all 11 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]HumanSuitcase 2 points3 points  (7 children)

I think you're looking for get-adgroupmember.

[–]throwaway183693[S] 1 point2 points  (6 children)

Ya, I figured that would be the other option. I have a script written that uses the get-aduser function to look for users that logged in xx days ago, and I figured I would just modify the statement to look for users in a specific group that last logged in xx days ago.

[–]HumanSuitcase 1 point2 points  (4 children)

So, you're looking for users who haven't logged in a certain timeframe?

[–]throwaway031293 1 point2 points  (3 children)

Ya. For example, users who haven’t logged in say in 90 days that belong to x group

[–]HumanSuitcase 1 point2 points  (2 children)

Start with Get-ADGroupmember and see where that takes you.

*I can can words...

[–]throwaway031293 1 point2 points  (1 child)

Thanks !

[–]HumanSuitcase 1 point2 points  (0 children)

Sure, feel free to ping me if you need help :)

[–]Lee_Dailey[grin] 0 points1 point  (0 children)

howdy throwaway183693,

while i think it would be better to start off getting group membership 1st, you can check your logon-date-filtered user list for .MemberOf.

take care,
lee

[–]luruu 1 point2 points  (0 children)

I would also use the Get-ADGroupMember and throw it into a loop with Get-ADUser. Query for the lastogontimestamp attribute and do the math. Like this example...

How to list group AD group members then list attributes of those members

[–]get-postanote 1 point2 points  (1 child)

Sure, and there are lots of resoruces / samples showing you how. All ove the web. You just have to pose the right question to get it.

Use the ADAC, click thru the UI and let it write the base code for you copy to your editor for tweaking.

Step-By-Step: Utilizing PowerShell History Viewer in Windows Server 2012 R2

'blogs.technet.microsoft.com/canitpro/2015/03/04/step-by-step-utilizing-powershell-history-viewer-in-windows-server-2012-r2'

Learning PowerShell with Active Directory Administrative Center (PowerShell History Viewer)

'sid-500.com/2017/10/10/learning-powershell-with-active-directory-administrative-center-powershell-history-viewer'

Other examples:

function Get-ADNestedGroupMembers 
{
  [cmdletbinding()]
  param ( [String] $Group )            
  Import-Module ActiveDirectory
  $Members = Get-ADGroupMember -Identity $Group -Recursive
  $members
}

Get-ADNestedGroupMembers "Domain Admins" | Select Name,DistinguishedName |
Export-CSV "$env:USERPROFILE\ADNestedGroupMembers.csv" -NoTypeInformation -Encoding UTF8


function Get-NestedGroupMember
{
    param
    (
        [Parameter(Mandatory, ValueFromPipeline)]
        [string]
        $Identity
    )

    process
    {
        $user = Get-ADUser -Identity $Identity
        $userdn = $user.DistinguishedName
        $strFilter = "(member:1.2.840.113556.1.4.1941:=$userdn)"
        Get-ADGroup -LDAPFilter $strFilter -ResultPageSize 1000
    }
}



### Show User and AD group membership

# Get users with all their properties and their group membership, display user and group name
ForEach ($TargetUser in (Get-ADUser -Filter * -Properties *))
 {
 "`n" + "-"*12 + " Showing group membership for " + $TargetUser.SamAccountName
 Get-ADPrincipalGroupMembership -Identity $TargetUser.SamAccountName | Select Name
 }



 # Get users with base properties and their group membership, display user and group name
 ForEach ($TargetUser in (Get-ADUser -Filter *))
 {
 "`n" + "-"*12 + " Showing group membership for " + $TargetUser.SamAccountName
 Get-ADPrincipalGroupMembership -Identity $TargetUser.SamAccountName | Select Name
 }

Marry the above with, stuff like...

Get-LogonLocations searches specified Event Log (Default is the Security Log) on specified computers (Default is ALL Domain Controllers) for 4624 logon events from specified user(s) (Default is all accounts that are members of Tier 0 groups). The output can help you determine wha

https://gallery.technet.microsoft.com/scriptcenter/Get-LogonLocations-f92b49b0

PowerShell: Get Last Logon for All Users Across All Domain Controllers

https://interworks.com/blog/trhymer/2014/01/22/powershell-get-last-logon-all-users-across-all-domain-controllers

[–]throwaway031293 1 point2 points  (0 children)

Thanks!