Connect with us

Hi, what are you looking for?

Citrix Provisioning Services

Microsoft PowerShell script to enumerate security group members and email a CSV report of the results

I needed to write a script to enumerate a couple of security groups containing my XenDesktop VDI users and email an attachment with all the user names on a weekly basis to other Citrix admins. I started writing the script with PowerShell and while Googling a cmdlet came across this post by Brian Gordon:

http://briangordon.wordpress.com/2012/04/28/powershell-monitor-and-e-mail-ad-group-membership/

He did all the work for me! Thanks for this Brian!

Advertisement. Scroll to continue reading.

I made a few small modifications to Brian’s PowerShell script. Here’s what I did to get it all running:

1. First make you get download the Quest (or Dell now) ActiveRoles Management Shell for Active Directory:

http://www.quest.com/powershell/activeroles-server.aspx

Advertisement. Scroll to continue reading.

I used the ActiveRoles Management Shell for Active Directory 64-bit installer on my Server 2008 R2 box I was going to be running the script on.

2. I created a file called “VDI-Membership-Tracking.ps1” and pasted Brian’s script with my changes. The main change is that I added the Quest snap-in to the first line of the .ps1 so it will contain everything it needs to run without outside arguments. Otherwise PowerShell won’t recognize the ActiveRoles cmdlets. I also wanted the CSV to contain the email address for each user. So my full script looks like this:

Advertisement. Scroll to continue reading.

3. Lastly I scheduled it on my Server 2008 R2 box to run weekly every Monday morning. In Task Scheduler, I used the following Action while creating my task:

For the “Program/scripts”:
powershell.exe

And the “Arguments”:
-executionPolicy unrestricted -file "D:\VDI Membership Tracking\VDI-Membership-Tracking.ps1"

Advertisement. Scroll to continue reading.

So it should look something like this for you:

1

If you want to grab both the domain and user ID in “domain\userID” format then use NTAccountName instead of SamAccountName in your Select statement. Hope this helps someone and thank you again Brian!

Advertisement. Scroll to continue reading.
1 Comment

1 Comment

  1. Lucas

    March 1, 2019 at 6:22 AM

    Hello Brian,
    What change would be required in the script to route emails with external authentication?
    Well in my case I use office365.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Apache

Today I would like to go over proper URL redirection when using SSL but first I would like to preface this by describing what...

Exchange 2003

A useful Exchange 2003 guide I wrote for a friend’s blog originally but I am posting it here on mine now for your viewing...

Citrix Workspace

You can use FIDO2 hardware security keys plugged into your physical desktop over the Citrix HDX remoting protocol for use with virtualized Windows Desktop...

Cloud Design Architecture

The community-driven paperback book initiated by my friends Bas van Kaam and Christiaan Brinkhoff is available for sale on Amazon. If you haven’t picked...

Advertisement

JasonSamuel.com was launched in 2008 as a platform to give back to the IT community by sharing knowledge and expertise. Over the years, it has become a trusted global resource for the latest insights, how-to guides, and forward-thinking leadership on enterprise mobility, security, virtualization, cloud architecture, automation, and other cutting-edge technologies. Today, it serves as a go-to reference hub for IT professionals, attracting hundreds of thousands of unique visitors from around the world each month. Learn more on the About Me page.
Copyright © 2008-2025 JasonSamuel.com