Help with Power Shell Cmdlet for Security group identifcation across enterprise.

Michael Creamer 1 Reputation point
2021-12-09T15:21:41.09+00:00

So I am a noob to this AD world and I am trying to get assistance with a problem. My team has been assigned a security group in AD some years ago. Our team is now splitting and we need to create a new security group so the team has the right access and then parse out all servers that the other team no longer needs access to. We have been given access via the security group to many servers across the enterprise and unfortunately, there was no record kept of the servers. I have been told the only way to find this information out would be to log in to every server in the enterprise and see if the id is present.

Can some tell me is there a way to put in a PowerShell command similar to what I listed below that can be used on an enterprise DC/Forest DC to pull back the listed items below?

Group id: (Security Group)
Server Location: (example) Servername/path
Domain Name:

The script when researching I found was
Get-ADGroupMember -Identity "enterprise admins" -Server "ad.2012.com" | Select-Object Name, distinguishedName

I truly appreciate any feedback to help.

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,282 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Rich Matheisen 44,006 Reputation points
    2021-12-09T20:52:33.937+00:00

    This is a little old but it should still work.

    https://gist.github.com/Juanito99/44bcc30cd96128b0bcf3fc31c6436474
    

    Put that script into a file and use Invoke-Command to run it on each of the servers. You can get the list of servers right from the AD. The only thing you'd need to add to what the script produces is the name of the server to the hash beginning on line 72.

    0 comments No comments