Find out which groups a user belongs to in PowerShell (MEMBEROF)

Recently, a customer needs to see which groups are under the security group for which they serve.

In fact, the security group that he is querying is cross-domain and directly in the case of cross-domain is directly viewing the MemberOf property is empty

Because of the lack of familiarity with PowerShell commands, the following script has been written to solve this problem temporarily, but. Ultra-low efficiency.

I met my colleague today and he finished it with an order. But there are limitations, if interested, we can discuss together.

I'm here to post the code I wrote:

$groups =get-adgroup-filter ' Groupcategory-eq "Security"-and groupscope-eq "domainlocal" | Select Samaccountname-expandproperty sAMAccountName

foreach ($group in $groups)

{

Try

{

$members =get-adgroupmember-identity $group

}

catch [System.Exception]

{

Write-host "The Error Group name is $group"-foregroundcolor Red

}

foreach ($m in $members)

{

if ($m. Samaccountname-like "*dest_sg_name*")

{

Write-host $group

}

}

}

Colleague's code:

Get-adprincipalgroupmembership smtpazure

The limitation is that get-adprincipalgroupmembership currently I test can only get the memberof attribute within the domain. And can not meet the requirements, if there are other ways to get cross-domain memberof properties, please help to achieve together, thank you!

This article is from the "Richier" blog, make sure to keep this source http://richier.blog.51cto.com/1447532/1629757

Find out which groups a user belongs to in PowerShell (MEMBEROF)