One of the most common requests I get is “Can you pull a list of all users in AD with X information?” Instead of manually clicking through ADUC, let’s automate it.

The Problem#

Management needs a report of all users showing:

  • Display name
  • Email address
  • Department
  • Last logon date
  • Account status (enabled/disabled)

The Solution#

# Get-ADUserReport.ps1
# Generates a CSV report of Active Directory users

Import-Module ActiveDirectory

$Users = Get-ADUser -Filter * -Properties `
    DisplayName, EmailAddress, Department, `
    LastLogonDate, Enabled, WhenCreated |
    Select-Object `
        @{N='Name';E={$_.DisplayName}},
        @{N='Email';E={$_.EmailAddress}},
        Department,
        @{N='Last Logon';E={$_.LastLogonDate}},
        @{N='Status';E={if($_.Enabled){'Active'}else{'Disabled'}}},
        @{N='Created';E={$_.WhenCreated}}

$Users | Export-Csv -Path "C:\Reports\AD_Users_$(Get-Date -Format 'yyyyMMdd').csv" -NoTypeInformation

Write-Host "Report generated: $($Users.Count) users exported"

Breaking It Down#

  1. Import-Module – Load the AD module (comes with RSAT)
  2. Get-ADUser – Query all users with specific properties
  3. Select-Object – Format the output with custom column names
  4. Export-Csv – Save to a dated CSV file

Enhancements#

Want to filter by OU? Add the -SearchBase parameter:

Get-ADUser -Filter * -SearchBase "OU=Employees,DC=contoso,DC=com" -Properties ...

Need only active users from the last 90 days?

$CutoffDate = (Get-Date).AddDays(-90)
Get-ADUser -Filter {LastLogonDate -gt $CutoffDate -and Enabled -eq $true} -Properties ...

Scheduling It#

Set up a scheduled task to run this weekly:

$Action = New-ScheduledTaskAction -Execute "PowerShell.exe" `
    -Argument "-File C:\Scripts\Get-ADUserReport.ps1"
$Trigger = New-ScheduledTaskTrigger -Weekly -DaysOfWeek Monday -At 6am
Register-ScheduledTask -TaskName "Weekly AD Report" -Action $Action -Trigger $Trigger

This script saves me hours every month. Adjust the properties as needed for your environment.