Every once in awhile I need to run a script against the domain membership of a user that logs on. It’s great for having a printer get installed for a certain group of users, putting certain shortcuts on users desktops, to displaying a message to only specific groups. The little snippet of code below has served me very well.
1 2 3 4 5 6 7 8 9 | $user_domain_mem = ([ADSISEARCHER]"samaccountname=$($env:USERNAME)").Findone().Properties.memberof if ($user_domain_mem.Contains("InsertDomainGroupHere")) { Write-Host "TRUE" # What ever you're trying to do goes here. } else { Write-Host "FALSE" #If the group is not found do something else. } |
It works for admin and non-admin users alike!
By day, I’m a systems admin for a medium size company in the Pacific Northwest.
By night, I’m a blogger, gamer, and all around general nerd.