List AD groups that contain nested groups
Need a script to list only the AD groups that contain groups. Would like to have an option to include or exclude listing all group members. Output needs to show full AD path where the main group and nested groups are located.
Thanks
Thanks
You can use AD Manager Plus (A ManageEngine tool, free to try) for the purpose.
ASKER
I am now on this network and it is a 2000 AD system and all the DCs are running 2000 SP4.
Anyone have a VBScript I could use to list which of their 416 AD groups contain groups?
Anyone have a VBScript I could use to list which of their 416 AD groups contain groups?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I can't find out how in 2000's ADUC how to do a search to list only groups that contain groups.
I was able to use ADFind to list all the groups. ADFind says there are 479 groups and ADUC says there are 416. I'll trust ADFind and Joe.
Just tried your ADFind line and it worked. Gave me a list of 62 groups. Let me verify a random sample.
I was able to use ADFind to list all the groups. ADFind says there are 479 groups and ADUC says there are 416. I'll trust ADFind and Joe.
Just tried your ADFind line and it worked. Gave me a list of 62 groups. Let me verify a random sample.
ASKER
I guess this will work. Your "adfind -default -f "&(objectcategory=group)(m
i.e. Domain Admins contains other groups but GroupABC has no members but is a member of GroupXYZ. WHen I look at GroupXYZ it shows GroupABC as a member.
That should work for this purpose.
Thanks
i.e. Domain Admins contains other groups but GroupABC has no members but is a member of GroupXYZ. WHen I look at GroupXYZ it shows GroupABC as a member.
That should work for this purpose.
Thanks
to get group memebrs you can add this
get-qadgroupmember $g | select name
Open in new window