PowerShell function to report users in domain local groups

AGDLP… it’s an old principle. Almost as old as Active Directory itself.
You put a User in a Global group, the Global group in a Domain Local group and you provide Permissions on a resource to that Domain Local group.
This gives you flexibilty and managebility.

But… every once in a while someone violates the rules and you’ll get a mess in your AD.
So, here’s a PowerShell function that reports the users that are directly a members of a Domain Local group:

Leave a Reply

Your email address will not be published. Required fields are marked *