Viewing nested group memberships
This recipe demonstrates how to enumerate all members of a group, even those members in groups that are members of the same group.
Getting ready
To view nested group memberships for a group, sign in to a domain controller, a member server, or a device with RSAT for Active Directory Domain Services installed.
Sign in with a domain account.
How to do it...
To view nested group memberships, double-click the groups listed on the Members tab in the properties of a group and look at its members. When groups are heavily nested, though, this becomes tedious fast. A much better approach is to use Windows PowerShell.
Use the following line of PowerShell to enumerate all group memberships in Active Directory for a group on a system with the Active Directory module for Windows PowerShell installed:
Get-ADGroupMember -Identity 'CN=Group,OU=Organizational Unit,DC=LucernPub,DC=com' -Recursive | Out-GridView
Replace DC=LucernPub,DC...