So i noticed on a server that we have some scripting/coding going on that our IT dept has done something weird with AD user accounts that are part of a windows local user group… for example let’s say you have 2 domains ABC and XYZ…
so in computer manager in windows in local users and groups i have a group called testgroup1… in that group i have the following users listed via the group GUI sorry i don’t have a screenshot and i’m not listing the actual real domain names
[from windows UI properties of the group testgroup1]
ABC\user1
ABC\user1 (XYZ\user1)
ABC\user2
ABC\user2 (XYZ\user2)
ABC\user3
now ABC is a newer domain and XYZ is an older domain that might likely be decommed or something in the future by my IT dept…
my issue is i’m using pshell cmd Get-LocalGroupMember to display the output of what users are in that local user group
PS C:\WINDOWS\system32> Get-LocalGroupMember -Group “testgroup1”
ObjectClass Name PrincipalSource
User ABC\user1 ActiveDirectory
User ABC\user1 ActiveDirectory
User ABC\user2 ActiveDirectory
User ABC\user2 ActiveDirectory
User ABC\user3 ActiveDirectory
so that’s my issue via our scripting/coding i have no way to tell which was the one that was added originally as XYZ domain :(… now i can tell you that user1 was added to the groups as:
ABC\user1
XYZ\user1
and after some days pass not sure how long, IT is going behind the scenes and converting the XYZ\user1 into “ABC\user1 (XYZ\user1)” , then my issue i’m posting about becomes well an issue at that point.
so i tried adding a -verbose to the Get-LocalGroupMember that didn’t work. has anyone seen anything like this or have some other solution ? i’m coming up short handed searching on google. I need to be able to pull that extra info for XYZ domain so i know which user is which.