Rapid7 Vulnerability & Exploit Database

Windows Gather Active Directory Users

Back to Search

Windows Gather Active Directory Users



This module will enumerate user accounts in the default Active Domain (AD) directory and stores them in the database. If GROUP_MEMBER is set to the DN of a group, this will list the members of that group by performing a recursive/nested search (i.e. it will list users who are members of groups that are members of groups that are members of groups (etc) which eventually include the target group DN.


  • Ben Campbell <eat_meatballs@hotmail.co.uk>
  • Carlos Perez <carlos_perez@darkoperator.com>
  • Stuart Morgan <stuart.morgan@mwrinfosecurity.com>




Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security