The following code finds all groups a given Active Directory user is member of (including nested group memberships). The code requires the ActiveDirectory module.
#requires -Module ActiveDirectory function Get-NestedGroupMember { param ( [Parameter(Mandatory,ValueFromPipeline)] [string] $Identity ) process { $user = Get-ADUser -Identity $Identity $userdn = $user.DistinguishedName $strFilter = "(member:1.2.840.113556.1.4.1941:=$userdn)" Get-ADGroup -LDAPFilter $strFilter -ResultPageSize 1000 } }
To find group memberships, simply run Get-NestedGroupMember with the name of a user. The function accepts the same identity information that is accepted by Get-ADUser, so you can specify a SamAccountName, a SID, a GUID, or a distinguishedName.
Are you an experienced professional PowerShell user? Then learning from default course work isn’t your thing. Consider learning the tricks of the trade from one another! Meet the most creative and sophisticated fellow PowerShellers, along with Microsoft PowerShell team members and PowerShell inventor Jeffrey Snover. Attend this years’ PowerShell Conference EU, taking place April 17-20 in Hanover, Germany, for the leading edge. 35 international top speakers, 80 sessions, and security workshops are waiting for you, including two exciting evening events. The conference is limited to 300 delegates. More details at www.psconf.eu.
