How to find out: Domain Administrator or Not?

Question 1

I have an account e.g. (MyDomain\User1) which has ONLY an access to a VM that has Windows Server 2008 R2 installed and nothing else.

I have no access at all to the Active Directory (AD) nor the Dmain Controller (DC).

How can I tell if this particular account (MyDomain\User1) is a Domain Administrator or not? Is there any Windows PowerShell command for that?

Thanks you !

Question 2

Easy, just check the current user for membership in the domain admins group.

$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$WindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($CurrentUser)

if($WindowsPrincipal.IsInRole("Domain Admins"))
{
    Write-Host "Currently running as a Domain Admin"
}
else
{
   Write-Host "Keep dreaming, you're not a Domain Admin."
}

1

2

3

4

5

6

7

8

9

10

11

12

$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()

$WindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($CurrentUser)

if($WindowsPrincipal.IsInRole("Domain Admins"))

{

Write-Host "Currently running as a Domain Admin"

}

else

{

Write-Host "Keep dreaming, you're not a Domain Admin."

}

How to find out: Domain Administrator or Not?

Question:

Answer:

Source:

How to find out: Domain Administrator or Not? by stackoverflow.com licensed under CC BY-SA | With most appropriate answer!

Leave a Reply Cancel reply