Sometimes, you need a list of all groups whose name contain a specific string, whether that is in the beginning, middle, or end of the group name. As we’ve seen previously, looking up groups in PowerShell is done with the Get-ADGroup command. Adding the -filter parameter allows us to find groups that satisfy our needs. Using asterisks as wildcards, we can specify whether the string should be at the start, middle, or end:
Last week, I showed you how I find all the nested members of a specified group. When we get requests for such audits, however, they usually specify doing so for a number of groups. Now, we could of course do it, one group at a time, adding information to our output as we go, however the script as written overwrites the file. What, then, if we want to run this on a number of groups, and avoid overwriting the file? That requires the -Append parameter:
Some time ago, I was asked to provide a list of everyone with access to a specific system. After communicating with the client, it transpired that they were particularly interested in knowing who were the members of a set of Active Directory groups. While this can be done manually, I wanted to try my hand at building a PowerShell-script that returned the information the client was asking for, and which I could reuse at some later point, as such requests pop up with some regularity.