Share via

Recursively query all members within nested dynamic distribution groups of a regular distribution group

Jorgenson, Brian E 1 Reputation point
2023-06-15T19:28:25.8933333+00:00

I have a regular dist group called "group A". Group A contains nested dynamic dist groups and regular dist groups. These nested groups may also contain other nested dynamic or regular dist groups. The nesting of groups will only go 3 levels deep but could contain 4 levels or possibly more.

I need a PowerShell script that will query all the usermailbox members of ALL of these nested groups all the way down the tree and add their corresponding alias or distinguishedName to a single variable.

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,125 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,185 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,021 Reputation points
    2023-06-16T08:49:58.54+00:00 
    Hello Brian,

Thank you for your question and for reaching out with your question today.

You can use the following PowerShell script to recursively query all user mailbox members of the nested groups within "Group A" and collect their aliases or distinguished names into a single variable:

```powershell
# Function to recursively get members of a group
function Get-NestedGroupMembers {
    param (
        [Parameter(Mandatory = $true)]
        [string]$GroupName
    )

    $group = Get-ADGroup $GroupName

    if ($group) {
        $members = Get-ADGroupMember $group | Where-Object { $_.objectClass -eq 'user' } | Select-Object -ExpandProperty SamAccountName

        foreach ($member in $members) {
            $memberAliases += $member
        }

        $nestedGroups = Get-ADGroupMember $group | Where-Object { $_.objectClass -eq 'group' }

        foreach ($nestedGroup in $nestedGroups) {
            Get-NestedGroupMembers -GroupName $nestedGroup.Name
        }
    }
}

# Specify the name of the top-level group
$topLevelGroup = "Group A"

# Initialize the variable to hold member aliases
$memberAliases = @()

# Call the function to get members of nested groups
Get-NestedGroupMembers -GroupName $topLevelGroup

# Output the member aliases
$memberAliases

    Make sure to replace "Group A" with the actual name of your top-level group. The script uses the Get-ADGroup and Get-ADGroupMember cmdlets from the Active Directory module to retrieve the members of each group, filtering only for user objects. The script recursively traverses the nested groups and collects the aliases of the user mailbox members into the $memberAliases variable.

    After running the script, the $memberAliases variable will contain the aliases of all user mailbox members within the nested groups. You can modify the script to collect the distinguished names instead by replacing SamAccountName with DistinguishedName in the Select-Object cmdlet.

    Note: Ensure that you have the Active Directory module installed and imported (Import-Module ActiveDirectory) before running the script.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    Best regards.