Get-ADObject with an LDAPfilter

Powershell command to determine the contents matching membership of 2 groups and fitting a specified pattern. The output is then controlled using the format table cmdlet. Out-File can be used the write the output to a file.

Get-ADObject -LDAPFilter "(&(memberOf=cn=GROUPNAME1,ou=Live,ou=Applications,ou=Groups,dc=dom1st,dc=dom2nd,dc=local)(memberOf=cn=GROUPNAME2,ou=Live,ou=Applications,ou=Groups,dc=dom1st,dc=dom2nd,dc=local))" | where {$_.name -like "DW*"} | Format-Table Name


This is a similar command which lists the groups which both users are a member of i.e. common groups.  It is not recursive.

get-adobject -LDAPFilter "(&(member=CN=User1,OU=TestAccounts,OU=GenericAccounts,OU=Users,OU=firm,DC=DC1,DC=DC2,DC=local)(member=CN=user2,OU=LU,OU=Users,OU=firm,DC=DC1,DC=DC2,DC=local))"


To list uncommon group place the NOT operator just inside the bracket of the second condition, just before "member" in this case.

LDAP Query basics
https://technet.microsoft.com/en-us/library/aa996205%28v=exchg.65%29.aspx (broke)

https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx

Building on the first query above this script obtains the users which are in both groups and then removes the resulting user accounts from a specified group.... script to be added.....