add Get-ADGroupMember,

rework ps1,
add default username/password to integration script invoker

Author: Pxtl

src/ADServices/ADGroupMember.psm1

@@ -79,6 +79,7 @@ function Remove-ADGroupMember {
         Nothing, unless PassThru is set in which case it returns the Group as a
         [DirectoryServices.DirectoryEntry].
     #>
+    [OutputType([DirectoryServices.DirectoryEntry])]
     [CmdletBinding(SupportsShouldProcess)]
     param (
         # Identity of the group to add members to.
@@ -134,3 +135,46 @@ function Remove-ADGroupMember {
         }
     }
 }
+
+
+function Get-ADGroupMember {
+    <#
+    .SYNOPSIS
+        Get Member ADObjects of a group.
+    .OUTPUTS
+        [DirectoryServices.DirectoryEntry] of the ADObjects within the group. If the group does not exist, returns Nothing.
+    #>
+    [OutputType([DirectoryServices.DirectoryEntry])]
+    [CmdletBinding()]
+    param(
+        # Identity of the group.
+        [Parameter(Mandatory, ValueFromPipeline)]
+        [string] $Identity,
+
+        # The domain controller to query.
+        [Parameter()]
+        [string] $Server = $null,
+
+        # Credentials for the domain controller.
+        [Parameter()]
+        [PSCredential] $Credential = $null,
+
+        [switch] $Recursive
+    )
+    process {
+        $group = Get-ADGroup -Identity $Identity -Server $Server -Credential $Credential -Verbose:$VerbosePreference
+        if (-not $group) {
+            return
+        }
+        $groupDN = $group.distinguishedName
+        $members = Get-ADObject -LDAPFilter "(memberOf=$groupDN)" -Server $Server -Credential $Credential -Verbose:$VerbosePreference
+        
+        # output
+        $members
+        if ($Recursive) {
+            $members | Foreach-Object {
+                Get-ADGroupMember -Identity $_.distinguishedName -Server $Server -Credential $Credential -Recursive
+            }
+        }
+    }
+}

src/ADServices/ADServices.psd1

@@ -1,13 +1,14 @@
 @{  
-    ModuleVersion = '0.1.1'
+    ModuleVersion = '0.1.2'
     GUID = 'c29c8e32-38a3-4ed4-acc3-11ad44bcab3c'
     Author = 'Martin C Zarate (AKA Pxtl)'
     Copyright = '2025, Martin C Zarate'
     Description = @'
-Rough lightweight feature-incomplete drop-in replacement for some of the
-components of the MS ActiveDirectory module but leveraging the C#
-"System.DirectoryServices.dll" assembly which is available by default on Windows
-instead of requiring that the user install RSAT.
+Rough re-implementation of the MS ActiveDirectory powershell module but
+leveraging the C# "System.DirectoryServices.dll" assembly which is available by
+default on Windows instead of requiring that the user install RSAT. Very
+feature-incomplete at this time.  Also, unfortunately
+"System.DirectoryServices.dll" is Windows-only and therefore so is this module.
 '@
 
     # Minimum version of the Windows PowerShell engine required by this module
@@ -43,11 +44,15 @@ instead of requiring that the user install RSAT.
             ProjectUri = 'https://github.com/Pxtl/powershell-modules'
             # IconUri = ''
             ReleaseNotes = @'
+v0.1.2
+- add Get-ADGroupMember
+
 v0.1.1
 - hide private functions properly
 
 v0.1.0
 - Initial Version
+- Includes main verbs for ADObject, ADUser, ADAccount, ADGroup, ADGroupMember
 '@
         } # End of PSData hashtable
     } # End of PrivateData hashtable

src/ADServices/Tests/Integration/ADGroupMember.tests.ps1

@@ -100,6 +100,51 @@ Describe 'ADGroup Membership' -Tags Integration {
         $loadedADGroup.member.Count | Should -Be 1
     }
 
+    It 'Can Get-ADGroupMember' {
+        # prepare
+        $groupCode = 4
+        $testGroupName = "parentGroup$groupCode"
+        $newGroup = New-ADGroup @ConnectionParam -Name $testGroupName -Verbose:$VerbosePreference -PassThru
+        $newGroup.member.Count | Should -Be 0
+
+        $testUser1Name = "childUser1ForGroup$groupCode"
+        $newUser1 = New-ADUser @ConnectionParam -Name $testUser1Name -Verbose:$VerbosePreference -PassThru
+        $testUser2Name = "childUser2ForGroup$groupCode"
+        $newUser2 = New-ADUser @ConnectionParam -Name $testUser2Name -Verbose:$VerbosePreference -PassThru
+        $testChildGroupName = "childGroup$groupCode"
+        $testChildGroup = New-ADGroup @ConnectionParam -Name $testChildGroupName -Verbose:$VerbosePreference -PassThru
+        $testGrandchildUserName = "grandchildUser1ForGroup$groupCode"
+        $grandchildUser = New-ADUser @ConnectionParam -Name $testGrandchildUserName -Verbose:$VerbosePreference -PassThru
+
+        # act
+        Add-ADGroupMember @ConnectionParam -Identity $newGroup.distinguishedName -Members $newUser1.distinguishedName, $newUser2.distinguishedName, $testChildGroup.distinguishedName -Verbose:$VerbosePreference
+        Add-ADGroupMember @ConnectionParam -Identity $testChildGroup.distinguishedName -Members $grandchildUser.distinguishedName -Verbose:$VerbosePreference
+
+        # examine
+
+        ## test fetch from AD
+        $members = Get-ADGroupMember @ConnectionParam -Identity $testGroupName -Verbose:$VerbosePreference
+        $memberDNs = $members | ForEach-Object {
+            $_.distinguishedName.Value
+        }
+        $memberDNs | Should -Contain "CN=childUser1ForGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs | Should -Contain "CN=childUser2ForGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs | Should -Contain "CN=childGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs.Count | Should -Be 3
+
+        ## test fetch from AD recursively
+        $memberDNs = Get-ADGroupMember @ConnectionParam -Identity $testGroupName -Verbose:$VerbosePreference -Recursive | 
+            ForEach-Object {
+                $_.distinguishedName.Value
+            }
+        $memberDNs | Should -Contain "CN=childUser1ForGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs | Should -Contain "CN=childUser2ForGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs | Should -Contain "CN=childGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs | Should -Contain "CN=grandchildUser1ForGroup$groupCode,CN=Users,DC=samdom,DC=example,DC=com"
+        $memberDNs.Count | Should -Be 4
+    }
+
+
     AfterEach {
         Write-Verbose "Cleanup in $($MyInvocation.MyCommand.ScriptBlock.File | Split-Path -Leaf)."
         & "$PSScriptRoot\Shared\Clear-TestObjects.ps1"

src/ADServices/Tests/Integration/Invoke-IntegrationTest.ps1

@@ -7,8 +7,12 @@ param (
     [PSCredential] $PSCredential
 )
 
+if (-not $PSCredential) {
+    # default credentials for smblds
+    $PSCredential = [PSCredential]::new('Administrator', (ConvertTo-SecureString 'Passw0rd' -AsPlainText -Force))
+}
+
 # prepare
-##########
 docker compose -f "$PSScriptRoot\adservices-testdocker\docker-compose.yml" up -d --wait
 
 # refresh module version in memory then unload it to prevent accidental memory of old versions of module.
@@ -17,7 +21,6 @@ Import-Module $PSScriptRoot\..\..\Shared\ADHelpers.psm1 -Force -Verbose:$false |
 Import-Module $PSScriptRoot\..\..\Shared\ADDirectoryEntry.psm1 -Force -Verbose:$false | Remove-Module
 
 # act
-######
 Invoke-Pester -Container (New-PesterContainer -ScriptBlock {
     & "$PSScriptRoot\ADUser.tests.ps1" -Server $Server -PSCredential $PSCredential
     & "$PSScriptRoot\ADAccount.tests.ps1" -Server $Server -PSCredential $PSCredential