Question:
Using the following Powershell snippet I get the names of the group memberships for the current user:
|
1 2 3 4 5 |
$groups = [System.Security.Principal.WindowsIdentity]::GetCurrent().Groups foreach($i in $groups){ $i.Translate([System.Security.Principal.NTAccount]).value } |
How can I modify this such I can supply the user account name as parameter?
Thanks,
Uwe
Answer:
If you have access to the ActiveDirectory module, I’d suggest you use Get-ADUser. In case you can’t use that module, you could use the System.DirectoryServices.AccountManagement assembly:
|
1 2 3 4 5 6 7 8 9 |
Add-Type -AssemblyName System.DirectoryServices.AccountManagement $username = read-host -prompt "Enter a username" $ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain $user = [System.DirectoryServices.AccountManagement.UserPrincipal]::FindByIdentity($ct, $username) $groups = $user.GetGroups() foreach($i in $groups){ $i.SamAccountName } |