Forum Discussion
Getting Timeout limit was exceeded while fetching adgroup member
We have requirement of adding users to multiple ad group, before that check if the user is exist in A group then remove and add to B group. Its working fine smoothly for other AD groups, But still ge...
It's also worth noting that Get-ADGroupMember performs two very distinct actions (with respect to how it talks to the directory service):
- Pulls a list of distinguishedName values from the group (it's highly unlikely this is the part that's timing out);
- For each distinguishedName, Get-ADGroupMember will launch another query for each distinguishedName to pull all the additional properties, one of which is sAMAccountName.
While there's not enough information in your error to make any definitive statements, I have seen it before where a group containing memberships from another forest leads to a timeout, particularly in scenarios where a person no longer exists in the remote forest or the remote forest is unresponsive for some reason (in my experience it's usually been poor firewall configuration).
This may or may not be the cause in your case. I'm just sharing old stories in case this helps you discover something useful.
Cheers,
Lain