Hello,

i'm trying to write a script that checks several Security Groups if a user
is member of one of those.
But i cant find a way to enumerate the groups a user is a member of or what
users are member of a specific group.

i need somehing like this:
IF <User> is member of <Group> execute command1

final my script should look like this:
$Mailboxes = get-mailbox
foreach ($A in $Mailboxes) {
  IF $A is memberof Group1 execute cmd1
  ELSEIF $A is memberof Group2 execute cmd2
  ELSEIF $A is memberof Group3 execute cmd3
  ELSE execute cmd4

can someone help me please?

For domain users and groups, download Quest's cmdlets for active directory.
It's free, You can download it here:

http://www.quest.com/activeroles-server/arms.aspx

-----
Shay Levi
$cript Fanatic
http://scriptolog.blogspot.com
Hebrew weblog: http://blogs.microsoft.co.il/blogs/scriptfanatic

Are all of these groups mutually exclusive ie can a user only be a member of
1 of them??  Do you want to process for all users in a particular group?
--
Richard Siddaway
Please note that all scripts are supplied "as is" and with no warranty
Blog: http://richardsiddaway.spaces.live.com/
PowerShell User Group: http://www.get-psuguk.org.uk

Perhaps this will help (assuming you dont want to install the Quest cmdlets)

found here: http://bsonposh.com/modules/wordpress/?page_id=22

For local Groups
---------------
function Get-GroupMember{
    # From: Brandon Shell (bsonposh.com)
    # Example:
    # -- To List Users of a group
    # PS> Get-GroupMembers -group Administrators -server  myserver1
    # -- To Check if User is member of Group
    # PS> Get-GroupMembers -group Administrators -server myserver -user jsmith
    #################################################################
    Param([string]$group,[string]$server,[string]$user)

    # Check if $server has value. If not set to Local Host Name
    If(!($server)){$server = get-content env:COMPUTERNAME}

    # Getting Group Object
    $g = [ADSI]("WinNT://$server/$group,group")

    # Getting Member User Names
    $ulist = $g.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name",
'GetProperty', $null, $_, $null)}

    # If User is specified we check each member for match
    if($user){
        foreach($u in $ulist){
            if($u -eq $user){$found = $true}
        }
        if($found){Write-Host "User [$user] Found" -ForegroundColor green;$true}
        else{Write-Host "User [$user] NOT found!" -ForegroundColor red;$false}
    }
    else{ # No user specified... Output Member list
        $ulist
    }

For Domain Groups
------------------
function Get-ADGroupMember{
    # From: Brandon Shell (bsonposh.com)
    # Example:
    # -- To List Users of a group
    # PS> Get-GroupMembers -group Administrators -server  myserver1
    # -- To Check if User is member of Group
    # PS> Get-GroupMembers -group Administrators -server myserver -user jsmith
    #################################################################
    Param([string]$group,[string]$server,[string]$user)

    # Check if $server has value. If not set to Local Host Name
    If(!($server)){$server = ([ADSI]"").DC}

    # Getting Group Object
    $g = [ADSI]("WinNT://$server/$group,group")

    # Getting Member User Names
    $ulist = $g.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name",
'GetProperty', $null, $_, $null)}

    # If User is specified we check each member for match
    if($user){
        foreach($u in $ulist){
            if($u -eq $user){$found = $true}
        }
        if($found){Write-Host "User [$user] Found" -ForegroundColor green;$true}
        else{Write-Host "User [$user] NOT found!" -ForegroundColor red;$false}
    }
    else{ # No user specified... Output Member list
        $ulist
    }

Brandon Shell
---------------
Blog: http://www.bsonposh.com/
PSH Scripts Project:  www.codeplex.com/psobject

T> Hello,
T>
T> i'm trying to write a script that checks several Security Groups if a
T> user
T> is member of one of those.
T> But i cant find a way to enumerate the groups a user is a member of
T> or what
T> users are member of a specific group.
T> i need somehing like this:
T> IF <User> is member of <Group> execute command1
T> final my script should look like this:
T> $Mailboxes = get-mailbox
T> foreach ($A in $Mailboxes) {
T> IF $A is memberof Group1 execute cmd1
T> ELSEIF $A is memberof Group2 execute cmd2
T> ELSEIF $A is memberof Group3 execute cmd3
T> ELSE execute cmd4
T> can someone help me please?
T>