A good friend called up today.
“Sean, my Favorite MVP!”
… He was buttering me up, this was going to be a tricky one.
“I need a script quick in Powershell to show me what Group Memberships a user holds in Active Directory and I need it NOW!”
When he says “NOW!” it’s that kind of “NOW!”
So a quick look at all the available properties of GET-ADUSER
GET-ADUSER –identity Joe.Schmoe –Properties * | GET-MEMBER
Shows a simple property called “MemberOf”. Seems a little too easy.
GET-ADUSER –Identity Joe.Schmoe –Properties MemberOf | Select-Object MemberOf
Pulls down the answer. I am about to leap out of my chair when I see it’s a Data Set, you know { gibberish, gibberish, jibbledyduff, cantexportthisstuff }
But that actually isn’t a problem. Running a “GET-MEMBER” against the results like this
GET-ADUSER –Identity Joe.Schmoe –Properties MemberOf | Select-Object MemberOf | GET-MEMBER
shows me (ironically) another property attached to MemberOf called…… Wait wait, are you ready? ---- MemberOf
So quickly keying in that to pull down the property.
(GET-ADUSER –Identity Joe.Schmoe –Properties MemberOf | Select-Object MemberOf).MemberOf
Voila! We have our list of GroupMemberships for Mr. Schmoe
Incidentally, if you’d like to use the Quest Commandlets, it’s IDENTICAL!
(GET-QADUSER –Identity Joe.Schmoe –Properties MemberOf | Select-Object MemberOf).MemberOf
Now would you like this as a function?
here you go!
Function global:GET-ADUSERMEMBERSHIP ( $Identity ) {
(GET-ADUSER –Identity $Identity –Properties MemberOf | Select-Object MemberOf).MemberOf
}
And you’re ready for dinner. Plug in the identity any time now!
Remember, the Power of Shell is in YOU
Sean
the Energized Tech
Leave a comment