Friday, 26 March 2021

Command line to list users in a Windows Active Directory group?


The ability to administer and maintain up-to-date user lists and groups is critical to the security of an organization.

Using the GUI

There are a number of different ways to determine which groups a user belongs to. First, you can take the GUI approach:

1.     Go to “Active Directory Users and Computers”.

2.     Click on “Users” or the folder that contains the user account.

3.     Right click on the user account and click “Properties.”

4.     Click “Member of” tab.

Using the Command Line 

gpresult /V

You’ll get output that looks like this (I’ve truncated it to only include the group info):



  





Another command line to export to an output file

dsquery group -name ‘groupname’ | dsget group -members | dsget user -display >> outputfilename.txt


0 comments: