Without the AD Web Service, AD PowerShell won't work. You'd have to run the cmdlets from a Win7+ machine anyway.
Thanks, Brian Desmond [email protected] w – 312.625.1438 | c – 312.731.3132 -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Tuesday, June 18, 2013 6:24 PM To: [email protected] Subject: Re: [NTSysADM] Finding AD groups with legacy members On Tue, Jun 18, 2013 at 4:17 PM, Webster <[email protected]> wrote: > Current project had a consulting group come in and do an AD > Assessment. One of their findings was that they have many groups with almost > 5,000 members. > Most of the groups were created and users added pre 2003 DFL/FFL . > Their conclusion was the legacy members need to be removed and readded > to the groups to enable LVR for each group member. <snip> > I could run that command 24,000 times but it would be nice to automate that. > BUT, all the DCs are 2003 so I don't have access to using the > Microsoft PowerShell AD stuff. My GoogleFU is failing me and I have > not found a script that finds AD Security groups with Legacy members. > > Any hints, clues, tips or help from the peanut gallery? <snip> Any reason you can't install PowerShell 2.0 on at least one DC? Kurt
