Advertisement
if A user is in domain B and user is a member of groups in domain A.how to get all groups the user is a member of?<\/p>","upvoteCount":7,"answerCount":11,"datePublished":"2020-02-19T08:51:47.000Z","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"},"acceptedAnswer":{"@type":"Answer","text":"
$Groups = Get-ADGroup -Properties * -Filter * -SearchBase “DC=DomainA,DC=com”
\nForeach($G In $Groups)
\n{
\nif($g.members -contains “CN=UserSID,CN=ForeignSecurityPrincipals,DC=DomainA,DC=com”)
\n{
\nWrite-Host $G.Name
\n}
\n}<\/p>","upvoteCount":0,"datePublished":"2020-02-19T15:47:57.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/11","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"}},"suggestedAnswer":[{"@type":"Answer","text":"
if A user is in domain B and user is a member of groups in domain A.how to get all groups the user is a member of?<\/p>","upvoteCount":7,"datePublished":"2020-02-19T08:51:47.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/1","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"}},{"@type":"Answer","text":"
Is this a homework question?<\/p>","upvoteCount":0,"datePublished":"2020-02-19T08:59:03.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/2","author":{"@type":"Person","name":"Gary-D-Williams","url":"https://community.spiceworks.com/u/Gary-D-Williams"}},{"@type":"Answer","text":"
No it is not a homework question<\/p>","upvoteCount":0,"datePublished":"2020-02-19T09:07:47.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/3","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"}},{"@type":"Answer","text":"
When I enter this command (get-aduser -Server domainBcontroller -Identity username -Credential $p -Properties MemberOf).memberof. I am getting domain B groups only.<\/p>","upvoteCount":0,"datePublished":"2020-02-19T09:11:43.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/4","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"}},{"@type":"Answer","text":"
You will because domainb only knows about the groups on that domain. You’ll need to run the query on both domains.<\/p>","upvoteCount":1,"datePublished":"2020-02-19T09:15:57.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/5","author":{"@type":"Person","name":"Gary-D-Williams","url":"https://community.spiceworks.com/u/Gary-D-Williams"}},{"@type":"Answer","text":"
Combine them then ouput the combined variable.<\/p>\n
$user = get-aduser -Server domainBcontroller -Identity username -Credential $p -Properties MemberOf).memberof\n$user += get-aduser -Server domainAcontroller -Identity username -Credential $p -Properties MemberOf).memberof\n\nwrite-host $user\n<\/code><\/pre>","upvoteCount":0,"datePublished":"2020-02-19T09:17:21.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/6","author":{"@type":"Person","name":"jrp78","url":"https://community.spiceworks.com/u/jrp78"}},{"@type":"Answer","text":"I am getting below error when running get-aduser -Server domainAcontroller -Identity username -Credential $p -Properties MemberOf).memberof<\/p>\n
get-aduser : Cannot find an object with identity: ‘user’ under: ‘DomainA’.<\/p>\n
User is in domain B.<\/p>","upvoteCount":0,"datePublished":"2020-02-19T09:26:57.000Z","url":"https://community.spiceworks.com/t/how-to-get-all-groups-a-user-is-member-of/751905/7","author":{"@type":"Person","name":"prathip","url":"https://community.spiceworks.com/u/prathip"}},{"@type":"Answer","text":"
Oh, I thought the user was in DomainA. According to this, if there is a domain trust, you should already see all the groups in the user’s memberOf of DomainB.<\/p>\n