joeware - never stop exploring... :)

Information about joeware mixed with wild and crazy opinions...

Using PowerShell Get-ADGroup Question…

by @ 10:59 pm on 7/31/2013. Filed under tech

So I am trying to duplicate the output of a very simple AdFind command to locate a universal group and enumerate the members in a simple quoted DN format. I want identical output to the console or perhaps I could live without the quotes.

The AdFind command looks like:

adfind -gcb -f "displayname=some group displayname" member –qlist

 

I spent more time than I should trying to figure out how to duplicate it. Nothing intuitive seemed to work.

Apparently Get-ADGroup requires you to specify the actual GC name and port in order to perform a GC search… Several other ADWS cmdlets seem to require the same. WTF?? Seriously? Anyone remember serverless bind on the team that wrote those cmdlets? How hard is it to add a simple -gc switch or if you absolutely must -GlobalCatalog or even -PleaseUseAD***GlobalCatalog?

The best I have gotten to to this point is:

$gc=(Get-ADDomainController -discover -service globalcatalog).hostname[0] + ":3268" ; $dn=(Get-ADGroup -server $gc -searchbase "" -f ‘displayname -eq "some group displayname"’).distinguishedname ; (Get-ADGroupMember $dn).distinguishedname

Even for PowerShell that seems a bit verbose. What am I doing wrong?

    joe

Rating 4.00 out of 5

One Response to “Using PowerShell Get-ADGroup Question…”

  1. Miguel says:

    Hi Joe,

    Absolutely share the same pain with you. Several times I have spent way more time to get some output from a powershell cmdlet to give up and run a simple old school command, or vbscript to accomplish the same task in a fraction of the time.

    I would stick with adfind. 🙂

[joeware – never stop exploring… :) is proudly powered by WordPress.]