Powershell: List members of an Active Directory Group


here are the code snippets to list all members of an Active Directory Group.

Some constants

# Define LDAP search root, the Global catalog of the domain
# The Groupname to looking for

The LDAP query

# The query string
$sSearchStr ="(&(objectCategory=group)(name="+$sGroupName+"))"
# Get the search object
$oSearch=New-Object directoryservices.DirectorySearcher($oADRoot,$sSearchStr)
# Looking for the group

On success, get a DirectoryEntry object for the group

$oGroup=New-Object System.DirectoryServices.DirectoryEntry($oFindResult.Path)

And list all members

	$oMember=New-Object System.DirectoryServices.DirectoryEntry($sLDAPSearchRoot+"/"+$_)

Attached is the ready to use script ListADGroup which supports two parameters. The Groupname which is mandatory and optional the domain. The default domain can be set in the script in the param section. Usage

PS D:\> ListADGroup.ps1 -g Groupname [-do yourDomain.com]


Powershell script to list all members of an Active Directory group

Category:Powershell Scripts
License:GNU General Public License
Date:February 23, 2015
1.4 KiB

