Check if users are in group - powershell

Hi guys,

I have a list of users and a list of groups and I need to check if those users are in the group, so far I have written this script, please can someone help me complete it:

$m=Get-QADGroup "*pae*admin*" | Get-QADGroupMember

$p=Get-QADGroup "*pae*"

I need to check if the users in $m exist in the groups in $p

thank you in advance.
Kelly GarciaSenior Systems AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
1. "*pae*admin*"  
2. "*pae*"

will always return true as all members of 1 are members of 2  pae*admin* is a member of pae*
Chris DentPowerShell DeveloperCommented:
If "all" you want is people in both groups:
Get-QADUser -LdapFilter "(&(memberOf=CN=PAE Admin,OU=Somewhere,DC=domain,DC=com)(memberOf=CN=PAE,OU=Somewhere,DC=domain,DC=com))"

Open in new window

This doesn't support wildcards and you must use the full distinguished name of each group.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Kelly GarciaSenior Systems AdministratorAuthor Commented:

Is there anyone that can help me with this? I know its something simple, but I just can figure it out.

Chris DentPowerShell DeveloperCommented:
You'll have to clarify your intentions because the example you proposed in the beginning suffers from the group name confusion.

The most efficient way to check if a user exists in two groups is to write an LDAP query that only returns those results. However, it can't be a wild-card based search.

If you must use wild-cards you can't overlap them (as David has pointed out), it doesn't make sense to do so.

Is the example in the first instance accurate?

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.