We like to create Active Directory users with PowerShell. This time, we need to add…
Get Organizational Units with PowerShell
We like to get a list of all the Organizational Units (OUs) in Active Directory and export it with PowerShell. Why do we need that? We like to clean up not used OUs. This article will teach you how to display and export a list of Organizational Units with PowerShell.
Table of contents
Get a list of all Organizational Units with PowerShell
Run PowerShell as administrator. Get a list of all the OUs in Active Directory. We will make use of the Get-ADOrganizationalUnit cmdlet. Let’s sort on CanonicalName. This will show us an OU breakdown structure and is easier to read.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
[PS] C:\>Get-ADOrganizationalUnit -Properties CanonicalName -Filter * | Sort-Object CanonicalName | Format-Table CanonicalName, DistinguishedName CanonicalName DistinguishedName ------------- ----------------- alitajran.local/AT Company OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Groups OU=Groups,OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Servers OU=Servers,OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Servers/Exchange OU=Exchange,OU=Servers,OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Users OU=Users,OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Users/HR OU=HR,OU=Users,OU=AT Company,DC=alitajran,DC=local alitajran.local/AT Company/Users/IT OU=IT,OU=Users,OU=AT Company,DC=alitajran,DC=local alitajran.local/Domain Controllers OU=Domain Controllers,DC=alitajran,DC=local alitajran.local/Microsoft Exchange Security Groups OU=Microsoft Exchange Security Groups,DC=alitajran,DC=local |
The output with all the OUs in AD is a good list. But how do we know if there are users present in the OU?
Get a list of all Organizational Units including UserCount with PowerShell
We like to get a list of the OUs, including user count with PowerShell. This will show us if there are users present in the OU. Copy and paste the below code. Run it in PowerShell ISE.
|
1 2 3 4 5 6 7 8 |
Get-ADOrganizationalUnit -Properties CanonicalName -Filter * | Sort-Object CanonicalName | ForEach-Object { [pscustomobject]@{ Name = Split-Path $_.CanonicalName -Leaf CanonicalName = $_.CanonicalName UserCount = @(Get-AdUser -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count } } |
It will show an output with a column UserCount. If the UserCount value is showing 0, it means that there are no users in the OU. Note: it will not show if there is a computer object in the OU. This will only check and show a count for users.
|
1 2 3 4 5 6 7 8 9 10 11 |
Name CanonicalName UserCount ---- ------------- --------- AT Company alitajran.local/AT Company 0 Groups alitajran.local/AT Company/Groups 0 Servers alitajran.local/AT Company/Servers 0 Exchange alitajran.local/AT Company/Servers/Exchange 0 Users alitajran.local/AT Company/Users 0 HR alitajran.local/AT Company/Users/HR 5 IT alitajran.local/AT Company/Users/IT 15 Domain Controllers alitajran.local/Domain Controllers 0 Microsoft Exchange Security Groups alitajran.local/Microsoft Exchange Security Groups 0 |
Get a list of all Organizational Units including ComputerCount with PowerShell
We like to get a list of the OUs, including computer count with PowerShell.
|
1 2 3 4 5 6 7 8 9 |
Get-ADOrganizationalUnit -Properties CanonicalName -Filter * | Sort-Object CanonicalName | ForEach-Object { [pscustomobject]@{ Name = Split-Path $_.CanonicalName -Leaf CanonicalName = $_.CanonicalName UserCount = @(Get-AdUser -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count ComputerCount = @(Get-AdComputer -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count } } |
The output will show a column ComputerCount.
|
1 2 3 4 5 6 7 8 9 10 11 |
Name CanonicalName UserCount ComputerCount ---- ------------- --------- ------------- AT Company alitajran.local/AT Company 0 0 Groups alitajran.local/AT Company/Groups 0 0 Servers alitajran.local/AT Company/Servers 0 3 Exchange alitajran.local/AT Company/Servers/Exchange 0 2 Users alitajran.local/AT Company/Users 0 0 HR alitajran.local/AT Company/Users/HR 5 0 IT alitajran.local/AT Company/Users/IT 15 0 Domain Controllers alitajran.local/Domain Controllers 0 2 Microsoft Exchange Security Groups alitajran.local/Microsoft Exchange Security Groups 0 0 |
Export OUs in AD to a text file or CSV file with PowerShell
Now that we have the list of OUs in AD shown, we like to export it to a file. The script will get the Organizational Units with PowerShell and export it to a text file.
|
1 2 3 4 5 6 7 8 9 |
$results = Get-ADOrganizationalUnit -Properties CanonicalName -Filter * | Sort-Object CanonicalName | ForEach-Object { [pscustomobject]@{ Name = Split-Path $_.CanonicalName -Leaf CanonicalName = $_.CanonicalName UserCount = @(Get-AdUser -Filter * -SearchBase $_.DistinguishedName -SearchScope OneLevel).Count } } $results | Out-File C:\export_OUs.txt -Encoding UTF8 |
If you like to export to a CSV file, change the last line to $results | Export-Csv -Path C:\export_OUs.csv -NoTypeInformation –Encoding UTF8
After running the above command, find the exported file in the C:\ drive. I opened the text file export_OUs.txt.
Keep reading: Bulk move AD users to another OU with PowerShell »
Conclusion
To sum it up, you learned how to get Organizational Units with PowerShell. You also learned how to find empty OUs. As of last, you learned how to export OUs to a text file or CSV file with PowerShell.
Did you enjoy this article? If so, you may like Hide mail-enabled security group from GAL with PowerShell. Don’t forget to follow us and share this article.
What Others Are Reading
Nice post and I really appreciate the details.