Query list of Users in Active Directory Security Group (SG)

SQLDev2021 1 Reputation point
2021-01-05T09:15:17.48+00:00

I have a Active Directory Security Group, I am not completely sure on the LDAP information for this.

I would like to write a T-SQL Query to return the list of all users in the Security Group.

Thanks

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,456 questions
Transact-SQL
Transact-SQL
A Microsoft extension to the ANSI SQL language that includes procedural programming, local variables, and various support functions.
4,626 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. SUNOJ KUMAR YELURU 14,051 Reputation points MVP
    2021-01-05T09:34:09.843+00:00

    Hi @SQLDev2021

    To get a list of the users, try xp_logininfo if extended procs are enabled and the group in question is a windows group :
    EXEC master..xp_logininfo
    @acctname = '[group]',
    @1islessthan0 = 'members'

    For a quick view of which groups / roles the current user is a member of;
    select
    [principal_id]
    , [name]
    , [type_desc]
    , is_member(name) as [is_member]
    from [sys].[database_principals]
    where [type] in ('R','G')
    order by [is_member] desc,[type],[name]

    refer-
    sys.database_role_members (Transact-SQL)

    ----------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

  2. SUNOJ KUMAR YELURU 14,051 Reputation points MVP
    2021-01-05T14:04:24.09+00:00

    @SQLDev2021

    There is a AD Explorer tool which you can download and connect to it: https://video2.skills-academy.com/en-us/sysinternals/downloads/adexplorer and can explore the properties.

    You need to know AD Server to connect to It using AD Explore. Use below cmd command to find AD Server.

    Pull the Groups and Members from Active Directory (AD) Using T-SQL

    Refer - https://arstechnica.com/civis/viewtopic.php?t=62769

    ----------

    If this answers your query, do click “Accept Answer” and Up-Vote for the same. And, if you have any further query do let us know.

  3. Vicky Wang 2,731 Reputation points
    2021-01-06T09:22:19.213+00:00

    Get Your Report in 2 Simple Steps:

    Run Netwrix Auditor → Click "Reports" → Navigate to Active Directory → "Active Directory State-in-Time" → Select "User accounts" → Click "View".

    To save the file, click the "Export" button → Select Excel format → Save as → Choose a location to save it.

    reference:https://try.netwrix.com/active-directory-export-gsn?cID=7010g000001MSaf&sID=71101474714&aID=aud-286005054959:kwd-378169896414&creative_id=339570337088&placement_id=&location_id=2840&gclid=EAIaIQobChMInK6u8-2G7gIVKJVLBR1-JQJjEAAYASAAEgLa0PD_BwE

    Tip: This answer contains the content of a third-party website. Microsoft makes no representations about the content of these websites. We provide this content only for your convenience.

    Hope this information can help you
    Best wishes
    Vicky

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.