...Because someone's gotta tell the story...


To return to the main Blog List, click Full Blog Listing.


Domain Controller
Site Updates

Powershell: Current user's Group Mambership

Thursday, March 28, 2013 in Powershell (Views: 2619)
Let's start off nice and easy here with a simple PowerShell that checks group membership for the currently logged in user. One of the benefits to the command is the few lines of code PowerShell takes versus the many lines of code VBScript would take to do the same thing:

$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$WindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($CurrentUser)

if($WindowsPrincipal.IsInRole(“Domain Admins”))
{write-host $CurrentUser.Name is a member of group}
{Write-Host $CurrentUser.Name is not a member}

That's it. This sample script just checks to see if the current user is a Domain Admin. You can take action other than reporting it of course, but that's another blog. Do keep in mind, the more groups you put into this script, the more load on the domain controllers. So, exercise with care - for a few users, no big deal, for thousands, another story.


Related Blogs You May Be Interested In:

To leave a comment, please log in and/or register.