Question : Generate the members from AD user group

Hi Guys,

I'm using dsget command. However it is a chore to specify the specific OU to find the user group and list it's members. I only have one domain but have mulitple OUs and groups.

I have also read about the csvde command which I read is very powerful but as I'm unfamiliar with it, I am not confident to use it yet. Last thing I want is to corrupt my AD.

Any advice on the possibilities on how I can list all the members of the AD groups?

Answer : Generate the members from AD user group

csvde won't write to your AD, so it won't do anything to corrupt it.
The string you'll need to output the users of a specific group is attached.
If you understand LDAP strings, it's pretty easy to work out. For example, by default, pulling all the users in the domain admins group requires this string:
csvde -f output.csv -d "cd=domain admins,cn=users,dc=<domainname>,dc=<com, local, whatever you have at the end of your domain name>" and that will output all the users in that group to the CSV file Output.csv.

It will identify users by their LDAP strings as well, so be aware of that.

As another example, you want to pull the members of the Managers group with is located in an OU called Managers, under the Network Users OU in random.local, the string is
csvde -f output.csv -d "cn=Managers,ou=Managers,ou=Network Users, dc=random, dc=local"

Lemme know if you have any trouble figuring it out from there.

1:	csvde -f <output file name> -d "<ldap string for the group you want>"