Unable to find all members in Active Directory groups

I am writing a VB.Net application that lists all the groups (190+) and their corresponding members from our OU and its subOUs.  However, after trying VB.Net DirectorySearcher and an additional 4-6 different vbscripts I am incurring the same problem.  I have a group (sqlServer) that is showng to be empty, even though it has a user acount (userSQL) if I check it manually.  The subOU that holds sqlServer has another two groups, sqlAgent and sqlText, that both have userSQL as their only member and the scripts list userSQL.  I do not understand why userSQL is listed for the first 2 groups and not the third.  I have manually checked 30+ groups and this is the only anomaly so far.  I didn't post any code since it is happening with 6 different scripts.  Thanks.

P.S. I woud prefer to not remove/insert the user because of that group's function.
tosmserversupportAsked:
Who is Participating?
 
Chris DentPowerShell DeveloperCommented:
Hello,

The simplest explanation would be that userSQL's Primary Group is set to sqlServer. The Primary Group isn't part of the memberOf / member combination and is instead matched by the primaryGroupID and primaryGroupToken attributes.

It should be pretty easy to see in the user properties.

HTH

Chris
0
 
Shabarinath RamadasanInfrastructure ArchitectCommented:
What is the scope of the group? Global or Domain Local or Universal?

Also, try this powershell and see the result.

Get-QADGroupMember -Identity "groupname"

To give more suggestion, please share the ldap filter you are using inside the code.

Good Luck
Shaba
0
 
tosmserversupportAuthor Commented:
Chris,

You are correct that sqlServer is userSQL's primary group.  I'm going to look into this more.  Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.