0 votes

We are attempting to use the member property in a powershell script for all groups. We get this error message on certain groups that are used as "primary". If we set another group as primary for a member of the group, the member property will then "show up"

As you can see, this group we are working with as 442 members. image.png

But the 'member' property just shows the single member in the group in which the group is not the primary.

image.png

by (3.3k points)

1 Answer

0 votes
by (174k points)
selected by
Best answer

Hello Mark,

Primary group membership is neither reflected in the Member Of (in the member properties) nor in the Member (in group properties) attributes. Instead, members get the Primary Group ID property populated with the group identifier that is stored in the Primary Group Token attribute of the group. This behavior is by design in Active Directory and is not related to Adaxes.

According to your screenshots, there is only one member of the Domain Contractors group for which the group is not set as primary. For the rest 441 accounts the group is set as primary and thus they are not present in the Member property, but are displayed on the Members tab as they are members of the group according to the Primary Group ID value in their accounts.

For an example on how to get the Primary Group ID of an account and then use it, have a look at the following script from our repository: https://www.adaxes.com/script-repository/remove-all-group-memberships-for-a-user-account-s33.htm. Should you still have issues updating your script to work as desired, please, provide us with all the possible details on the required script and we will help you.

Related questions

0 votes
0 answers

Hi, Not worked with Adaxes before and just as I joined company we've had domain migration in place. After migration, whenever we want to access Exchange properties of a user ... works fine across domain..? Any ideas, however basic they may be?? regards Robert

asked Oct 16, 2019 by roberttryba (450 points)
0 votes
1 answer

There is a script to indicated if a user is a member of any listed groups. Is it possible to have a version of the script that checks a group or member of any nested group? Current script page: https://www.adaxes.com/script-repositor ... s-s294.htm

asked Apr 30, 2018 by adaxes_user (2.1k points)
0 votes
1 answer

Hello, I have a web service that checks if a user is a member of a group. I am not concerned if they are a direct member or an indirect member of a group, but if the user is in the ... I pass it User A and Group 1. I am using ADSI, c# (.Net 4.0), and WCF.

asked Feb 23, 2014 by mbcalvin (1.1k points)
0 votes
1 answer

Hello We are using the Computer Manager security role and have given access to this group of staff to a web console, what I can't get working is getting it to display the ... else like OS, service pack, role are displaying OK. Can you help please? Thank you.

asked Feb 4, 2015 by CBurn (3.3k points)
0 votes
1 answer

I'd like to be able to either send an email report or export a CSV of all of the business rules carried out when a user is disabled. This would be ... Management Activity section but this includes things that weren't part of the disable operation. Thanks

asked Feb 19 by bavery (250 points)
2,135 questions
1,900 answers
5,319 comments
3,530 users