Is Powershell Get-ADGroup recursive?

Question

If I am running the following command:

$ADGroups = Get-ADGroup -SearchBase $SearchBase -Filter 'ObjectClass -eq "group"'

will that return nested groups? If not, what is the best way to return nested groups?

I have tried running the following but get an error:

 $ADGroups = Get-ADGroupMember -Identity $SearchBase

Get-ADGroupMember : Cannot find an object with identity: 'OU=ABC,DC=COMPANY,DC=net' under: 'DC=COMPANY,DC=ne
t'.
At line:1 char:30
+ $ADGroups = Get-ADGroupMember <<<<  -Identity $SearchBase
    + CategoryInfo          : ObjectNotFound:

Answer 1

As Get-ADGroups's help page, states the default value for the -SearchScope parameter - which you're not using - is Subtree.

In other words: yes, Get-ADGroup is recursive by default.

The other permissible values are Base (search only the object at the specified path itself) and OneLevel (search the object itself as well as its immediate children).

---

Using explicit -Filter value 'ObjectClass -eq "group"' with Get-ADGroup is pointless, because any objects returned will by definition be groups.
In order to find all groups in the specified search scope, simply use -Filter *:

$ADGroups = Get-ADGroup -Filter * -SearchBase $SearchBase 

---

To actually get groups' members recursively, you can use Get-ADUser directly with the -SearchBase property:

$members = Get-ADUser -Filter * -SearchBase $SearchBase

---

Note that the -Identity parameter can only be used to target one specific item, using something that uniquely identifies it, namely "its distinguished name (DN), GUID, security identifier (SID), Security Accounts Manager (SAM) account name, or canonical name.".