Previous

Traditional Approach

Using net.exe

Open CMD or powershell, enter commands:-

Enumerate all users in the local domain

Adding the /domain flag will enumerate all users in the entire domain:

Detailed query information about individual users.

Enumerate all groups in the domain

Output will give custom groups like Secret_Group, Nested_Group and Another_Nested_Group. In Active Directory, a group (and subsequently all the included members) can be added as member to another group. This is known as a nested group.

Unfortunately, the net.exe command line tool cannot list nested groups and only shows the
direct user members.