I am trying to get a list of security groups in AD but I am not having much luck. When I check Active Directory Users and Computers MMC, I see:
blah.blah.com (top)
Group 1
Group1_1
Group1_2
Group1_2_1
Group2
and so on. What I need is all security groups in Group1_2_1 I tried using DirectoryEntry and DirectorySearcher using "(&(objectClass=group))" as search filter but I get things I can't even find in Active Directory Users and Computers MMC.
This is what I have in C# code:
// Binding path.
string strPath = "LDAP://<domain_name>.ABC.DEF.COM";
// Binding object.
DirectoryEntry objADAM = default(DirectoryEntry);
// Group Results.
DirectoryEntry objGroupEntry = default(DirectoryEntry);
// Search object.
DirectorySearcher objSearchADAM = default(DirectorySearcher);
// Results collection.
SearchResultCollection objSearchResults = default(SearchResultCollection);
// Construct the binding string.
List<string> result = new List<string>();
// Get the AD LDS object.
try
{
objADAM = new DirectoryEntry(strPath);
objADAM.RefreshCache();
}
catch (Exception e)
{
throw e;
}
// Get search object, specify filter and scope,
// perform search.
try
{
objSearchADAM = new DirectorySearcher(objADAM);
objSearchADAM.Filter = "Group1_2_1 (groupType:1.2.840.113556.1.4.803:=2147483648)";
//objSearchADAM.Filter = "(&(objectCategory=group)(OU=Group1_2)(OU=Group1_2_1))";
objSearchADAM.SearchScope = SearchScope.Subtree;
objSearchResults = objSearchADAM.FindAll();
}
Thanks.
Try: Setting your base to: Group1_2_1 (groupType:1.2.840.113556.1.4.803:=2147483648)
for some more examples. -jim
If this is for a single user security groups only then below is the one liner PowerShell script
Get-ADPrincipalGroupMembership -Identity >samaccount< | Where-Object {$_.distinguishedname -notcontains "config"}| Where-Object {$_.GroupCategory -notmatch "distribution"} | select name
This will first get the complete membership of a user -> then remove the membership for the 'config' groups -> then filter out distribution groups -> lastly it will give you only the names of the security groups.
Regards, Avisekh
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.