Archive

Archive for the ‘Active Directory’ Category

Group Membership – Nested Groups

April 22nd, 2010 Comments off

In addition to the article Ben wrote on April 7th, 2010, I would like to add that there is another “Group Membership” property available to a user-object when you are using the Quest AD Tools:

NestedMemberOf

This property lists all the indirect group memberships. If you want to retrieve all the groups the user is part of (directly and indirectly) this code will help you achieve that:

$sUser = get-qaduser -samaccountname <username>

$UsrGrps = $sUser.MemberOf

$UsrGrps += $sUser.NestedMemberOf

$UsrGrps

Categories: Active Directory Tags:

Enumerate user memberships with Powershell

April 7th, 2010 Comments off

Enumerating user memberships is a common task to perform.  Unlike other scripting languages, with Powershell it’s a one-line action.

First download/install Quest AD Tools, and add them:

add-pssnapin quest.activeroles.admanagement

I use a semicolon to combine two Powershell commands:

$sUser = get-qaduser -samaccountname <username>; $sUser.MemberOf

Categories: Active Directory Tags: , , ,