Adam's AD Admin

Manage Shadow Group Membership - PowerShell Function I looked at a quick script to update a shadow group here , and then thought, this would make a good function. I have used my function template (refer to that post if you want to know more about how to format a function), to build up a reusable script to update group membership based on user and computer object location in AD. A traditional shadow group is all members of an OU. In my mind, there are a few assumptions to this statement. Being that you have taken the time to create an OU, put objects in it, and created a group to mirror those objects, you probably have only 1 type of object (i.e. user) and they are all similar in some respect (i.e. same office location). This function takes that in mind and only updates groups with users or computers - not other groups etc. Moving away from the traditional meaning of shadow group, I have added (for my own benefit as I required the functionality) a parameter to change the searchsco...

Get-ADGroup A simple cmdlet for powershell 2 AD management pack to get group information in one line. Example usage get-adgroup -identity "domain admins" get-adgroup -filter 'GroupScope -eq "Universal"' Define the parameters Identity takes a range of identifiers for the object. These include "Distinguished Name", "GUID", "SID", and "samaccountname". As all the cmdlets have been designed for interoperability, I find it best to use output from other commands like get-aduser. Full help file here . In a script This script gets detailed information about all the groups that user1 is a direct member of. get-aduser user1 -Properties memberof | select -expandproperty memberof | foreach {get-adgroup $_} Powershell without the Management pack To emulate the second example above, get all universal groups, I have chosen my GC search script  to return the information.  Note, all group type values have been list...