Get-NetGroup

#Groups
Get-NetGroup #Get groups
Get-NetGroup -Domain mydomain.local #Get groups of an specific domain
Get-NetGroup 'Domain Admins' #Get all data of a group
Get-NetGroup -AdminCount #Search admin grups
Get-NetGroup -UserName "myusername" #Get groups of a user
Get-NetGroupMember -Identity "Administrators" -Recurse #Get users inside "Administrators" group. If there are groups inside of this grup, the -Recurse option will print the users inside the others groups also
Get-NetGroupMember -Identity "Enterprise Admins" -Domain mydomain.local #Remember that "Enterprise Admins" group only exists in the rootdomain of the forest
Get-NetLocalGroup -ComputerName dc.mydomain.local -ListGroups #Get Local groups of a machine (you need admin rights in no DC hosts)
Get-NetLocalGroupMember -computername dcorp-dc.dollarcorp.moneycorp.local #Get users of localgroups in computer
Get-DomainObjectAcl -SearchBase 'CN=AdminSDHolder,CN=System,DC=testlab,DC=local' -ResolveGUIDs #Check AdminSDHolder users
Get-NetGPOGroup #Get restricted groups

Tricks


#Get all the groups in the current domain
Get-NetGroup
Get-NetGroup –Domain <targetdomain>
Get-NetGroup –FullData


#Get all groups containing the word "admin" in group name
Get-NetGroup *admin*


#Get all the members of the Domain Admins group
Get-NetGroupMember -GroupName "Domain Admins" -Recurse
Get-NetGroupMember -GroupName "Domain Admins"
Get-NetGroupMember -GroupName "Enterprise Admins" -Domain newyork.local
Get-NetGroupMember -GroupName "Enterprise Admins" -Domain north.newyork.local
Get-NetGroupMember -GroupName "Enterprise Admins" -Domain maryland.local

#Get the group membership for a user:
Get-NetGroup –UserName "student1"


#List all the local groups on a machine (needs administrator privs on nondc machines
Get-NetLocalGroup -ComputerName nyc.newyork.local -ListGroups


#Get members of all the local groups on a machine (needs administrator
privs on non-dc machines)
Get-NetLocalGroup -ComputerName nyc.newyork.local -Recurse


#Get actively logged users on a computer (needs local admin rights on
the target)
Get-NetLoggedon –ComputerName <servername>



#Get locally logged users on a computer (needs remote registry on the
target - started by-default on server OS)
Get-LoggedonLocal -ComputerName nyc.newyork.local



#Get the last logged user on a computer (needs administrative rights and
remote registry on the target)
Get-LastLoggedOn –ComputerName <servername>
PreviousGet-NetUserNextGet-NetComputer

Last updated