Active DirectoryPowerShell

How to Get AD User’s Group Membership


To Get User’s security group membership

Run below command:

Get-ADPrincipalGroupMembership -Identity user  | where {$_.groupCategory -eq 'Security'} |  add-adgroupmember -members USER

To get all groups that a user is a member of

Run below command:

Get-ADPrincipalGroupMembership username | select name

Name
----
Domain Users
Domain Computers
Workstation Admins
Company Users
Company Developers
AutomatedProcessingTeam

Another command to get a list of groups that a user is a member of

$User = Get-ADUser -Identity trevor -Properties *;
$GroupMembership = ($user.memberof | % { (Get-ADGroup $_).Name; }) -join ';';
# Result:Orchestrator Users Group;ConfigMgr Administrators;Service Manager Admins;Domain Admins;Schema Admins

If above commands didn’t work try this one this is clean and put in CSV

Import-Module ActiveDirectory
$Groups = (Get-AdGroup -filter * | Where {$_.name -like "**"} | select name -expandproperty name)
$Table = @()
$Record = [ordered]@{"Group Name" = """Name" = """Username" = ""}
Foreach ($Group in $Groups){
$Arrayofmembers = Get-ADGroupMember -identity $Group | select name,samaccountname
foreach ($Member in $Arrayofmembers){
$Record."Group Name" = $Group
$Record."Name" = $Member.name
$Record."UserName" = $Member.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord
}
}
$Table | export-csv "C:\temp\SecurityGroups.csv" -NoTypeInformation

Without modules, for current logged user

(New-Object System.DirectoryServices.DirectorySearcher("(&(objectCategory=User)(samAccountName=$($env:username)))")).FindOne().GetDirectoryEntry().memberOf

Leave a Reply

Your email address will not be published. Required fields are marked *