For some reason, ADSI is returning different membership results than Get-ADGroupMembership for “Domain Admins.” Any idea why? It is a standard (enabled) admin account that is in the Get-ADGroupMembership results, but not in ADSI results.
([adsi]'LDAP://CN=Domain Admins,OU=Admin and Service Accounts,DC=domain,DC=com' | select -ExpandProperty member).count 6 (get-adgroupmember 'domain admins' | select distinguishedname).count 7
I just want to make sure I am getting accurate results when expanding group members. Thanks!!!