Detect if the Current User is a Member of a Specified AD Group

This script will detect if the current user is a member of a specified AD Group using the [adsiSearcher] type accelerator:

#remember that this is used as a regular expression (using -match), so escape any brackets etc with a back slash
$ADGroup = "Example_AD_Group"
$machineName = "AlkaneMachine"

#check if computeris a member of the group
$ADGroupCount = (([ADSISearcher] "(&(objectCategory=computer)(objectClass=computer)(cn=$machineName))").FindOne().Properties.memberof -match "CN=$ADGroup,").count

if ($ADGroupCount -gt 0)
{
    #computer is a member - do something!
}

 

Detect if a Computer is a Member of a Specified AD Group
Comments have now been disabled. If you have a question to ask about this post please ask the community!