile - Specifies whether the CSV file will be removed after sending the email notification.
  • $propertiesToExport - Specifies the LDAP names of the properties whose values will be present in the CSV file.
  • $valueSeparator - Specifies a character that will be used to separate values of multi-valued properties in the CSV file.
  • $to - Specifies the recipient email address.
  • $subject - Specifies the email notification subject.
  • $from - Specifies the email address from which the email notification will be sent.
  • $mailServer - Specifies the FQDN of the mail server that will be used to deliver the email notification.
  • $body - Specifies the email notification body.
Edit Remove
PowerShell
$csvFilePath = "C:\Scripts\Report.csv" # TODO: modify me
$removeCsvFile = $True # TODO: modify me
$propertiesToExport = @("givenName", "middleName", "sn", "title", "co", "mail") # TODO: modify me
$valueSeparator = ";" # TODO: modify me

# Email message settings
$to = "recipient@domain.com" # TODO: modify me
$subject = "Properties of user %fullname%" # TODO: modify me
$from = "noreply@domain.com" # TODO: Modify me
$mailServer = "mail.domain.com" # TODO: Modify me
$body = "Properties of user %fullname%" # TODO: Modify me

$propertyNameToValue = @{}
foreach ($propertyName in $propertiesToExport)
{
    try
    {
        $values = $Context.TargetObject.GetEx($propertyName)
    }
    catch
    {
        $values = $NULL
    }
    
    $value = $values -join $valueSeparator
    $propertyNameToValue.Add($propertyName, $value)
}

$record = New-Object PSObject -Property $propertyNameToValue
@($record) | Export-Csv -Path $csvFilePath -NoTypeInformation

# Send mail
Send-MailMessage -to $to -From $from -Subject $subject -Body $body -SmtpServer $mailServer -Attachments $csvFilePath

if ($removeCsvFile)
{
    # Remove CSV File
    Remove-Item $csvFilePath -Force
}

Script 2: Export properties of all users

The script exports specified properties of all users to a CSV file. To execute the script, create a scheduled task configured for the Domain object type and add a managed domain to the Activity Scope.

Parameters:

  • $csvFilePath - Specifies the path to the CSV file to be created.
  • $propertiesToExport - Specifies the LDAP names of the properties whose values will be present in the CSV file.
  • $valueSeparator - Specifies a character that will be used to separate values of multi-valued properties in the CSV file.
Edit Remove
PowerShell
$csvFilePath = "C:\Scripts\Report.csv" # TODO: modify me
$propertiesToExport = @("givenName", "middleName", "sn", "title", "co", "mail", "userAccountControl") # TODO: modify me
$valueSeparator = ";" # TODO: modify me

function CreateCSVrecord ($searchResult, $propertyNames)
{
    $propertyNameToValue = [ordered]@{}
    $user = $Context.BindToObjectBySearchResult($searchResult)
    
    foreach ($propertyName in $propertyNames)
    {
        try
        {
            $values = $user.GetEx($propertyName)
        }
        catch
        {
            $values = $NULL
        }
        
        if ($propertyName -eq "userAccountControl")
        {
            if ($values[0] -band 2)
            {
                $values = "Disabled"
            }
            else
            {
                $values = "Enabled"
            }
        }
        
        $value = $values -join $valueSeparator
        $propertyNameToValue.Add($propertyName, $value)
    }
    
    return New-Object PSObject -Property $propertyNameToValue
}

# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = New-AdmCriteria "user"
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad($propertiesToExport)
$searcher.VirtualRoot = $True

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $records = New-Object System.Collections.ArrayList
    
    foreach ($searchResult in $searchResults)
    {
        $record = CreateCSVrecord $searchResult $propertiesToExport
        $records.Add($record)
    }
}
finally
{
    # Release resources
    if ($searchResultIterator){ $searchResultIterator.Dispose() }
}

# Export CSV
$records | Export-Csv -Path $csvFilePath -NoTypeInformation
Comments 7
avatar
DRiVSSi Jun 19, 2024
Hello,
We want to use the second script to export the users of a certain OU to a csv file. With a scheduled task we have set the task to two OUs, but all other OUs will be exported as well.
And we also want to export Adaxes fields such as "adm-CustomAttributeText4" and "adm-CustomAttributeText5" in addition to AD fields. What should the code look like?

Thank you very much
Reply
avatar
Support Jun 19, 2024
Hello,

> With a scheduled task we have set the task to two OUs, but all other OUs will be exported as well.
For the approach to work, you need to create a scheduled task configured for the Organizational Unit object type and add the required OUs to the Activity Scope as This object only

There will be a separate file created for each OU, so it is recommended to make the CSV file name dynamic using value references. For example:

Edit Remove
PowerShell
$csvFilePath = "C:\Scripts\UsersFrom%name%.csv" # TODO: modify me

Also, for the script to search only under the target OU, replace this line
Edit Remove
PowerShell
$searcher.VirtualRoot = $True

with the below one
Edit Remove
PowerShell
$searcher.VirtualRoot = $False


>And we also want to export Adaxes fields such as "adm-CustomAttributeText4" and "adm-CustomAttributeText5" in addition to AD fields. What should the code look like?
As it is mentioned in the script description, you need to specify the names of all the required properties in the $propertiesToExport variable. For example:
Edit Remove
PowerShell
$propertiesToExport = @("givenName", "middleName", "sn", "title", "co", "mail", "userAccountControl") # TODO: modify me

Lastly, it might be much easier to use a report and schedule it instead of using a scheduled task. In this case, the following tutorials will be helpful:
Reply
avatar
DRiVSSi Jun 19, 2024
Thank you very much, with the adjustments only the selected OUs are now exported.

However, with the fields which should be exported, we also want to export the fields %adm-CustomAttributeText5% and %adm-CustomAttributeText4% of the user, which are only in Adaxes and not in the AD. How can Adaxes custom fields be added?
We have tried with:
$propertiesToExport = @("employeeNumber", "sAMAccountName", "sn", "givenName", "title", "mail", "%adm-CustomAttributeText5%", "%adm-CustomAttributeText4%")
but this does not work.
Reply
avatar
Support Jun 19, 2024
Hello,

In the $propertiesToExport variable, you specified value references to the custom attributes instead of their names. To achieve the required, remove % characters around the custom attribute names. The variable declaration should look like this:

Edit Remove
PowerShell
$propertiesToExport = @("employeeNumber", "sAMAccountName", "sn", "givenName", "title", "mail", "adm-CustomAttributeText5", "adm-CustomAttributeText4")
Reply
avatar
Mike Sep 27, 2024
How can I exclude disabled user accounts from the "Export properties of all users" script?
Reply
avatar
Support Sep 30, 2024
Hello Mike,

We updated the script so it exports only enabled accounts. Please, find it below.

Edit Remove
PowerShell
$csvFilePath = "C:\Scripts\Report.csv" # TODO: modify me
$propertiesToExport = @("givenName", "middleName", "sn", "title", "co", "mail", "userAccountControl") # TODO: modify me
$valueSeparator = ";" # TODO: modify me

function CreateCSVrecord ($searchResult, $propertyNames)
{
    $propertyNameToValue = [ordered]@{}
    $user = $Context.BindToObjectBySearchResult($searchResult)
    
    foreach ($propertyName in $propertyNames)
    {
        try
        {
            $values = $user.GetEx($propertyName)
        }
        catch
        {
            $values = $NULL
        }
        
        if ($propertyName -eq "userAccountControl")
        {
            if ($values[0] -band 2)
            {
                $values = "Disabled"
            }
            else
            {
                $values = "Enabled"
            }
        }
        
        $value = $values -join $valueSeparator
        $propertyNameToValue.Add($propertyName, $value)
    }
    
    return New-Object PSObject -Property $propertyNameToValue
}

# Search parameters
$searcher = $Context.TargetObject
$searcher.Criteria = New-AdmCriteria "user" {accountDisabled -eq $false}
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.PageSize = 500
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.SetPropertiesToLoad($propertiesToExport)
$searcher.VirtualRoot = $True

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $records = New-Object System.Collections.ArrayList
    
    foreach ($searchResult in $searchResults)
    {
        $record = CreateCSVrecord $searchResult $propertiesToExport
        $records.Add($record)
    }
}
finally
{
    # Release resources
    if ($searchResultIterator){ $searchResultIterator.Dispose() }
}

# Export CSV
$records | Export-Csv -Path $csvFilePath -NoTypeInformation
Reply
avatar
Mike Sep 30, 2024
Thank you! This worked perfectly!
Reply
Leave a comment
Related Scripts

Got questions?

Support Questions & Answers