This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Reports & Analytics
- Empty AD Groups
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-28-2016 05:00 PM
I know I can query for a list of users in an Active Directory group but can I get a list of groups in Active Directory that have no users?
Solved! Go to Solution.
Labels:
- Labels:
-
Report Center
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-30-2016 01:38 PM
I deleted your other post, as it appeared to be a duplicate of this one. I've included a sample report below that you can add to your installation by following these instructions.
Select Distinct Top 1000000 tblADGroups.Name As ADGroupName,
tblADGroups.Description As ADGroupDescription,
Case tblADGroups.GroupType When -2147483646 Then 'security - global'
When -2147483644 Then 'security - local' When -2147483643 Then 'built-in'
When -2147483640 Then 'security - universal'
When 2 Then 'distribution - global' When 4 Then 'distribution - local'
When 8 Then 'distribution - universal' End As ADGroupType
From tblADMembership
Right Join tblADGroups On tblADMembership.ParentAdObjectID =
tblADGroups.ADObjectID
Left Join tblADusers
On tblADusers.ADObjectID = tblADMembership.ChildAdObjectID
Where (tblADusers.ADObjectID Is Null) Or
(tblADusers.ADObjectID = '')
Order By ADGroupName
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-17-2017 12:23 PM
Hi Susan,
This report is already very helpful, but in our situation we also have groups being member of a group.
I'd like to filter these out as well, but cannot figure out how.
As far as I have seen, LANsweeper needs at least a computer or user to be involved in a group to 'recognize' it.
Is the above possible?
This report is already very helpful, but in our situation we also have groups being member of a group.
I'd like to filter these out as well, but cannot figure out how.
As far as I have seen, LANsweeper needs at least a computer or user to be involved in a group to 'recognize' it.
Is the above possible?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-02-2016 09:43 PM
Hello,
I noticed this shows empty OU's based on no users, I have several groups that contain computer objects in them and this report shows them as empty.
Can the report be adjusted to show empty, as in absolutely no objects with in them?
I noticed this shows empty OU's based on no users, I have several groups that contain computer objects in them and this report shows them as empty.
Can the report be adjusted to show empty, as in absolutely no objects with in them?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-16-2016 09:14 PM
SysIT wrote:
Hello,
I noticed this shows empty OU's based on no users, I have several groups that contain computer objects in them and this report shows them as empty.
Can the report be adjusted to show empty, as in absolutely no objects with in them?
I've included a sample report below that lists completely empty groups (no users and no computers).
Select Distinct Top 1000000 tblADGroups.Name As ADGroupName,
tblADGroups.Description As ADGroupDescription,
Case tblADGroups.GroupType When -2147483646 Then 'security - global'
When -2147483644 Then 'security - local' When -2147483643 Then 'built-in'
When -2147483640 Then 'security - universal'
When 2 Then 'distribution - global' When 4 Then 'distribution - local'
When 8 Then 'distribution - universal' End As ADGroupType
From tblADMembership
Right Join tblADGroups On tblADMembership.ParentAdObjectID =
tblADGroups.ADObjectID
Left Join tblADusers
On tblADusers.ADObjectID = tblADMembership.ChildAdObjectID
Left Join tblADMembership tblADMembership1
On tblADMembership1.ParentAdObjectID = tblADGroups.ADObjectID
Left Join tblADComputers On tblADComputers.ADObjectID =
tblADMembership1.ChildAdObjectID
Where (tblADusers.ADObjectID Is Null Or tblADusers.ADObjectID = '') And
(tblADComputers.ADObjectID Is Null Or tblADComputers.ADObjectID = '')
Order By ADGroupName
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-30-2016 01:38 PM
I deleted your other post, as it appeared to be a duplicate of this one. I've included a sample report below that you can add to your installation by following these instructions.
Select Distinct Top 1000000 tblADGroups.Name As ADGroupName,
tblADGroups.Description As ADGroupDescription,
Case tblADGroups.GroupType When -2147483646 Then 'security - global'
When -2147483644 Then 'security - local' When -2147483643 Then 'built-in'
When -2147483640 Then 'security - universal'
When 2 Then 'distribution - global' When 4 Then 'distribution - local'
When 8 Then 'distribution - universal' End As ADGroupType
From tblADMembership
Right Join tblADGroups On tblADMembership.ParentAdObjectID =
tblADGroups.ADObjectID
Left Join tblADusers
On tblADusers.ADObjectID = tblADMembership.ChildAdObjectID
Where (tblADusers.ADObjectID Is Null) Or
(tblADusers.ADObjectID = '')
Order By ADGroupName
Reports & Analytics
Ask about reports you're interested in and share reports you've created. Subscribe to receive daily updates of reports shared in the Community.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- New Reboot & Review (017): Manage your IT Agent discovery in General Discussions
- Dynamic LSAgent Group in General Discussions
- Empty the tblFirewallRule in General Discussions
- Helpdesk Api : Request for new features in General Discussions
- Add AD group computer belongs to to patch tuesday audit in General Discussions
