• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2089
  • Last Modified:

query group membership using powershell.

Hi,

I need a PS script that allows me to enter a AD group name and return the subgroups, members (Firstname, Lastname, samid).

I see this script from the web.  Can that be used?

Please advise.  

param
(  
    [Parameter(Mandatory=$true,position=0)]
    [String]$GroupName
)

import-module activedirectory

# optional, add a wild card..
# $groups = $groups + "*"

$Groups = Get-ADGroup -filter {Name -like $GroupName} | Select-Object Name

ForEach ($Group in $Groups)
   {write-host " "
    write-host "$($group.name)"
    write-host "----------------------------"

    Get-ADGroupMember -identity $($group.name) -recursive | Select-Object samaccountname

 }
write-host "Export Comlete"
0
nav2567
Asked:
nav2567
1 Solution
 
Kent DyerCommented:
Does it have to be Powershell?  Can you browse / View Active Directory Users and Computers from a member server or DC?  You should be able to check group membership there..  Or, is this for say a regular domain user or manager to check group membership?  Need to understand the audience that would be using such a script..  And is this to add/remove membership or just to simply run queries to verify membership?
0
 
Tommy_CooperCommented:
Get-ADGroupMember -Identity MyGroupName

Open in new window



Is where to start.  If this gives you subgroups, just pipe it back to Get-ADGroupMember:

Get-ADGroupMember -Identity MyGroupName |Get-ADroupMember

Open in new window


you can use Select-Object to get the name of the account that is a member and the SamAccountName:

Get-ADGroupMember -Identity MyGroupName |Select-Object Name,SamAccountName

Open in new window

0
 
nav2567Author Commented:
I am getting this error when trying to execute the script.  Please advise again.

The term 'Get-ADGroupMember' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At C:\script\list group member\list_group_members.ps1:1 char:18
+ Get-ADGroupMember <<<<  -Identity MyGroupName |Select-Object Name,SamAccountName
    + CategoryInfo          : ObjectNotFound: (Get-ADGroupMember:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
SubsunCommented:
You need windows 2008 R2 domain controller to run the AD powershell commands.. If you have it then.. load the activedirectory module before you run the code. You may use Export-csv to export he details to csv file.. And if you you need to add -Recursive switch to get the recursive membership details..
Try..
Import-Module activedirectory
Get-ADGroupMember TestGroup -Recursive | Get-ADUser -Properties * | Select sAMAccountName,givenName,SN | Export-csv C:\report.csv -nti

Open in new window

0
 
nav2567Author Commented:
Subsun, your script works.

Would you please show me how to have the script to prompt and input a group name and export the group members and sub-group(s)?
0
 
SubsunCommented:
Try to add parameter to script as shown in the code example which you have posted.. You need to save the code to .ps1 file format and run it from PowerShell console..
param
(  
    [Parameter(Mandatory=$true,position=0)]
    [String]$GroupName
)
Import-Module activedirectory
Get-ADGroupMember $GroupName -Recursive | Get-ADUser -Properties * | Select sAMAccountName,givenName,SN | Export-csv C:\report.csv -nti

Open in new window

Or you can Use Read-Host command..
$GroupName = Read-Host "Input the group name"
Import-Module activedirectory
Get-ADGroupMember $GroupName -Recursive | Get-ADUser -Properties * | Select sAMAccountName,givenName,SN | Export-csv C:\report.csv -nti

Open in new window

0
 
nav2567Author Commented:
Thanks everyone.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now