none
Equivalent to Get-ADGroupMember but using [adsisearcher] RRS feed

  • General discussion

  • Hello there,

    Does anyone know how can i get the equivalent to this

    Get-ADGroupMember -identity "$group" -Recursive |Where-Object ObjectClass -EQ user| select SamAccountname -ExpandProperty SamAccountname

    But using [adsisearcher] ? 
    • Changed type Bill_Stewart Tuesday, September 29, 2015 3:43 PM
    • Moved by Bill_Stewart Tuesday, September 29, 2015 3:43 PM Poor quality question/shows no research effort
    Thursday, August 27, 2015 4:24 PM

All replies

  • Look in the repository for many scripts that will do that.


    \_(ツ)_/

    Thursday, August 27, 2015 4:35 PM
  • But using [adsisearcher] ? 
    Why?

    -- Bill Stewart [Bill_Stewart]

    Thursday, August 27, 2015 6:05 PM
  • Because firewall is blocking Webservice port and for security user they dont want to disable it :| ...

    Thursday, August 27, 2015 9:46 PM
  • What does a firewall have to do with AD cmdlets? [ADSISearcher] still has to run a query against Active Directory, just like the AD cmdlets.


    -- Bill Stewart [Bill_Stewart]

    Thursday, August 27, 2015 10:00 PM
  • But it runs it on another port ( the requests are made to another port ). and that port is the port that is used by any AD client so i have sure it wont be blocked :)
    • Edited by Arestas Friday, August 28, 2015 8:24 AM
    Friday, August 28, 2015 8:22 AM
  • Ad CmdLets run on port 389 too.  That is the standard for AD.  CmdLets use ADSI classes.

    If you are in a WS2003 domain then you will be using the RSAT tools. If in a 2008R2 or later domin just install the Admin support tools for the version of AD you are using.

    If you want adsi then look in the repository for many examples and complete scripts.

    Here is a starter:

    $group=([adsisearcher]'samaccountname=testgrp2').FindOne().GetDirectoryEntry()
    $group.member


    \_(ツ)_/

    Friday, August 28, 2015 8:36 AM
  • But it runs it on another port ( the requests are made to another port ). and that port is the port that is used by any AD client so i have sure it wont be blocked :)

    I'm not sure where you are getting your information, but that's not correct. No matter whether you use .NET classes directly or the AD cmdlets, both will need to connect to an AD domain controller to perform queries.


    -- Bill Stewart [Bill_Stewart]

    Friday, August 28, 2015 2:21 PM