Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Get-ADGroupMember PowerShell

Posted on 2014-04-01
2
Medium Priority
?
2,611 Views
Last Modified: 2014-04-01
I'm trying to get a list of users in a Domain Local security group.

For all of my other groups, that are either Global or Universal, I'm able to achieve this using the

Get-ADGroupMember command.

This does not seem to work with a domain local security group, and instead returns the following response:


Get-ADGroupMember : The operation completed successfully
At line:1 char:18
+ Get-ADGroupMember <<<<  "DomainLocal Group Name"
    + CategoryInfo          : NotSpecified: (DomainLocal Group Name:ADGroup) [Get-ADGroupMember], ADException
    + FullyQualifiedErrorId : The operation completed successfully,Microsoft.ActiveDirectory.Management.Commands.GetAD
   GroupMember

Open in new window


How can I get the list of users in my domain local security group?
0
Comment
Question by:fireguy1125
2 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 39970589
Get-ADGroupMember -Identity (Name of your group)
0
 
LVL 7

Accepted Solution

by:
Delete earned 2000 total points
ID: 39970619
My assumption is that you have a Foreign Security Principle in the Domain Local group that you are trying to query.  

If that is the case then try using Quest Active Roles Management for Active Directory which you can download here: http://www.quest.com/powershell/activeroles-server.aspx

Once you have those do the below command:

Get-QADGroupMember "GroupName" | Select Name
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question