Domain Memberships via ADSISEARCHER

Every once in awhile I need to run a script against the domain membership of a user that logs on. It’s great for having a printer get installed for a certain group of users, putting certain shortcuts on users desktops, to displaying a message to only specific groups. The little snippet of code below has served me very well.

1
2
3
4
5
6
7
8
9
$user_domain_mem = ([ADSISEARCHER]"samaccountname=$($env:USERNAME)").Findone().Properties.memberof
if ($user_domain_mem.Contains("InsertDomainGroupHere"))
{
	Write-Host "TRUE" # What ever you're trying to do goes here.
}
else
{
	Write-Host "FALSE" #If the group is not found do something else. 
}

It works for admin and non-admin users alike!

Leave a Reply

Your email address will not be published. Required fields are marked *