1. PDQ Deploy & Inventory Help Center
  2. Community
  3. PowerShell

Can someone point me towards the script used by PDQ Inventory to get recursive Active Directory Groups of a computer?

Avatar
Joe Wiard
Updated

Can someone point me towards the script used by PDQ Inventory to get recursive Active Directory Groups of a computer?

EDIT: I've whipped this up myself. It seems to work. Here it is in case it can help someone else:

$tempUser = Read-Host "Gimme a username: "

$groupArray = @()
$tempGroups = @()

$groupArray += (get-aduser -identity $tempUser -properties memberof).memberof

While ((Compare-Object $groupArray $tempGroups).Length -ne 0)
{

$groupArray = $tempGroups

$tempGroups = @()

$tempGroups += (get-aduser -identity $tempUser -properties memberof).memberof

foreach ($group in $groupArray)
{
$tempGroups += (get-adobject -identity $group -properties memberof).memberof
}

}

$groupArray

0

Comments

4 comments
Date Votes
  • Avatar
    Colby Bouma

    If you're referring to one of Inventory's built-in scanners, those are written in C#, not PowerShell.

    Are you looking to pull the same information without using Inventory?

    0
  • Avatar
    Joe Wiard
    (Edited )

    I think I've come up with a script that does this. Here it is, for anyone with this same question. Hope it helps!


    $tempUser = Read-Host "Gimme a username: "

    $groupArray = @()
    $tempGroups = @()

    $groupArray += (get-aduser -identity $tempUser -properties memberof).memberof

    While ((Compare-Object $groupArray $tempGroups).Length -ne 0)
    {

    $groupArray = $tempGroups

    $tempGroups = @()

    $tempGroups += (get-aduser -identity $tempUser -properties memberof).memberof

    foreach ($group in $groupArray)
    {
    $tempGroups += (get-adobject -identity $group -properties memberof).memberof
    }

    }

    $groupArray

    0
  • Avatar
    Joe Wiard

    Colby Bouma, thanks for that info! For some reason, I thought active directory info was gathered with PowerShell. Good to know. Yes, my goal was to get the same info with PowerShell, and I think I've come up with a script that works.

    0
  • Avatar
    Wizz
    (Edited )

    Hey,

    Here is my dirty PDQ Inventory tool (Run type : Local) for this :

    #Computer AD groups
    $Computer = "$(Computer:TARGET)"
    #Message
    Write-Host "'$Computer' is member of :" -ForegroundColor Cyan

    #Get AD groups
    $ADComputerInfo = Get-ADComputer $Computer -Properties *
    If([string]::IsNullOrEmpty($ADComputerInfo.MemberOf) -eq $True) {
    Write-Host "No group !"
    }
    Else {
    #Human output, group's name only
    $Inputstring = $ADComputerInfo.MemberOf
    $split = $Inputstring.split("`n")
    $result = Foreach ($line in $split) {
    $input = $line.split(",")[0]
    $output = $input -replace 'CN='
    $output
    }
    $result
    }
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post