Monday, 25 November 2019

Powershell for AD Querying

Powershell commands for mucking about with AD:

Basic info on the user:
Get-ADUser username

List all groups a user is in:
Get-ADPrincipalGroupMembership username | select name


List all users in a group
Get-ADGroupMember "Groupname" | select name


List all groups in the AD
Get-ADGroup -searchbase "OU=GROUPS_OU,DC=domain,DC=com" -Property member -Filter * | select-object name, @{n='count';e={$_.member.count}} | sort-object descending


Batch file to run powershell:
@echo off & setlocal
set batchPath=%~dp0
powershell.exe -ExecutionPolicy ByPass -file "%batchPath%file.ps1"