ExchangeNerd

Powered by Ed Buford and Coffee

Category: Reporting

Finding AD Groups with PowerShell

How to List AD Groups by type using PowerShell

The AD group type is a bit of a mystery to me. I’m not sure why Microsoft has chosen to make thing they way they have and I have to keep reminding myself they have been building Active Directory a lot longer than they have been building PowerShell.
Today one of my team asked me to see if I could pull Domain Local groups out of AD using PowerShell. I was sure this was going to be as easy as it sounds. Turns out it isn’t straight forward.

Since there isn’t a Get-ADGroupType PowerShell command I went looking at the Attributes and here’s what I found:

2015-06-08_14h57_36

Even more confusing when you Open that Attribute you get something even more interesting:

2015-06-08_14h58_48

 

So I started searching around MSDN and I came up with this chart:

Group Type                                                 Value
Global distribution group                        2
Domain local distribution group           4
Universal distribution group                  8
Global security group                               -2147483646
Domain local security group                  -2147483644
Universal security group                         -2147483640

Now that I have the value I’m looking for I can pull it out of AD:
In order to do that I need to log into Domain Controller or a Domain computer with RSAT loaded.  Then I can import the ActiveDirectory module:

Import-module ActiveDirectory

Then I can get the Group Type by using the command below

Get-ADGroup -Filter * -Properties GroupType | where {$_.GroupType -eq “-2147483644”} | FL name

If I want to change the Group Type that I’m searching for then I just change the number from the list above make sure to include the Negative on the ones that have it listed.

[sourcecode language='powershell' ]
Get-ADGroup -Filter * -Properties GroupType | where {$_.GroupType -eq "-2147483644"} | FL name

[/sourcecode]

Multi Mailbox search in Office 365

I’ve was asked to do a Multi-Mailbox search in Office 365 to gather some email when their Journal somehow stopped Journaling.

Now In Exchange I could do this without much thought but doing anything in Office 365 takes me a lot longer as there just don’t seem to be great blogs written on the mundane things I want to do as of yet so I thought I’d add my own.

The Task:
Gather together all the email (undeleted) over the past month and export it to a PST.
Discovery:

  • The user creating this request must have an SMTP address the same as the mailboxes you’re searching (this means the user must be a mailbox user).
  • The user creating this request must be a member of the Discovery Management role group.
  • You need to use the User Principal Name in the of the Discovery Mailbox in order to send the mailbox to create the Powershell Request.

The Solution:

Find your Discovery Mailbox

Get-Mailbox -Resultsize unlimited -Filter {RecipientTypeDetails -eq “DiscoveryMailbox”

Find the User Principal Name for the Mailbox:

Get-Mailbox -Resultsize unlimited -Filter {RecipientTypeDetails -eq “DiscoveryMailbox”} |FL UserPrincipalName

Get Discovery management Group Members:
Get-RoleGroupMember -Identity “Discovery Management”

Add User to Discovery Management
Add-RoleGroupMember -Identity “Discovery Management” -Member USERNAME

Create the search:
New-MailboxSearch “SearchName” -StartDate “1/1/2014” -EndDate “1/22/2014″ -TargetMailbox ” Discovery Mailbox UPN” -MessageTypes Email -IncludeUnsearchableItems -LogLevel Full

Start the Search:
Start-MailboxSearch “SearchName”

Get-MailboxSearch |FL

[Top]