Citrix Provisioning Services

Microsoft PowerShell script to enumerate security group members and email a CSV report of the results


I needed to write a script to enumerate a couple of security groups containing my XenDesktop VDI users and email an attachment with all the user names on a weekly basis to other Citrix admins. I started writing the script with PowerShell and while Googling a cmdlet came across this post by Brian Gordon:

He did all the work for me! Thanks for this Brian!

I made a few small modifications to Brian’s PowerShell script. Here’s what I did to get it all running:

1. First make you get download the Quest (or Dell now) ActiveRoles Management Shell for Active Directory:

I used the ActiveRoles Management Shell for Active Directory 64-bit installer on my Server 2008 R2 box I was going to be running the script on.

2. I created a file called “VDI-Membership-Tracking.ps1” and pasted Brian’s script with my changes. The main change is that I added the Quest snap-in to the first line of the .ps1 so it will contain everything it needs to run without outside arguments. Otherwise PowerShell won’t recognize the ActiveRoles cmdlets. I also wanted the CSV to contain the email address for each user. So my full script looks like this:

3. Lastly I scheduled it on my Server 2008 R2 box to run weekly every Monday morning. In Task Scheduler, I used the following Action while creating my task:

For the “Program/scripts”:

And the “Arguments”:
-executionPolicy unrestricted -file "D:\VDI Membership Tracking\VDI-Membership-Tracking.ps1"

So it should look something like this for you:


If you want to grab both the domain and user ID in “domain\userID” format then use NTAccountName instead of SamAccountName in your Select statement. Hope this helps someone and thank you again Brian!

About Jason Samuel

Jason Samuel lives in Houston, TX with a primary focus on strategic advisory and architecture of end-user computing, security, enterprise mobility, virtualization, and cloud technologies from Citrix, Microsoft, & VMware. He also has an extensive background in web architecture and networking over his 20+ year career in IT. He is an Author, Speaker, and Local User Group Community Leader. He is certified in several technologies and is 1 of 63 people globally that is a recipient of the prestigious Citrix Technology Professional (CTP) award. He is 1 of 42 people in the world that has been awarded as a VMware EUC Champion and VMware vExpert. He is a featured author on DABCC which provides the latest IT Community News on Cloud, Data Center, Desktop, Mobility, Security, Storage, & Virtualization. In his spare time Jason enjoys writing how-to articles and evangelizing the technologies he works with. Disclaimer: The content and opinions expressed in articles and posts are his own and are by no means associated with his employer.

Recommended for you

1 Comment

  1. Lucas

    March 1, 2019 at 6:22 AM

    Hello Brian,
    What change would be required in the script to route emails with external authentication?
    Well in my case I use office365.

Leave a Reply

Your email address will not be published. Required fields are marked *