List Domain Group Members


Meus queridos colegas de trabalho, segue abaixo script para listar os membros de todos os grupos de segurança do dominio do Active Directory:

$GroupInfo = ” | Select ‘Group Name’,’Group Description’,’Member Name’,’Member Description’
$AllGroups = @()
$MyGroups = Get-ADGroup -filter {GroupCategory -eq “Security”} -SearchBase “dc=DOMAIN,dc=LOCAL” -Properties Name,Member | select Name,Member
foreach($Group in $MyGroups){
$GroupInfo.’Group Name’ = $Group.Name
$GroupInfo.’Group Description’ = $Group.Description
foreach($Member in $Group.Member){
$User = Get-ADUser $Member -Properties Name | select Name
$GroupInfo.’Member Name’ = $User.Name
$GroupInfo | select ‘Group Name’,’Member Name’
$AllGroups += $GroupInfo | Select ‘Group Name’,’Member Name’
}
}

$AllGroups | Export-Csv allginfo.csv -NoTypeInformation

Podemos utilizar o mesmo script para filtrarmos membros de um único grupo.Para isso alteramos o parâmetro do filtro $MyGroups = Get-ADGroup -filter {GroupCategory -eq “Security”} que seleciona todos os grupos de segurança do domínio para $MyGroups = Get-ADGroup -filter {Name -eq “NomeDoGrupo”} .

Espero que seja útil!