The PowerShell function discussed in this section helps you to find out the groups that have no members in them. This function has an optional switch parameter called -Nested, which indicates that a group has to be queried recursively for membership to determine whether it is empty or not. In some cases, a group can have another group in it, which might be empty as well. This switch will come in handy to find such cases:
Function Find-EmptyADGroups {
[CmdletBinding()]
Param(
[switch]$Nested
)
$Groups = Get-ADGroup -Filter *
Write-Host "`nBelow is the list of empty groups in Active Directory`n`n"
$Count = 0
foreach($Group in $Groups) {
$Members = Get-ADGroupMember -Identity $Group -Recursive:$Nested
if(!$Members) {
$Group | select Name, DistinguishedName
$Count++
}
}
Write-Host "`n`n`nTotal no. of empty groups are : $Count`n`n`n"
}