In DSQUERY when finding AD objects, I want to find a DL (distribution list) or AD security group, and find all it's users (even in sub groups) and then filter out the sub groups. I have this so far
dsquery group -samid YourGroupName | dsget group -members -expand
but it includes the sub groups. Is there a way I can filter it so that only the users remain? This dsquery does something like that, but I don't know how to tie it in with the above query.
| dsquery * -filter "(&(objectcategory=person)(objectclass=user))"
Thanks
EDIT:
Lets say I have a group YourGroupName
, which has subgroups YourGroupNameA
, YourGroupNameB
. Then those subgroups have some users User1
(YourGroupNameA group), User2
(YourGroupNameB group), User3
(YourGroupNameB group).
The first query above gets me
YourGroupNameA
YourGroupNameB
User1
User2
User2
However I want to get it like this
User1
User2
User2