So, perhaps someone ran a powershell script in your environment that went and removed every single user from every single group.

LOL JUST LOL at that. 8000+ staff, and an entire envrionment, down.

  1. Either find a DC which hasn’t replicated yet, or restore a dc

  2. Disconnect the NIC

  3. Run this powershell script

  
\# Gets all users and group memberships for bushmans AD restore

  
\# [email protected]


import-module activedirectory
  
$table = @()
  
$groups = get-adgroup -filter * -searchbase "DC=contoso,DC=COM" -Properties Member
  
$run = get-date
  
$output = @()

\# All AD groups, with user details

      
foreach($group in $groups)
          
{
          
write-host -ForegroundColor cyan "Checking " $group.Name

\# Can't use get-adgroupmember due to size limitations, have to backyard it

          
$users = get-adgroup $group.Name -properties member | select-object -expandproperty Member | get-aduser -ErrorAction SilentlyContinue
          
foreach ($user in $users)
              
{
              
write-host -ForegroundColor green "Checking if user or computer " $user.SamAccountName

\# Groups are fine, it's just users we want

              
if ($user.objectClass -eq "User")
                  
{
                  
write-host -ForegroundColor Magenta "Adding details to output " $user.SamAccountName
                  
\# added

                  
$output += $group.Name+","+$user.SamAccountName
                  
}
              
}
          
}
      
clear
      
write-host -ForegroundColor "Green" "the output is"
      
\# Use out-file because using export-csv was being a real PITA

      
$output | out-file c:\temp\output.csv
      
new-timespan -start $run -end (get-date)
  

Once done:

  1. Add “group,user” to the CSV

  2. use import-csv and pipe to “add-adgroupmember -identity $csv.group -member $csv.user”