SCCM – Active Directory Security Group Query for User Collection

By | April 17, 2023
microsoft black logo

Last updated on April 17th, 2023 at 12:36 am

Read Time:1 Minute, 12 Second

If you are looking at setting up a SCCM user collection based on membership of an Active Directory Security Group, then you can use this WQL query for the collection.

WQL Script

To set this up, create a new collection and copy and paste this as its query:

select
SMS_R_USER.ResourceID,
SMS_R_USER.ResourceType,
SMS_R_USER.Name,
SMS_R_USER.UniqueUserName,
SMS_R_USER.WindowsNTDomain
from
SMS_R_User
where SMS_R_User.SecurityGroupName = "DomainADSecurityGroup"

Variables

You can add or remove any of the SMS_R_USER columns from the select statement but the part you will need to change is:

  • “DomainADSecurityGroup” – this should be changed to the name of your own domain and after the then change this for the object name of your security group.

Then go ahead and save this query and from within your SCCM console, update the collection and you should now see all the users within the security group, in your new collection.

More Queries

Our full range of SQL and WQL Collection queries are available here.

FAQ

What does WQL mean?

WMI Query Language

What does SCCM mean?

(Microsoft) System Center Configuration Manager

Feedback

If you have any questions or feedback about this post, or if you would like us to create any queries for you, please go ahead and leave us a message below in the comments section and we will get back to you as quick as we can.

Click to rate this post!
[Total: 0 Average: 0]

Free Subscription

If you want to be notified when we post more quality guides like this one, sign up to our free subscription service and you will receive an email when a new post is live.

Join 564 other subscribers.

No need to worry, we will not be filling your inbox with spam and you can unsubscribe anytime you like.


Leave us a message...

This site uses Akismet to reduce spam. Learn how your comment data is processed.