The ActiveDirectory module (part of the free RSAT tools) provides a number of AD cmdlets. One of these can dump all direct group memberships, for example:
PS> Get-ADPrincipalGroupMembership -Identity $env:username
However, the cmdlet cannot list indirect group memberships, and it also has a bug: in some scenarios, it simply reports an „Unknown Error“.
Here is a simple alternative dumping all group memberships (including indirect memberships):
function Get-NestedGroupMember { param ( [Parameter(Mandatory,ValueFromPipeline)] [string] $Identity ) process { $user = Get-ADUser -Identity $Identity $userdn = $user.DistinguishedName $strFilter = "(member:1.2.840.113556.1.4.1941:=$userdn)" Get-ADGroup -LDAPFilter $strFilter -ResultPageSize 1000 } } Get-NestedGroupMember -Identity $env:username | Select-Object -Property Name, DistinguishedName
