I am trying to get the count of the total members of AD Groups in particular OU. These groups contain some nested groups as well. I am not able to get the exact count, in some groups, I am getting a blank, when I checked them individually, I found there are some members present. Also, there are some nested groups as well inside those groups, my code is not able to display them as well. I am pasting the code below, kindly suggest some modification (Don’t want to change the whole code :)):
edit. This becomes perpetual motion machine when Group1 was member of Group5. So not working as it should.
edit2. Thanks to Aapeli Hietikko for pointing the $global:collection. Manager to resolve the perpetual motion machine and it skips if the child group is already found as parent.
edit. This becomes perpetual motion machine when Group1 was member of Group5. So not working as it should.
edit2. Thanks to Aapeli Hietikko for pointing the $global:collection. Manager to resolve the perpetual motion machine and it skips if the child group is already found as parent.
edit3. Seems like I have modified this too many times, sorry admins!
There are lots of examples, some fully built that handle this exact use case. Here are a few from my OneNote library have had for a few years on this topic.
Token Bloat Troubleshooting by Analyzing Group Nesting in AD
This tool started when I was finding ways to analyze the complexity of group memberships in AD. Other than the usual average/median/min/max of number of members, number of memberships etc, I was also interested in finding out the maximum nesting levels of groups and the recursive group membership count. For e.g. in the diagram below, the maximum nesting level of ‘group a’ is 3 and its recursive group membership count is 6.
Get nested group membership - function
This function will recursively enumerate members of a given group along with nesting level and parent group information. If there is a circular membership, it will be displayed in Comment column.It accepts input from pipeline and works well with get-adgroup.
Get AD Nested Group Members with Powershell
This article helps you to query nested AD group members using powershell. We can get group members by using the Active Directory powershell cmlet Get-ADGroupMember. The Get-ADGroupMember cmdlet provides the option to get all the nested group members by passing the parameter -Recursive. This powershell script also handles circular membership (infinite loop) problem.
‘Get AD Nested Group Members with Powershell - MorganTechSpace’
How to find and report nested groups in Active Directory using PowerShell