Here are a few different ways to list members of an Active Directory group:
Following command will provide you first name and last name of member of a group:
dsquery group domainroot -name groupname | dsget group -members | dsget user -fn -ln
The following filter returns the members of a specific group.You have to specify the groups distinguishedName.
ldifde -f groupMembers.txt -r "(&(objectClass=User)(memberOf=CN=myGroup,OU=MyContainer,DC=myOrg,DC=local))" -l "sAMAccountName,givenName,sn"
Using Adfind (Adfind is a free tool that you can download from www.joeware.net)
TO RETRIEVE THE DN OF THE GROUP
adfind -default -f "(&(objectCategory=group)(name=<GROUPNAME>))" -dsq
or
adfind -default -f "(&(objectCategory=group)(name=<GROUPNAME>))" -dn
TO RETRIEVE THE PROPERTIES (givenName=firstname, sn=surname sAMAccountName, pre-w2k logon name, description=description, cn=full name, displayName=displayname) OF THE MEMBERS OF THE GROUP
adfind -b "<DN of group>" -asq member givenName sn sAMAccountName description cn displayName
This article was derived from the forum post Active Directory Saved Query - Group Member Listing.