Here’s a quick script which I wrote yesterday for one of our professional services engineers. Basically they wanted to give customer a report for large groups, i.e. groups with more than certain number of user accounts including the ones in nested groups.
This turned out to be very straight-forward with QAD cmdlets.
The script is below:
function Get-LargeADGroup { param($limit = 75) Get-QADGroup | Foreach-Object { $members = $_ | Get-QADGroupMember -Indirect -Type 'user' ` -DontUseDefaultIncludedProperties ` -SizeLimit ($limit+1) -WarningAction SilentlyContinue if ( ($members -ne $null) -and ($members.gettype().Name -eq 'Object[]') -and ($members.Count -ge $limit)) { $_ } } } #Usage Get-LargeADGroup -limit 75 | Select Name, DN | Export-Csv c:\largegroups.csv
One trick worth pointing out is the use of -SizeLimit to not retrieve all members of the group – after all I just need to know if there is more than certain number of them.
Hope this helps! 
Subscribe by email
The -sizelimit trick is great, hadn’t thought of it. Thanks!
While exporting to CSV you may want to cut down the Groups attributes by using the Select command. The default will give you a lot of things that you don’t like.
Get-LargeADGroup -limit 75 | Select name,dn | Export-Csv c:\temp\largegroups.csv
I’ve updated the post to include the Select.
Indeed. Thanks for the great point Rick!