So, perhaps someone ran a powershell script in your environment that went and removed every single user from every single group.

LOL JUST LOL at that. 8000+ staff, and an entire envrionment, down.

  1. Either find a DC which hasn’t replicated yet, or restore a dc

  2. Disconnect the NIC

  3. Run this powershell script

\# Gets all users and group memberships for bushmans AD restore

\# [email protected]

import-module activedirectory
$table = @()
$groups = get-adgroup -filter * -searchbase "DC=contoso,DC=COM" -Properties Member
$run = get-date
$output = @()

\# All AD groups, with user details

foreach($group in $groups)
write-host -ForegroundColor cyan "Checking " $group.Name

\# Can't use get-adgroupmember due to size limitations, have to backyard it

$users = get-adgroup $group.Name -properties member | select-object -expandproperty Member | get-aduser -ErrorAction SilentlyContinue
foreach ($user in $users)
write-host -ForegroundColor green "Checking if user or computer " $user.SamAccountName

\# Groups are fine, it's just users we want

if ($user.objectClass -eq "User")
write-host -ForegroundColor Magenta "Adding details to output " $user.SamAccountName
\# added

$output += $group.Name+","+$user.SamAccountName
write-host -ForegroundColor "Green" "the output is"
\# Use out-file because using export-csv was being a real PITA

$output | out-file c:\temp\output.csv
new-timespan -start $run -end (get-date)

Once done:

  1. Add “group,user” to the CSV

  2. use import-csv and pipe to “add-adgroupmember -identity $ -member $csv.user”