widsnet.com
11Jul/120

List memberOf for an account

This script returns all groups that an account is a member of in Active Directory. User or computer. The argument -Recursive lists... all recursive groups, suprise.

function Get-ADGroups {
    Param(
        [parameter(Mandatory = $true)][string]$Account,
        [switch]$Recursive
    )
    Add-Type -AssemblyName System.DirectoryServices.AccountManagement
    $ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain
    $AccountObject = [System.DirectoryServices.AccountManagement.Principal]::FindByIdentity($ct,$Account)
    If ($Recursive) {
        Return $AccountObject.GetAuthorizationGroups()
    }
    else {
        Return $AccountObject.GetGroups()
    }
}
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.