Export/Import distribution group members

Open PowerShell with administrative privileges on a system that has access to the source forest and has the Active Directory module installed.

Use the following script to export group memberships to a CSV file

# Set the output path for the CSV file
$OutputFile = "C:\ExportedGroupMemberships.csv"

# Specify the distribution groups to export (wildcard '*' for all)
$DistributionGroups = Get-ADGroup -Filter {GroupCategory -eq "Distribution"}

# Create an array to store group memberships
$GroupMemberships = @()

foreach ($Group in $DistributionGroups) {
    # Get group members
    $Members = Get-ADGroupMember -Identity $Group.DistinguishedName | Where-Object { $_.objectClass -eq "user" -or $_.objectClass -eq "contact" }

    foreach ($Member in $Members) {
        $GroupMemberships += [PSCustomObject]@{
            GroupName       = $Group.Name
            MemberName      = $Member.Name
            MemberType      = $Member.ObjectClass
            MemberDistinguishedName = $Member.DistinguishedName
        }
    }
}

# Export to CSV
$GroupMemberships | Export-Csv -Path $OutputFile -NoTypeInformation -Encoding UTF8

Write-Host "Group memberships exported to $OutputFile"


Open the exported ExportedGroupMemberships.csv file and verify that the group names, member names, types, and distinguished names are listed correctly.




Ensure that the contacts from the source forest have been successfully created in the target forest. If not, use a script to import contacts based on the exported data.

Below is an Example script to create contact (for reference only):

# Path to CSV file containing exported contacts
$ContactsCsv = "C:\ExportedContacts.csv"

# Import and create contacts in the target forest
Import-Csv -Path $ContactsCsv | ForEach-Object {
    New-ADObject -Name $_.Name -Type contact -Path "OU=Contacts,DC=TargetDomain,DC=local" -OtherAttributes @{
        mail = $_.Mail
        targetAddress = $_.TargetAddress
    }
}

After run the script then confirm the contacts are correctly created in the target forest using the Active Directory Users and Computers (ADUC) console.




Use the following script to import the memberships from the CSV and add members to the corresponding groups in the target forest:

# Path to the exported group memberships CSV
$InputFile = "C:\ExportedGroupMemberships.csv"

# Import the CSV
$GroupMemberships = Import-Csv -Path $InputFile

foreach ($Membership in $GroupMemberships) {
    # Get the group in the target forest
    $TargetGroup = Get-ADGroup -Filter {Name -eq $Membership.GroupName}

    if ($TargetGroup) {
        # Add member to the target group
        try {
            Add-ADGroupMember -Identity $TargetGroup.DistinguishedName -Members $Membership.MemberDistinguishedName
            Write-Host "Added $($Membership.MemberName) to $($Membership.GroupName)"
        } catch {
            Write-Warning "Failed to add $($Membership.MemberName) to $($Membership.GroupName): $_"
        }
    } else {
        Write-Warning "Target group $($Membership.GroupName) not found"
    }
}

Check the distribution groups in the target forest to confirm that all members, including contacts, have been added successfully.

Ensure that the user account running the scripts has sufficient permissions in both source and target forests.
If user accounts and contacts have different distinguished names in the target forest, you may need to map them using a custom mapping file or logic.
If there’s a trust between forests, you can directly query and add members without exporting/importing CSVs.