<# .SYNOPSIS Gets unique user logins from AD groups with their group membership .DESCRIPTION Processes security groups from input file, recursively expands all members, and exports users with their source groups .PARAMETER InputFile Path to file containing group names (one per line) .PARAMETER OutputFile Path to result file (default: Get-UsersFromGroups_Output.csv) #> param( [Parameter(Mandatory=$true)] [string]$InputFile, [string]$OutputFile = "Get-UsersFromGroups_Output.csv" ) # Get unique groups from input file $groups = Get-Content $InputFile | Where-Object { $_ -match '\S' } | Select-Object -Unique # Initialize result storage: user -> groups $results = @{} foreach ($group in $groups) { try { # Get AD group object $adGroup = Get-ADGroup -Identity $group -ErrorAction Stop # Recursively get all user members $users = Get-ADGroupMember -Identity $adGroup -Recursive -ErrorAction Stop | Where-Object { $_.objectClass -eq 'user' } # Add group to each user's membership list foreach ($user in $users) { $login = $user.SamAccountName if (-not $results.ContainsKey($login)) { $results[$login] = [System.Collections.Generic.List[string]]::new() } $results[$login].Add($group) } } catch { Write-Warning "Error processing group '$group': $_" } } # Convert to sorted object array $output = $results.GetEnumerator() | ForEach-Object { [PSCustomObject]@{ User = $_.Key Groups = ($_.Value -join "; ") } } | Sort-Object User # Export to CSV $output | Export-Csv -Path $OutputFile -NoTypeInformation -Encoding UTF8 # Console output $output | Format-Table -AutoSize