Forum Discussion
Export/Import distribution group members
We're migrating from one forest to another and among other things we have to migrate memberships of distribution groups betweene the two.
The problem arised because many distribution groups in the source forest contains "contacts" as members.
Since we're using ADMT, which does not migrate contacts, to do the migrations we have exported/imported contacts to the target forest.
Now when we migrate the distribution groups they lack the contacts in the membership so we thought of a way to read the distribution group membership from the source domain and update them in the target domain but couldn't manage to get the script working.
How can we remotely run the script to extract the group memebership from source domain and add them in the corresponding groups in the target domain
- Mks_1973Iron Contributor
Open PowerShell with administrative privileges on a system that has access to the source forest and has the Active Directory module installed.
Use the following script to export group memberships to a CSV file# Set the output path for the CSV file
$OutputFile = "C:\ExportedGroupMemberships.csv"# Specify the distribution groups to export (wildcard '*' for all)
$DistributionGroups = Get-ADGroup -Filter {GroupCategory -eq "Distribution"}# Create an array to store group memberships
$GroupMemberships = @()foreach ($Group in $DistributionGroups) {
# Get group members
$Members = Get-ADGroupMember -Identity $Group.DistinguishedName | Where-Object { $_.objectClass -eq "user" -or $_.objectClass -eq "contact" }foreach ($Member in $Members) {
$GroupMemberships += [PSCustomObject]@{
GroupName = $Group.Name
MemberName = $Member.Name
MemberType = $Member.ObjectClass
MemberDistinguishedName = $Member.DistinguishedName
}
}
}# Export to CSV
$GroupMemberships | Export-Csv -Path $OutputFile -NoTypeInformation -Encoding UTF8Write-Host "Group memberships exported to $OutputFile"
Open the exported ExportedGroupMemberships.csv file and verify that the group names, member names, types, and distinguished names are listed correctly.
Ensure that the contacts from the source forest have been successfully created in the target forest. If not, use a script to import contacts based on the exported data.
Below is an Example script to create contact (for reference only):# Path to CSV file containing exported contacts
$ContactsCsv = "C:\ExportedContacts.csv"# Import and create contacts in the target forest
Import-Csv -Path $ContactsCsv | ForEach-Object {
New-ADObject -Name $_.Name -Type contact -Path "OU=Contacts,DC=TargetDomain,DC=local" -OtherAttributes @{
mail = $_.Mail
targetAddress = $_.TargetAddress
}
}
After run the script then confirm the contacts are correctly created in the target forest using the Active Directory Users and Computers (ADUC) console.
Use the following script to import the memberships from the CSV and add members to the corresponding groups in the target forest:# Path to the exported group memberships CSV
$InputFile = "C:\ExportedGroupMemberships.csv"# Import the CSV
$GroupMemberships = Import-Csv -Path $InputFileforeach ($Membership in $GroupMemberships) {
# Get the group in the target forest
$TargetGroup = Get-ADGroup -Filter {Name -eq $Membership.GroupName}if ($TargetGroup) {
# Add member to the target group
try {
Add-ADGroupMember -Identity $TargetGroup.DistinguishedName -Members $Membership.MemberDistinguishedName
Write-Host "Added $($Membership.MemberName) to $($Membership.GroupName)"
} catch {
Write-Warning "Failed to add $($Membership.MemberName) to $($Membership.GroupName): $_"
}
} else {
Write-Warning "Target group $($Membership.GroupName) not found"
}
}
Check the distribution groups in the target forest to confirm that all members, including contacts, have been added successfully.Ensure that the user account running the scripts has sufficient permissions in both source and target forests.
If user accounts and contacts have different distinguished names in the target forest, you may need to map them using a custom mapping file or logic.
If there’s a trust between forests, you can directly query and add members without exporting/importing CSVs.