Show-ADGroupMembership (modification of post by view diff)
embed code: <script type="text/javascript" src="http://PoshCode.org/embed/684"></script>download | new post
This script uses the Quest AD cmdlets to retrieve AD Groups from an LDAP search root and maps their membership (shows nested groups using Doug Finke’s Show-NetMap scripts that leverage the Microsoft Research NetMap project. Improvements or suggestions welcomed!
- # Author: Steven Murawski http://www.mindofroot.com
- # This script requires the Show-NetMap script from Doug Finke and the NetMap files
- # These can be found at http://dougfinke.com/blog/?p=465
- #
- # Also required are the Quest AD Cmdlets.
- #requires -pssnapin Quest.ActiveRoles.ADManagement
- param([string]$SearchRoot= 'yourdomain.local/usersOU')
- Function New-SourceTarget ($s,$t) {
- New-Object PSObject |
- Add-Member -pass noteproperty source $s |
- Add-Member -pass noteproperty target $t
- }
- $groups = Get-QADGroup -GroupType Security -SearchRoot $SearchRoot
- [string[]]$GroupNames = $groups | foreach {$_.name}
- $sources = @()
- foreach ($group in $groups)
- {
- $name = $group.name
- foreach ($member in $group.members)
- {
- $SubGroupName = $member -replace '^CN=(.+?),OU=.*', '$1'
- if ($GroupNames -contains $SubGroupName)
- {
- $sources += New-SourceTarget $SubGroupName $name
- }
- }
- }
- . c:\scripts\powershell\Show-NetMap
- $sources | Show-NetMap
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.