PS script to get multi domain users from an AD group

Hi All,

I am trying to get users who are part of an AD group which is in domain ‘A’. But the users who are part of this AD group are from multiple domains ‘A’, ‘B’, ‘C’. I tried using Get-ADgroupmember command but it has a limitation in showing number of records. There are more than 6000 users in this AD group. Could you please help on this?

Thanks!

That’s quite vague. What does it show and what does it not show? Have you read the help for the cmdlet completely?

• This cmdlet does not work when a group has members located in a different forest, and the forest does not have Active Directory Web Service running.

Get-ADGroupMember shows only 5000 records. I have more than 6000 users

I used “Get-ADGroupMember shows only 5000 records.” to search for and this two hits were the first ones.

https://social.technet.microsoft.com/Forums/windows/en-US/780b02ec-833d-4ea1-8e51-400d73ae4efc/trying-to-list-members-of-groups-with-more-than-5000?forum=winserverpowershell

Yes I tried this as well. But the users are from multiple domains. This gives me users from only 1 domain.

(Get-ADGroup -Identity $Group -Properties Members).Members | Get-ADUser | Select-Object name,samAccountName | Export-Csv u:\groupmembers.csv

Hi,
I see 3 options:

1. Search Global Catalog get-adgroup or get-aduser have parameter -server, use it with port :3268
2. Do this in loop e.g foreach and search different domains, export-csv with -append
3. if you have access to Exchange shell you can use set-adserversettings -viewentireforest $true and do this from Exchange shell