How to List AD Group Members using PowerShell or Netwrix Auditor

Native Auditing vs. Netwrix Auditor for Active Directory

Native Auditing Netwrix Auditor for Active Directory

Native Auditing

Netwrix Auditor for Active Directory

Steps

To list members of an AD group, follow these easy steps:

Open the Powershell ISE on your domain controller → Run the following Powershell script, specifying the CSV path where you want to export the results:

$nameofgroup= 'Domain Admins'
$groupsusers=Get-ADGroup -Identity $nameofgroup |
ForEach-Object{
$settings=@{Group=$_.DistinguishedName;Member=$null}
$_ | Get-ADGroupMember |
ForEach-Object{
$settings.Member=$_.DistinguishedName
New-Object PsObject -Property $settings
}
}
$groupsusers | Export-Csv C:\scripts\GroupsUsers.csv –NoTypeInformation

Open the resulting CSV file, which will contain a list of all the members of the specified Active Directory group.

Run Netwrix Auditor → Navigate to “Reports” → Expand the “Active Directory” section → Go to “Active Directory – State-in-Time” → Select “Group Members” → Click “View”.

You can easily restrict the report to the members of a specific group. For instance, to see just the members of the Domain Admins group, enter “\com\enterprise\Users\Domain Admins” in the “Group Path” filter → Click “View Report”.
To export the report to a CSV file click the "Export" button → Choose CSV format from the dropdown menu → Click "Save".

Stop Using PowerShell Scripting Every Time You Need to List Members of an AD Group

Using PowerShell is an option for AD administration — provided you are really good at scripting and have the time to spend on it. In particular, you can use the Get-ADGroupMember cmdlet to get a list of the members of an Active Directory group. However, the results are provided in a format that’s very hard to read and not really suitable for analysis. Moreover, what if you need see the members of each of multiple security groups or members of nested groups? You can use the –recursive parameter for nested groups, but it’s still a tedious process. Plus, regular review of the membership of all privileged Active Directory groups is a basic security practice — do you really have time to run a PowerShell script for each group you need to review on a regular basis and pore through the cryptic output?

Netwrix Auditor for Active Directory enables you to get a list of AD group members in just a few clicks. You can get information about every group in your domain, or filter the results to detail just the particular group you are interested in. The information is provided in a human-readable format that can be easily understood by any business user in your company, so you can share the report with department managers and get them involved in privilege attestation.

Moreover, Netwrix Auditor for Active Directory also reports on changes, logon events, and the configuration of your Active Directory system, such as effective group membership, inactive user and computer accounts, effective permissions to Active Directory objects, and more. It can also alert you about potential threats to speed detection and response. It even provides an interactive search to streamline investigations, and predefined and custom reports with filtering, exporting and subscription options. This broad functionality streamlines a wide range of tasks, from change and access monitoring to privilege attestation to detection of anomalous activity.

Even better, Netwrix Auditor for Active Directory is a part of the Netwrix Auditor platform, which provides visibility into 12 additional on-premises and cloud-based systems, including Microsoft Exchange, SharePoint, Office 365, Microsoft Entra ID, SQL Server and network devices.

Previous How-to

How to Find Empty Folders with or without PowerShell

Next How-to

How to Get a SharePoint Permissions Report with or without PowerShell