PowerShell script to return members of multiple security groups

Question

I need to return all members of multiple security groups using PowerShell. Handily, all of the groups start with the same letters.

I can return a list of all the relevant security groups using the following code:

Get-ADGroup -filter 'Name -like"ABC*"' | Select-Object Name

And I know I can return the membership list of a specific security group using the following code:

Get-ADGroupMember "Security Group Name" -recursive | Select-Object Name

However, I can't seem to put them together, although I think what I'm after should look something like this (please feel free to correct me, that's why I'm here!):

$Groups = Get-ADGroup -filter 'Name -like"ABC*"' | Select-Object Name
ForEach ($Group in $Groups) {Get-ADGroupMember -$Group -recursive | Select-Object Name

Any ideas on how to properly structure that would be appreciated!

Thanks,

Chris

score 13 · Answer 1 · edited Nov 20 '17 at 23:06

13

This is cleaner and will put in a csv.

Import-Module ActiveDirectory

$Groups = (Get-AdGroup -filter * | Where {$_.name -like "**"} | select name -expandproperty name)


$Table = @()

$Record = [ordered]@{
"Group Name" = ""
"Name" = ""
"Username" = ""
}



Foreach ($Group in $Groups)
{

$Arrayofmembers = Get-ADGroupMember -identity $Group | select name,samaccountname

foreach ($Member in $Arrayofmembers)
{
$Record."Group Name" = $Group
$Record."Name" = $Member.name
$Record."UserName" = $Member.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord

}

}

$Table | export-csv "C:\temp\SecurityGroups.csv" -NoTypeInformation

edited Nov 20 '17 at 23:06

Baum mit Augen

49,044
25
144
182

answered Jan 05 '15 at 23:43

Joseph Alves

141
1
3

Fantastic! This also allows you to get the groupname into your CSV by using new PS objects. Nice. – jcarpio Apr 22 '15 at 18:16
This worked for me after I removed [`[ordered]`](https://stackoverflow.com/q/10238698/1026) for PS2.0 (check your version with [$PSVersionTable.PSVersion](https://stackoverflow.com/a/1825807/1026)), added `-Encoding UTF8` to the `Export-CSV` to handle non-ascii characters in names, and added `-recursive` to Get-ADGroupMember to list members of the nested groups (alternately you might want to add the `objectClass` attribute to the output to distinguish member groups from member users). – Nickolay Mar 01 '19 at 06:49
Fantastic! Thanks so much for this!q – user1227883 May 12 '23 at 01:31

score 4 · Accepted Answer · answered Jun 19 '13 at 16:18

4

If you don't care what groups the users were in, and just want a big ol' list of users - this does the job:

$Groups = Get-ADGroup -Filter {Name -like "AB*"}

$rtn = @(); ForEach ($Group in $Groups) {
    $rtn += (Get-ADGroupMember -Identity "$($Group.Name)" -Recursive)
}

Then the results:

$rtn | ft -autosize

answered Jun 19 '13 at 16:18

AndyMeFul

489
4
13

Thanks, I made one small change just to return the name only, which made the script into the following: $Groups = Get-ADGroup -Filter {Name -like "TIG*"} $rtn = @() ForEach ($Group in $Groups) { $rtn += (Get-ADGroupMember -Identity "$($Group.Name)" -Recursive | select-object name) } $rtn | ft' This did return duplicates (since some people are in multiple groups), however for me this was fine as I just copied the results into Excel and removed duplicates. Thanks very much, Chris – Chris Jun 19 '13 at 16:28
1

Glad I could help.. As a side note, adding: `$rtn | select Name -unique | ft -autosize` when returning results would have eradicated the duplicates. – AndyMeFul Jun 19 '13 at 16:37
This is a little easier with the same results: get-ADGroup -filter {Name -like "AB*"} | get-ADGroupMember | ft -AutoSize Good luck! :) – Matt Penner Aug 02 '14 at 00:10

score 4 · Answer 3 · answered Nov 24 '14 at 17:19

4

Get-ADGroupMember "Group1" -recursive | Select-Object Name | Export-Csv c:\path\Groups.csv

I got this to work for me... I would assume that you could put "Group1, Group2, etc." or try a wildcard. I did pre-load AD into PowerShell before hand:

Get-Module -ListAvailable | Import-Module

answered Nov 24 '14 at 17:19

BMOREiTGUY

49
1
4

http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx – Iman Dec 02 '14 at 06:23
The above link is titled "How to add Active Directory module in PowerShell in Windows 7" – Nickolay Mar 01 '19 at 06:27
You can *not* 'put "Group1, Group2, etc.': "Cannot find an object with identity: 'Group1, Group2'" – Nickolay Mar 01 '19 at 06:29

score 3 · Answer 4 · 2019-02-08T15:24:34.493

This will give you a list of a single group, and the members of each group.

param
(   
    [Parameter(Mandatory=$true,position=0)]
    [String]$GroupName
)

import-module activedirectory

# optional, add a wild card..
# $groups = $groups + "*"

$Groups = Get-ADGroup -filter {Name -like $GroupName} | Select-Object Name

ForEach ($Group in $Groups)
   {write-host " "
    write-host "$($group.name)"
    write-host "----------------------------"

    Get-ADGroupMember -identity $($groupname) -recursive | Select-Object samaccountname

 }
write-host "Export Complete"

If you want the friendly name, or other details, add them to the end of the select-object query.

Hi user2883951, it works like a charm, however it doesn't display the Group name before it list the username each ? — Senior Systems Engineer, Oct 21 '13 at 00:09

PowerShell script to return members of multiple security groups

4 Answers4

Linked