PowerShell: Recursively Show User Membership in an Active Directory Group

A little bit of PowerShell for you today. This function uses the Microsoft Active Directory cmdlets to query Active Directory and recursively list the users that are members. This is handy if you want to know all the users in a group without having to dig down through the groups in the ADUC (Active Directory Users and Computers) interface.

I have tested this on Windows 7, Server 2008, Server 2008 R2, and Server 2012. So long as the Active Directory module is installed (part of the RSAT package) then it should work.

First, let’s import the ActiveDirectory module:

Now we add the function to the environment:

And test it out:

Note that the function expects the Distinguished Name of the group…I think the above is the easiest way to pass that information, but I’m no expert 🙂

Also, this function does not deduplicate names…if a user is in multiple groups that are sub-members of the group, then their name will appear multiple times.

Leave a Reply