16.8 Get-DRAGroupMembers

Synopsis

Retrieves the list of members for an Active Directory group.

Syntax

Get-DRAGroupMembers -Domain <String> -Identifier <String> [-ContainerDN <String>] [-EnforceServerLimit <SwitchParameter>] [-IncludeChildContainers <SwitchParameter>] [-ObjectsPerResponse <Int32>] [-ResumeString <String>] [-Attributes <String[]>] [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]

Description

The Get-DRAGroupMembers cmdlet returns the members of the requested group account managed by DRA. The requesting user must have the View All Group Properties power. You can view the default list of properties or specify specific properties. You can also control the number of members returned in the results, and iterate result sets, if necessary. See the help examples for information on how to view specific properties and control the pages of results returned from the server. The response will also have the property TotalObjectCount which contains the total number of results available from the server. You can use this property to determine the total number of members in the group, and the number of result sets that will be needed to process all of the members.

Parameters

Attribute / Description	Parameters / Values
Attribute / Description	Required	Position	Default Value	Accept Pipeline input?	Accept wildcard characters?
Identifier <String> The name or distinguished name of an existing Active Directory object. When the name is specified, an additional call to the DRA Server is needed to obtain the distinguished name for the object.	true	named		true (ByPropertyName)	false
Domain <String> The domain of the object in fqdn format. For example: mydomain.corp	true	named		true (ByPropertyName)	false
ContainerDN [<String>] The full path to the container to search in distinguished name format. For example: -ContainerDN "OU=Accounting,DC=MyDomain,DC=corp"	false	named		false	false
EnforceServerLimit [<SwitchParameter>] A switch parameter to indicate that the search results should be limited by the search result limit on the DRA Server. The typical server limit is 1000 items. The default is true.	false	named		false	false
IncludeChildContainers [<SwitchParameter>] A switch parameter to request that the search include child containers. The default is false: only the container named in the ContainerDN parameter is searched.	false	named		false	false
ObjectsPerResponse [<Nullable`1>] The number of objects to return in a response. The default is 250.	false	named		false	false
ResumeString [<String>] When multiple responses are needed to return all of the search results to the client, this parameter indicates the last item returned from the server. The value of this parameter would be set using the ResumeString property from the previous set of results. The ResumeString may look like this: "CN=MYUser160,CN=Users,DC=MyDomain,DC=corp". The EnforceServerLimit, ObjectsPerResponse, and ResumeString parameters are applicable only when the Identifier parameter is not specified.	false	named		false	false
Attributes [<String[]>] An array of attributes to retrieve values for. If this parameter is missing, a default list of properties is returned.	false	named		true (ByPropertyName)	false
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'.	false	named		true (ByPropertyName	false
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755.	false	named	8755	true (ByPropertyName	false
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate.	false	named		false	false
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user.	false	named		false	false
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1.	false	named	100 seconds	false	false
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters.

NOTE:For more information, type "Get-Help Get-DRAGroupMembers -detailed". For technical information, type "Get-Help Get-DRAGroupMembers -full".

Example 16-18 1

PS C:\>Get-DRAGroupMembers -Domain MyDomain.corp -Identifier "GROUP123"

This example retrieves the members of the group named GROUP123 in MyDomain.corp. The identifier contains the group name, and the REST server will first request the distinguished name for the group followed by the list of members. If the Attributes parameter is not specified, a default list of properties will be returned.

Example 16-19 2

PS C:\>Get-DRAGroupMembers -Domain MyDomain.corp -Identifier "CN=GROUP123,OU=Sales,DC=MyDomain,DC=corp"  -Attributes "DistinguishedName","FriendlyName"

Example 16-20 3

PS C:\>Get-DRAGroupMembers -Domain MyDomain.corp -Identifier "CN=GROUP123,OU=Sales,DC=MyDomain,DC=corp"  -Attributes "DistinguishedName","FriendlyName" -ObjectsPerResponse 500 -StartRow 501 -ResumeString "{904E1327-F859-490A-A420-8DE8D0F299EF}"

This example retrieves the members of the group named GROUP123 in MyDomain.corp. Identifier contains the distinguished name for the group.The results will include the properties DistinguishedName and FriendlyName for each member. The server will return 500 items in the result, starting from the index specified in the StartRow parameter. ResumeString is used when there are multiple pages of results to be returned. If more data is available, the results will include the ResumeString property which can be used to request the next page of results.