0

I've been trying to create a script to find a missing "Member of" Group in a Group. Can someone help me write the Where-Object cmdlet because I really don't know how this works.

This is what I already have:

$MissingGroup = "gg-s-MissingGroup"

$Group = Get-ADGroup -Filter 'Name -like "gg-s-*-Group"' -SearchBase "OU=xxxxxxx,DC=xxxxxxxxx,DC=xx" | Format-Table Name

I need the a list of the $Group where the $MissingGroup is NOT a "Member of" it.

Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37
cosmo_
  • 11
  • 5
  • Shouldn't the filter be `"Name -like 'gg-s-*Group'"` (no hyphen after the asteriks). – Theo Apr 17 '23 at 14:32

1 Answers1

2

You don't need Where-Object for this, you can and should do it with the Active Directory Filter:

$MissingGroup = 'gg-s-MissingGroup'

$getADGroupSplat = @{
    # find all groups where `$MissingGroup` is NOT a member of
    LDAPFilter = '(!memberof={0})' -f (Get-ADGroup $MissingGroup).DistinguishedName
    SearchBase = 'OU=xxxxxxx,DC=xxxxxxxxx,DC=xx'
}

$Group = Get-ADGroup @getADGroupSplat
Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37