[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to determine all users *NOT* already in a given group?

Posted on 2007-12-06
3
Medium Priority
?
272 Views
Last Modified: 2010-05-18
Of course, it's easy to see all users that ARE in a given group in Active Directory.  Is there a script or utility that will identify users that are NOT a member of a given group?
0
Comment
Question by:K A
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 200 total points
ID: 20420490
Not built-in.  You would need to write a script that will loop through each user in your AD database and compare it against the membership list of that group, and then probably log any that are missing to a text/CSV/whatever file. This process becomes more complicated if you need to chase nested group memberships, where one group can have another group (and thus the members of that group) as members.

Some good examples of testing for group membership for a single user (with examples that both do and do not chase nested group membership) can be found here: http://www.rlmueller.net/freecode1.htm
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question