Get AD Group Member - Different Domains

active-directory powershell powershell-v3.0 powershell-v4.0
16,771

I found using get-adgroup -properties member to be more reliable for returning all objects.

To get objects from different domains I do the following:

get-adgroup -properties member | select -expand member | get-adobject

From this get the distinguished name of the object, this will tell you what domain to search, so in the end you should have something like:

get-aduser $user -server $foundDomainDC
Share:
16,771

Related videos on Youtube

Admin
Author by

Admin

Updated on September 18, 2022

Comments

  • Admin
    Admin over 1 year

    I've been tasked with exporting the members of a few AD groups to .csv which I've always done in the past using the Get-ADGroupMember command in powershell, specifying the group name, selecting the property I need, and using export-csv.
    I seem to run into an issue with one group though which appears to be related to the fact that the AD group has members that belong to an external domain in a different forest. Essentially I run the following command below, but the output file comes out blank.

    Get-ADGroupMember -identity "VPN Users" | select name | Export-csv -path c:\vpnuserslist.csv -NoTypeInformation

    The output is the following:

    PS C:\Windows> Get-ADGroupMember -identity "VPN Users" | select name | Export-Csv -Path c:\vpnuserstest.csv -NoTypeInformation

Get-ADGroupMember : The operation completed successfully

At line:1 char:18

+ Get-ADGroupMember <<<<  -identity "VPN Users" | select name | Export-Csv -Path c:\vpnuserstest.csv -NoTypeInformation
    + CategoryInfo          : NotSpecified: (VPN Users:ADGroup) [Get-ADGroupMember], ADException
    + FullyQualifiedErrorId : The operation completed successfully,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember

    I also noticed that when going to the group in Active Directory Users and Computers, I receive a message:

    Active Directory Domain Services

    Some of the object names cannot be shown in their user-friendly form. This can happen if the object is from an external domain and that domain is not available to translate the object's name.

    Is there any way I can get the members successfully exported, regardless of if a few names aren't formatted properly, etc...? Thanks in advance for the help!

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Howto check if a powershell command succeeded or not?
Script for getting last reboot timestamp (2008r2)
Invoke-Restmethod breaks script in PS 4.0
powershell format a value that's already a string
Get-ADUser over multiple OUs and filter results
Remote Powershell not working but test-wsman does
Error with Get-ADUser: Invalid enumeration context
Powershell: How do you set the Read/Write Service Principal Name AD Permissions?
How to copy members from one security group to another security group in AD using PowerShell v4?
Get-ADUser filter by property length