Identifying Active Directory built-in groups

An Active Directory (AD) environment will contain a set of groups by default when a domain is created. These groups are built-in groups, and they are located in the built-in container. The built-in groups can be used to control access to shared resources and administrative roles throughout the domain.

 

If you want to identify all the built-in groups in the AD domain, you can either use the ADUC console and navigate to the built-in container, or you can run a PowerShell script that will return the various groups. Here is the script that will display the group names and their details such as group scope, group category, and Security Identifiers:

 

1. PS> Get-ADGroup -SearchBase 'CN=Builtin,DC=domain,DC=com' -Filter * |
2. Format-Table Name,GroupScope,GroupCategory,SID

• Related Articles

• How to add/remove Active Directory users to Active Directory groups using PowerShell

  Active Directory is a powerful tool for managing users and groups in a Windows environment. One of the most often-repeated tasks for administrators is to add or remove users from Active Directory groups. In this article, we will explore how to ...

• Finding all groups that contain the same members in Active Directory

  Active Directory users are put into groups for categorization and access privilege purposes. However, as an organization grows, there may be instances of repetition of groups, or an administrator may be required to monitor the groups that a specific ...

• How to create and manage Microsoft 365 groups with PowerShell

  Introduction: Microsoft 365 Groups is a collaboration feature that allows users to work together and share resources such as calendars, files, and email messages. Microsoft 365 Groups can be created and managed using the Microsoft 365 admin center, ...

• Monitoring Active Directory Group Membership Changes

  For security reasons, users in an Active Directory (AD) network would be put in groups, and they will be granted or denied certain privileges according to the groups they belong to. This is done so that users do not have unnecessary access to ...

• Generate an Activity Report for Microsoft 365 Groups and Teams

  Introduction The activity reports available for Microsoft 365 groups and Teams can be beneficial for administrators in an organization. Microsoft 365 teams group activity reports provide insight into group activities, group workloads, group counts, ...