Private/PSADGroups.ps1

Function Get-PrivilegedGroupsMembers {
    [CmdletBinding()]
    Param (
        $Domain,
        $DomainSID
    )
    $PrivilegedGroups1 = "$DomainSID-512", "$DomainSID-518", "$DomainSID-519", "$DomainSID-520" # will be only on root domain
    $PrivilegedGroups2 = "S-1-5-32-544", "S-1-5-32-548", "S-1-5-32-549", "S-1-5-32-550", "S-1-5-32-551", "S-1-5-32-552", "S-1-5-32-556", "S-1-5-32-557", "S-1-5-32-573", "S-1-5-32-578", "S-1-5-32-580"

    $SpecialGroups = @()
    foreach ($Group in ($PrivilegedGroups1 + $PrivilegedGroups2)) {
        Write-Verbose "Get-PrivilegedGroupsMembers - Group $Group in $Domain ($DomainSid)"
        try {
            $GroupInfo = Get-AdGroup $Group -ErrorAction Stop
            $GroupData = get-adgroupmember -Server $Domain -Identity $group | Sort-Object -Unique
            $GroupDataRecursive = get-adgroupmember -Server $Domain -Identity $group -Recursive:$Recursive | Sort-Object -Unique
            #$GroupDataRecursive | fl *
            #$GroupData.SamAccountName #| Select * -Unique
            #$GroupData | ft -a
            $SpecialGroups += [ordered]@{
                'Group Name'              = $GroupInfo.Name
                'Group Category'          = $GroupInfo.GroupCategory
                'Group Scope'             = $GroupInfo.GroupScope
                'Members Count'           = Get-ObjectCount $GroupData
                'Members Count Recursive' = Get-ObjectCount $GroupDataRecursive
                'Members'                 = $GroupData.SamAccountName
                'Members Recursive'       = $GroupDataRecursive.SamAccountName
            }
        } catch {
            Write-Verbose "Get-PrivilegedGroupsMembers - Error on Group $Group in $Domain ($DomainSid)"
        }
    }
    return $SpecialGroups.ForEach( {[PSCustomObject]$_})
}