List members of an Active Directory Group with powershell

Hi,

here are the code snippets to list all members of an Active Directory Group.

Some constants

# Define LDAP search root, the Global catalog of the domain
$sLDAPSearchRoot="LDAP://yourDomain.com:3268"
# The Groupname to looking for
$sGroupName="USR_GRP_IN_AD"

The LDAP query

# The query string
$sSearchStr ="(&(objectCategory=group)(name="+$sGroupName+"))"
# Get the search object
$oSearch=New-Object directoryservices.DirectorySearcher($oADRoot,$sSearchStr)
# Looking for the group
$oFindResult=$oSearch.FindAll()

On success, get a DirectoryEntry object for the group

$oGroup=New-Object System.DirectoryServices.DirectoryEntry($oFindResult.Path)

And list all members

$oGroup.Member|%{
	$oMember=New-Object System.DirectoryServices.DirectoryEntry($sLDAPSearchRoot+"/"+$_)
}

Attached is the ready to use script ListADGroup which supports two parameters. The Groupname which is mandatory and optional the domain. The default domain can be set in the script in the param section. Usage

PS D:\> ListADGroup.ps1 -g Groupname [-do yourDomain.com]

Michael

Advertisment to support michlstechblog.info

Powershell script to list all members of an Active Directory group
ListADGroup.ps1
Version: 1.0

1.4 KiB
2503 Downloads
Details...

My Knowledgebase for things about Linux, Windows, VMware, Electronic and so on…

Author:	Michael
Category:	Powershell Scripts
License:	GNU General Public License
Date:	February 23, 2015

Michls Tech Blog

Leave a Reply Cancel reply

My Knowledgebase for things about Linux, Windows, VMware, Electronic and so on…