I'm very new to Linux and I'm wanting to know if it's technically possible to obtain Windows Active directory group information from Linux bash?

We have a vbscript that we would like to convert to bash and that is one of the functions of the script.

Virtually any AD information that can be requested from any Windows workstation on the AD domain can be requested from any Linux workstations on the AD domain using SAMBA and the proper tools. My scripts test group membership in a couple of ways. Memberships of a user can be viewed using the 'id' command on the linux side, as one example.

I'll have to look into this. We do use SAMBA, but I wouldn't know if the "proper tools" are in place. I can use groups ID to see what groups an ID is a member of, but it only returns Linux groups when I know this particular user is a member of a Windows AD group. I've also tried to use getent group groupname and it only works on the Linux groups, not AD. I suspect we may not have all the tools in place, or maybe they're not properly configured.

It does depend upon your version of SAMBA and the level of your AD servers. On my network we are using Windows server 2012 and SAMBA 4. Any AD user can log into any joined Linux box using the Windows credentials, and if their home folder does not exist it will be created and populated properly. I can run ID on the Linux box for a user that has never logged into that box, and see the AD users PID, AD groups and GIDs, etc. I can also run Finger or getent passwd on them and see that the home folder matches what I would expect. It can be a b1tc4 to set up, but should work that naturally once you get it right.

The docs for SAMBA 4+ are very good, and that group is insanely helpful. (Comes from fighting with Microsoft 'standards' all day. Mere mortal problems like ours start to look so EASY!) ;-)

Thanks for the info. Once set up, it sounds like a nice environment to work in.