Solved

Get-ADGroupMember PowerShell

Posted on 2014-04-01
2
2,308 Views
Last Modified: 2014-04-01
I'm trying to get a list of users in a Domain Local security group.

For all of my other groups, that are either Global or Universal, I'm able to achieve this using the

Get-ADGroupMember command.

This does not seem to work with a domain local security group, and instead returns the following response:


Get-ADGroupMember : The operation completed successfully
At line:1 char:18
+ Get-ADGroupMember <<<<  "DomainLocal Group Name"
    + CategoryInfo          : NotSpecified: (DomainLocal Group Name:ADGroup) [Get-ADGroupMember], ADException
    + FullyQualifiedErrorId : The operation completed successfully,Microsoft.ActiveDirectory.Management.Commands.GetAD
   GroupMember

Open in new window


How can I get the list of users in my domain local security group?
0
Comment
Question by:fireguy1125
2 Comments
 
LVL 28

Expert Comment

by:becraig
Comment Utility
Get-ADGroupMember -Identity (Name of your group)
0
 
LVL 7

Accepted Solution

by:
Delete earned 500 total points
Comment Utility
My assumption is that you have a Foreign Security Principle in the Domain Local group that you are trying to query.  

If that is the case then try using Quest Active Roles Management for Active Directory which you can download here: http://www.quest.com/powershell/activeroles-server.aspx

Once you have those do the below command:

Get-QADGroupMember "GroupName" | Select Name
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Set OWA language and time zone in Exchange for individuals, all users or per database.
Create and license users in Office 365 in bulk based on a CSV file. A step-by-step guide with PowerShell script examples.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now