PowerShell-Active-Directory-Tools/Get-ADGroupInfo.ps1 at main · SecTraversl/PowerShell-Active-Directory-Tools · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<#
.SYNOPSIS
  The "Get-ADGroupInfo" function is a succinct way to retrieve an AD Group object that has a name partially matching the argument given to the "-Name" parameter.

.DESCRIPTION
.EXAMPLE
  PS C:\> ADGroupInfo 'infosec'

  DistinguishedName : CN=VMware-InfoSec,OU=Security,OU=Groups,DC=subd,DC=MyDomain,DC=com
  GroupCategory     : Security
  GroupScope        : Universal
  Name              : VMware-InfoSec
  ObjectClass       : group
  ObjectGUID        : 7765a27c-11a2-4dae-9485-d317a89a719d
  SamAccountName    : VMware-InfoSec
  SID               : S-1-5-33-354894638-010466885-0111034255-55691

  DistinguishedName : CN=MECH-InfoSec-Employees,OU=Distribution,OU=Groups,DC=subd,DC=MyDomain,DC=com
  GroupCategory     : Distribution
  GroupScope        : Universal
  Mail              : MECH-InfoSec-Employees@MyDomain.com
  Name              : MECH-InfoSec-Employees
  ObjectClass       : group
  ObjectGUID        : fc5f69e6-9458-4acb-9dc9-37e1169923e3
  SamAccountName    : MECH-InfoSec-Employees
  SID               : S-1-5-21-119147777-238295682-2050013282-34189


  Here we run the "Get-ADGroupInfo" function by calling its built-in alias of 'ADGroupInfo'.  We reference the substring of 'infosec' to be used in our default wildcard search for an AD Group object that has the given substring in its "Name" property value.  In return we get two AD Group objects, one of which is a 'Security' GroupCategory, and the other which is a 'Dsitribution' GroupCategory.

.NOTES
  Name:  Get-ADGroupInfo.ps1
  Author:  Travis Logue
  Version History:  1.2 | 2022-01-12 | Updated documentation
  Dependencies:  ActiveDirectory module
  Notes:


  .
#>
function Get-ADGroupInfo {
  [CmdletBinding()]
  [Alias('ADGroupInfo')]
  param (
    [Parameter(Mandatory = $true, HelpMessage = 'Reference a partial or full group name to retrieve from Active Directory.')]
    [string[]]
    $Name,
    [Parameter()]
    [string[]]
    $Property,
    [Parameter(HelpMessage = 'Use this switch parameter to ensure the "name" string used in the filter is an exact match for the argument given to the "-Name" parameter')]
    [switch]
    $ExactMatch
  )

  begin {}

  process {

    if ($Property) {
      $Properties = @('Mail') + @($Property)
    }
    else {
      $Properties = @('Mail')
    }


    foreach ($item in $Name) {

      if ($ExactMatch) {
        $Filter = "Name -like '$item'"
      }
      else {
        $Filter = "Name -like '*$item*'"
      }

      Get-ADGroup -Filter $Filter -Properties $Properties

    }

  }

  end {}
}