none
Find Duplicate Members in more than two Active Directory Groups RRS feed

  • Question

  • hi,

    I am trying to find out duplicate members in more than two active directory groups. I am new to powershell and only found one script that gives me only duplicate members in two groups. If any one can help 

    Wednesday, June 4, 2014 3:11 PM

Answers

  • Works better with just the DNs

    $Groups = get-adgroup -filter { name -like '*ABC*'} |
     select  -ExpandProperty DistinguishedName
    
    $ht = @{}
    
    foreach ( $Group in $Groups )
     {
      foreach ( $Member in (Get-ADGroupMember $Group) )
       {
         $ht[$Member.DistinguishedName] += @($Group)
       }
     }
    
     $ht.GetEnumerator() | Where { $_.Value.count -gt 1 }


    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 5:10 PM
    Moderator

All replies

  • You cannot have duplicate members in a group.  Are you asking to locate a member in all subgroups of a group?

    Get-AdGroupMember should be able to do this for you.


    ¯\_(ツ)_/¯

    Wednesday, June 4, 2014 3:44 PM
  • Are you wanting to take a list of groups and find the members that are common to all the groups?

    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 3:48 PM
    Moderator
  • I just want a list of 8 groups if a member is in more than one group
    Wednesday, June 4, 2014 4:01 PM
  • I have this script that find duplicate members in two groups

    $GroupAMembers = "" 
    $GroupBMembers = "" 
    $Members_A = "" 
    $Members_B = "" 
     
    $GroupAMembers = Get-ADGroupMember (groupname)
    $GroupBMembers = Get-ADGroupMember (groupname)
     
    ForEach ($Members_A in $GroupAMembers){ 
      ForEach ($Members_B in $GroupBMembers){ 

    if ($Members_A.name -eq $Members_B.name)
    {
    Write-Host $Members_A.name
    }   
        
     }
       

    Wednesday, June 4, 2014 4:03 PM
  • Do you need to know which groups, or just a boolean True/False that they're a member of more than 1?

    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 4:03 PM
    Moderator
  • yea I need to know members and groups also
    Wednesday, June 4, 2014 4:07 PM
  • I have eight groups I just need list of users those are member of more than one groups
    Wednesday, June 4, 2014 4:09 PM
  • Try this:

    $Groups = Get-ADGroup -filter {name -like '*ABC*'}
    
    $ht = @{}
    
    foreach ( $Group in $Groups )
     {
      foreach ( $Member in (Get-ADGroupMember $Group) )
       {
         $ht[$Member] += @($Group)
       }
     }
    
     $ht.GetEnumerator() | Where { $_.Value.count -gt 1 }


    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "


    Wednesday, June 4, 2014 4:14 PM
    Moderator
  • there are many groups in active directory but I have to find out users in only 8 groups. this above script is for whole adgroups. if you could use filter Name -like "ABC* and create a script that would be great.
    Wednesday, June 4, 2014 4:18 PM
  • Done.

    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 4:22 PM
    Moderator
  • I tried that script but doesn't give me any results
    Wednesday, June 4, 2014 4:35 PM
  • Works better with just the DNs

    $Groups = get-adgroup -filter { name -like '*ABC*'} |
     select  -ExpandProperty DistinguishedName
    
    $ht = @{}
    
    foreach ( $Group in $Groups )
     {
      foreach ( $Member in (Get-ADGroupMember $Group) )
       {
         $ht[$Member.DistinguishedName] += @($Group)
       }
     }
    
     $ht.GetEnumerator() | Where { $_.Value.count -gt 1 }


    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 5:10 PM
    Moderator
  • that's work thank you so much. If you can help that I can create report of these users like name, ADgroup and export to a csv file that would be much appriciated.

    Thanks

    Wednesday, June 4, 2014 5:53 PM
  • That's what we call "scope creep", and try to avoid.  How to get data from a hash table to a report is a completely different question, and deserves it's own thread.

    [string](0..33|%{[char][int](46+("686552495351636652556262185355647068516270555358646562655775 0645570").substring(($_*2),2))})-replace " "

    Wednesday, June 4, 2014 6:04 PM
    Moderator
  • Thanks Mjolinor
    Wednesday, June 4, 2014 8:33 PM