Identifying users who exist in 2 groups

by blamb at 2012-11-05 14:11:24


I have need to produce a list of users from one list that exist in a second list (or more accurately, those who exist in both lists). Here is a bit of code that I came up with (which works):

# Large group that contains many users from many OUs
$grp1 = “Big_User_Group”

# Smaller group containing users from only a few OUs - it is a group of groups
$grp2 = “Focused_User_Group”

$a = Get-QADGroupMember $grp2 -SizeLimit 0 -Indirect
foreach($User in $a) {
if (Get-QADMemberOf $User -Name $grp1) {
“{0,-30}{1}” -f $User.Name,$User.ParentContainerDN

It is pretty basic in approach, fairly non-elegant and quite slow (or should I say ponderous). Additionally, if I wanted to expand this to include additional groups (say I wanted to locate someone in 4 groups), I think it would get even slower.

Did I miss the boat on this. I tried looking through the forum, but wasn’t sure exactly what to look under. Any input would be appreciated.

by Klaas at 2012-11-06 01:15:04
Get-QADUser -MemberOf ‘Big_User_Group’,'Focused_User_Group’

It seems too easy to be true, but it works for me.
by blamb at 2012-11-06 10:22:04

Very nice and oh so elegant. Here is a slight mod I had to do due to one group being a collection of groups:

Get-QADUser -IndirectMemberOf $grp1, $grp2
but it work well - still a bit ponderous, but not as much as the original code.