- Open the PowerShell ISE.
If you don't have the Active Directory module installed on your Windows machine, you need to download the correct Remote Server Administration Tools (RSAT) package for your OS.
To activate the module, use the import-module ActiveDirectory command from an elevated PowerShell prompt.
- Run one of the following PowerShell scripts, specifying the AD user account name (samaccountname) you’re interested in and the path to export.
- This report will output the user group list with group categories and scope:
$UserName = “T.Simpson[SO1]“
$ReportPath = “C:\data\ADUserGroups.csv“
Get-ADPrincipalGroupMembership $Username | select name, groupcategory, groupscope | export-CSV C:\data\ADUserGroups.csv
- This report will get group list in LDIF format:
$UserName = “T.Simpson“
$ReportPath = “C:\data\ADUserGroups.txt“
(Get-ADUser $UserName –Properties MemberOf | Select MemberOf).MemberOf |Out-File -FilePath $reportpath
- Open the file produced by the script in MS Excel.
- Run Netwrix Auditor → Navigate to "Reports" → Expand the "Active Directory" section → Go to "Active Directory - State-in-Time" → Select "User Accounts - Group Membership"→ Click 'View".
- To save the report, click the "Export" button → Choose a format from the dropdown menu → Click "Save".