Solved

How to determine all users *NOT* already in a given group?

Posted on 2007-12-06
3
261 Views
Last Modified: 2010-05-18
Of course, it's easy to see all users that ARE in a given group in Active Directory.  Is there a script or utility that will identify users that are NOT a member of a given group?
0
Comment
Question by:K A
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 50 total points
ID: 20420490
Not built-in.  You would need to write a script that will loop through each user in your AD database and compare it against the membership list of that group, and then probably log any that are missing to a text/CSV/whatever file. This process becomes more complicated if you need to chase nested group memberships, where one group can have another group (and thus the members of that group) as members.

Some good examples of testing for group membership for a single user (with examples that both do and do not chase nested group membership) can be found here: http://www.rlmueller.net/freecode1.htm
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question