none
What AD CmdLet allows outputting of nested groups and members of each group at the lowest level? RRS feed

  • Question

  • I'm not asking for a script to be written, but before I go and write a script to do this I want to make sure I'm just not missing the fact that the functionality already exists in one of the AD CmdLets and I'm just not finding it.

    Input: Group(s) name or Like Group Name

    Output I am looking for (recursively):

    What is in the input in a table:

    • If a user, list user name, samaccountname, Group Name that the person is contained in.
    • If a Group, just list the Group

    Take only the Groups from the list above and repeat the output from above

    • If a user, list user name, samaccountname, Group Name that the person is contained in.
    • If a Group, just list the Group

    Continue the process until the result list has no groups left.

    The objective is to determine how someone is being included in a Group when there are nested groups.

    I already can get a list of users who eventually are contained in an AD Group that I feed into Get-ADGroup and with the -recursive parameter it gets me all the users.  What I can't seem to get is which nested AD Group were they found in.  I just know they got included somewhere along the line.

    Monday, August 28, 2017 3:04 PM

Answers