Every once in awhile I need to run a script against the domain membership of a user that logs on. It’s great for having a printer get installed for a certain group of users, putting certain shortcuts on users desktops, to displaying a message to only specific groups. The little snippet of code below has served me very well.
1 2 3 4 5 6 7 8 9 | $user_domain_mem = ([ADSISEARCHER]"samaccountname=$($env:USERNAME)").Findone().Properties.memberof if ($user_domain_mem.Contains("InsertDomainGroupHere")) { Write-Host "TRUE" # What ever you're trying to do goes here. } else { Write-Host "FALSE" #If the group is not found do something else. } |
It works for admin and non-admin users alike!
By day, I’m a systems admin for a medium size company in the Pacific Northwest.
By night, I’m a blogger, gamer, and all around general nerd.
If you found one of my articles useful, please consider supporting this site!
Monero: 48PxwMvbwoB2M86sHespLBKcSL9cWxrnJDmga9XshSqRP1joykRNpKkDGUz4ohhxD1bMH92poMyZWBBqkPmQ2bHpLP4EDnz
Bitcoin: bc1qc0fyze8x9lxp42x5p3zpry6f0lsr6l5pgq4jkh
Ethereum: 0xc613cBc79Ea4a84AE5538ec3321E214363305121