Using PowerShell is an option for AD administration — provided you are really good at scripting and have the time to spend on it. In particular, you can use the Get-ADGroupMember cmdlet to get a list of the members of an Active Directory group. However, the results are provided in a format that’s very hard to read and not really suitable for analysis. Moreover, what if you need see the members of each of multiple security groups or members of nested groups? You can use the –recursive parameter for nested groups, but it’s still a tedious process. Plus, regular review of the membership of all privileged Active Directory groups is a basic security practice — do you really have time to run a PowerShell script for each group you need to review on a regular basis and pore through the cryptic output?

Netwrix Auditor for Active Directory enables you to get a list of AD group members in just a few clicks. You can get information about every group in your domain, or filter the results to detail just the particular group you are interested in. The information is provided in a human-readable format that can be easily understood by any business user in your company, so you can share the report with department managers and get them involved in privilege attestation.

Moreover, Netwrix Auditor for Active Directory also reports on changes, logon events, and the configuration of your Active Directory system, such as effective group membership, inactive user and computer accounts, effective permissions to Active Directory objects, and more. It can also alert you about potential threats to speed detection and response. It even provides an interactive search to streamline investigations, and predefined and custom reports with filtering, exporting and subscription options. This broad functionality streamlines a wide range of tasks, from change and access monitoring to privilege attestation to detection of anomalous activity.

Even better, Netwrix Auditor for Active Directory is a part of the Netwrix Auditor platform, which provides visibility into 12 additional on-premises and cloud-based systems, including Microsoft Exchange, SharePoint, Office 365, Azure AD, SQL Server and network devices.

How-to Guides