I am trying to export all members from all of our AD Groups. I tried exporting all members using "Get-ADGroup"s "member" properties. We have around ~400k groups in our forest consisting of multiple domains. When I exported the members of all groups, it turns out the output is missing members from ~60k groups.
I checked few of the groups one by one using Get-ADGroup, and they don't show any members at all as the output file. However, I know for a fact that these groups have members via Azure AD. Also, when I looked up these users' "memberOf" property using Get-ADUser, I didn't see those groups.
So essentially, PowerShell Get-ADUser's memberOf and Get-ADGroup's member attributes are not showing some membership relationships even though the relationships exist.
Why is it happening? and What's the best way to export all members from all groups?
Btw, I tried using Get-ADGroupMember for each group separately, but it does not work and requires the script to be run from a DC, which is not possible.