Skip to content

Getting group members

The following code sample outputs a list of direct group members, not including members of nested groups.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the group
$groupDN = "CN=SalesGroup,CN=Users,DC=domain,DC=com"
$group = $admService.OpenObject("Adaxes://$groupDN", $NULL, $NULL, 0)

foreach ($memberGuidInByte in $group.Get("adm-DirectMembersGuid"))
{
    $memberGuid = New-Object "System.Guid" (,$memberGuidInByte)
    $memberGuid = $MemberGuid.ToString("B")
    $memberPath = "Adaxes://<GUID=$memberGuid>"
    $member = $admService.OpenObject($memberPath, $NULL, $NULL, 0)
    Write-Host $member.Name
}
Import-Module Adaxes

$identity = "SalesGroup" # sAMAccountName
# $identity = "CN=SalesGroup,CN=Users,DC=domain,DC=com" # DN
# $identity = "{EB5FEB21-E648-42AD-B86C-89D3C6807953}" # GUID
# $identity = "S-1-5-21-573937-2149998-410785" # SID

$members = Get-AdmGroupMember -Identity $identity -Server "domain.com" `
    -AdaxesService localhost

foreach ($member in $members)
{
    Write-Host $member.Name
}

The following code sample outputs a list of all group members, including members of nested groups.

[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$admNS = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$admService = $admNS.GetServiceDirectly("localhost")

# Bind to the group
$groupDN = "CN=SalesGroup,CN=Users,DC=domain,DC=com"
$group = $admService.OpenObject("Adaxes://$groupDN", $NULL, $NULL, 0)

foreach ($memberGuidInByte in $group.Get("adm-MembersGuid"))
{
    $memberGuid = New-Object "System.Guid" (,$memberGuidInByte)
    $memberGuid = $memberGuid.ToString("B")
    $memberPath = "Adaxes://<GUID=$memberGuid>"
    $member = $admService.OpenObject($memberPath, $NULL, $NULL, 0)
    Write-Host $member.Name
}
Import-Module Adaxes

$identity = "SalesGroup" # sAMAccountName
# $identity = "CN=SalesGroup,CN=Users,DC=domain,DC=com"  # DN
# $identity = "{EB5FEB21-E648-42AD-B86C-89D3C6807953}" # GUID
# $identity = "S-1-5-21-573937-2149998-410785" # SID

$members = Get-AdmGroupMember -Identity $identity -Recursive `
     -Server "domain.com" -AdaxesService localhost

foreach ($member in $members)
{
    Write-Host $member.Name
}

See also