I have some code to get the groups of a user and write them down into an Arraylist, however ît will only find the groups where a user is directly in. It won't find groups deeper then 1 level.
For example: User is member of Group 1, Group 1 is member of Groups 2, etc. I will only find Group 1. Group 2 won't be written down into my ArrayList.
$Groups = Get-ADPrincipalGroupMembership -Server ESX-DC $GroupName
$GroupArrayList = New-Object System.Collections.ArrayList
foreach ($Group in $Groups)
{
$GroupArrayList.Add($Group.Name) | Out-Null
}
Can someone provide me some help here? Thanks.
I'm not aware of a recurse parameter so I think you have to write that for your own. How ever, I wrote a scripts for similar tasks. Might that helps.
function Get-ADPrincipalGroupMembershipRecurse
{
param
(
[Parameter(Mandatory = $true)]
[System.String]$Identity
)
$script:Groups = @()
function Get-NestedAdGroups
{
param
(
[Parameter(Mandatory = $true)]
[System.String]$Identity
)
$ADGroup = Get-ADGroup -Identity $Identity -Properties MemberOf, Description
$script:Groups += $ADGroup
foreach ($Group in $ADGroup.MemberOf)
{
if ($script:Groups.DistinguishedName -notcontains $Group)
{
Get-NestedAdGroups -Identity $Group
}
}
}
foreach ($Group in (Get-ADUser -Identity $Identity -Properties MemberOf).MemberOf)
{
Get-NestedAdGroups -Identity $Group
}
return ($script:Groups | Sort-Object -Unique)
}
Get-ADPrincipalGroupMembershipRecurse -Identity $SamAccountName