SCCM – Active Directory Security Group Query for User Collection

microsoft

If you are looking at setting up a SCCM user collection based on membership of an Active Directory Security Group, then you can use this WQL query for the collection.

WQL Script

To set this up, create a new collection and copy and paste this as its query:

select 
  SMS_R_USER.ResourceID,
  SMS_R_USER.ResourceType,
  SMS_R_USER.Name,
  SMS_R_USER.UniqueUserName,
  SMS_R_USER.WindowsNTDomain 
from 
  SMS_R_User
  where SMS_R_User.SecurityGroupName = "DomainADSecurityGroup"

Variables

You can add or remove any of the SMS_R_USER columns from the select statement but the part you will need to change is:

  • “DomainADSecurityGroup” – this should be changed to the name of your own domain and after the then change this for the object name of your security group.

Then go ahead and save this query and from within your SCCM console, update the collection and you should now see all the users within the security group, in your new collection.

Feedback

If you have any questions or feedback on this guide, then please feel free to leave us a message below in our comments section.


You might also like...

Leave us a message...

This site uses Akismet to reduce spam. Learn how your comment data is processed.