So you have a AD Group and you need to find out, who are the members of this group. You could use some LDAP Browser tool. But it’s possible to use Microsoft PowerShell for that:
Here is the code:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Define LDAP search root, the Global catalog of the domain | |
$sLDAPSearchRoot="LDAP://YOUR.CORP.ORG" | |
# The Groupname to looking for | |
$sGroupName="AD_GROUPNAME" | |
# The query string | |
$sSearchStr ="(&(objectCategory=group)(name="+$sGroupName+"))" | |
# Get the search object | |
$oSearch=New-Object directoryservices.DirectorySearcher($oADRoot,$sSearchStr) | |
# Looking for the group | |
$oFindResult=$oSearch.FindAll() | |
$oGroup=New-Object System.DirectoryServices.DirectoryEntry($oFindResult.Path) | |
$oGroup.member | Out-GridView |