Get-ADGroup: How To Get All AD Groups with PowerShell

by
get-adgroup powershell examples

The PowerShell Get-ADGroup cmdlet is used to search Active Directory for single or multiple groups.

The Get-ADGroup filter parameter allows you to get a list of specific groups such as all global, universal, or domain local groups. In addition, you can search Active Directory for groups by name or simply list all groups.

In this guide, I’ll walk through several Get-ADGroup examples and show you how to quickly get a list of groups in your domain. If you want to get group members then see my article PowerShell Get AD group members for instructions.

Get-ADGroup Examples

1. Get a single group by name

Get-ADGroup -identity Accounting_Folders

This command gets the group with the SAM account name Accounting_Folders

get single ad group

2. Get a group by a distinguished name

Get-ADGroup -identity "CN=Accounting_Folders,OU=ADPRO Groups,DC=ad,DC=activedirectorypro,DC=com"

This example gets a single group by its distinguished name. I prefer to get groups by the SAM account name. Make sure to put the path in quotes or you will get an error. You can also identity groups by their SID and GUIDE.

get ad group by distinguished name

3. Get all AD groups

Get-ADGroup -filter *

This command will get all domain groups.

get all ad groups

4. Get all AD Groups & Limit Properties

Get-ADGroup -filter * | select Name, groupscope, objectclass

This command will get all groups and display the group name, groupscope, and objectclass.

display specific group properties

5. Get groups with a specific name

Get-ADGroup -filter "Name -like 'Acc*'"

This command will get all groups that start with Acc in the name. I also use the select option to just display the group name.

get groups by specific name

6. Get all groups from a specific OU

Get-ADGroup -filter * -SearchBase "OU=ADPRO Groups,DC=ad,DC=activedirectorypro,DC=com" | select name, distinguishedName

This command gets all groups from a specific OU and displays the group name and distinguishedName.

get all groups from ou

7. Get all Security Groups

Get-ADGroup -filter "GroupCategory -eq 'Security'" | select name, GroupCategory

This command gets all security groups and displays the group name and GroupCategory.

get all security groups

8. Get all AD group properties

Get-ADGroup -identity Administrators -Properties *

This command will display all of the group properties. By default, the get-adgroup command will only display eight group properties.

  • DistinguishedName
  • GroupCategory
  • GroupScope
  • Name
  • ObjectClass
  • ObjectGUID
  • SamAccountName
  • SID

To display all of the group properties add the -properties * option.

display all group properties

9. Get AD Groups using wildcard search

Get-ADGroup -Filter 'Name -like "*acc*" -or Name -like "*mar*"' | select name

In this example, I filter for groups by name using a wildcard search. I also use the or option to find groups that include “acc” or “mar”.

wildcard ad group search

Summary

In this article, I walked through several examples on how to use the PowerShell Get-ADGroup cmdlet. Examples covered in this article:

  • How to get a single AD group
  • How to get all AD groups
  • Get AD groups by a specific name
  • Find all security groups
  • How to perform a wildcard search
  • Get all groups from an OU

If you have questions or comments please post them below. Refer to the Microsoft Get-ADGroup Documentation to view the complete syntax.

You Might Also Like

Leave a Comment