Get-ADPrincipalGroupMembership Raises Error if any Group Name has the "/" character
The Get-ADPrincipalGroupMembership PowerShell cmdlet raises an error if any of the groups retrieved has the "/" character in the common name. Error message is "The server was unable to process the request due to an internal error", followed by instructions to get more details or turn on tracing.
For example, if user "cn=Frank Madison,ou=Sales,ou=West,dc=MyDomain,dc=com" is a member of the group "cn=East/West,ou=Admin,dc=MyDomain,dc=com", then the following raises the error:
Get-ADPrincipalGroupMembership -Identity "cn=Frank Madison,ou=Sales,ou=West,dc=MyDomain,dc=com"
This issue is similar to the one reported here, where the "/" character is in the name of the user, not the group:
https://windowsserver.uservoice.com/forums/301869-powershell/suggestions/11088447-get-adprincipalgroupmembership-error-with-in-p

2 comments
-
Anonymous commented
I came here to report this same type of issue. Our identities contain CN=Last, First which translate to CN=Last\, First Which causes the same issue. This created the "The server was unable to process the request due to an internal error" There are cumbersome workarounds, but we would really like to see this resolved.
-
Moving to Active Directory, since this is an AD cmdlet and not a PowerShell-owned cmdlet.