Get list of AD groups a user is a member of

Solution 1:

Or with the net user command...

net user /domain username

Solution 2:

Single line, no modules necessary, uses current logged user $($env:username), runs from other windows machines:

(New-Object System.DirectoryServices.DirectorySearcher("(&(objectCategory=User)(samAccountName=$($env:username)))")).FindOne().GetDirectoryEntry().memberOf

Qudos to this vbs/powershell article: http://technet.microsoft.com/en-us/library/ff730963.aspx

---

Solution 3:

You can do this in PowerShell pretty easily. I'm sure you can do it with the ds tools too, but they're old and crusty and PowerShell should be used for everything possible nowadays.

Import-Module ActiveDirectory
(Get-ADUser userName –Properties MemberOf | Select-Object MemberOf).MemberOf

Shorter version

(Get-ADUser userName –Properties MemberOf).MemberOf

---

Solution 4:

Found a good resource:

http://social.technet.microsoft.com/wiki/contents/articles/2195.active-directory-dsquery-commands.aspx

Here's how to do it from Windows command prompt:

dsquery user -samid jxd123 | dsget user -memberof | dsget group -samid

---

Solution 5:

If you need to see your own groups, there's whoami /groups:

Displays the user groups to which the current user belongs.

The advantage of this command over net user /domain username is that implicit group memberships are also displayed with whoami.