Get groupmembership of a user
ThorstenK
i'm trying to write a script that checks several Security Groups if a user
is member of one of those.
But i cant find a way to enumerate the groups a user is a member of or what
users are member of a specific group.
i need somehing like this:
IF <User> is member of <Group> execute command1
final my script should look like this:
$Mailboxes = get-mailbox
foreach ($A in $Mailboxes) {
IF $A is memberof Group1 execute cmd1
ELSEIF $A is memberof Group2 execute cmd2
ELSEIF $A is memberof Group3 execute cmd3
ELSE execute cmd4
can someone help me please?
Shay Levi
It's free, You can download it here:
http://www.quest.com/activeroles-server/arms.aspx
-----
Shay Levi
$cript Fanatic
http://scriptolog.blogspot.com
Hebrew weblog: http://blogs.microsoft.co.il/blogs/scriptfanatic
RichS
1 of them?? Do you want to process for all users in a particular group?
--
Richard Siddaway
Please note that all scripts are supplied "as is" and with no warranty
Blog: http://richardsiddaway.spaces.live.com/
PowerShell User Group: http://www.get-psuguk.org.uk
Brandon Shell [MVP]
found here: http://bsonposh.com/modules/wordpress/?page_id=22
For local Groups
---------------
function Get-GroupMember{
# From: Brandon Shell (bsonposh.com)
# Example:
# -- To List Users of a group
# PS> Get-GroupMembers -group Administrators -server myserver1
# -- To Check if User is member of Group
# PS> Get-GroupMembers -group Administrators -server myserver -user jsmith
#################################################################
Param([string]$group,[string]$server,[string]$user)
# Check if $server has value. If not set to Local Host Name
If(!($server)){$server = get-content env:COMPUTERNAME}
# Getting Group Object
$g = [ADSI]("WinNT://$server/$group,group")
# Getting Member User Names
$ulist = $g.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name",
'GetProperty', $null, $_, $null)}
# If User is specified we check each member for match
if($user){
foreach($u in $ulist){
if($u -eq $user){$found = $true}
}
if($found){Write-Host "User [$user] Found" -ForegroundColor green;$true}
else{Write-Host "User [$user] NOT found!" -ForegroundColor red;$false}
}
else{ # No user specified... Output Member list
$ulist
}
}
For Domain Groups
------------------
function Get-ADGroupMember{
# From: Brandon Shell (bsonposh.com)
# Example:
# -- To List Users of a group
# PS> Get-GroupMembers -group Administrators -server myserver1
# -- To Check if User is member of Group
# PS> Get-GroupMembers -group Administrators -server myserver -user jsmith
#################################################################
Param([string]$group,[string]$server,[string]$user)
# Check if $server has value. If not set to Local Host Name
If(!($server)){$server = ([ADSI]"").DC}
# Getting Group Object
$g = [ADSI]("WinNT://$server/$group,group")
# Getting Member User Names
$ulist = $g.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name",
'GetProperty', $null, $_, $null)}
# If User is specified we check each member for match
if($user){
foreach($u in $ulist){
if($u -eq $user){$found = $true}
}
if($found){Write-Host "User [$user] Found" -ForegroundColor green;$true}
else{Write-Host "User [$user] NOT found!" -ForegroundColor red;$false}
}
else{ # No user specified... Output Member list
$ulist
}
}
Brandon Shell
---------------
Blog: http://www.bsonposh.com/
PSH Scripts Project: www.codeplex.com/psobject
T> Hello,
T>
T> i'm trying to write a script that checks several Security Groups if a
T> user
T> is member of one of those.
T> But i cant find a way to enumerate the groups a user is a member of
T> or what
T> users are member of a specific group.
T> i need somehing like this:
T> IF <User> is member of <Group> execute command1
T> final my script should look like this:
T> $Mailboxes = get-mailbox
T> foreach ($A in $Mailboxes) {
T> IF $A is memberof Group1 execute cmd1
T> ELSEIF $A is memberof Group2 execute cmd2
T> ELSEIF $A is memberof Group3 execute cmd3
T> ELSE execute cmd4
T> can someone help me please?
T>