Differences

This shows you the differences between two versions of the page.

--- active_directory [2019/09/03 02:01] – stephen
+++ active_directory [2021/04/06 09:01] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Active Directory ======
+===== Basic Account Check =====
+<code powershell>
+net user username /domain
+</code>
 ===== Get Group Membership =====
+To get just the top level groups:
+<code powershell>
+Get-ADPrincipalGroupMembership -Identity $env:username | Select name, GroupCategory, GroupScope, distinguishedName
+Get-ADPrincipalGroupMembership -Identity 'username' | Select name, GroupCategory, GroupScope, distinguishedName
+</code>
+To get **all** groups:
+<code>
+whoami /groups
+whoami /groups | out-file group.txt
+</code>
+===== Get Group Membership - Alternatives =====
 This generates a whole heap of crap - the security groups are at the end. This also seems to recurse down the groups or something - it lists more groups than the other options.
 <code>
 gpresult /R
-</code>
-Try this:
-<code powershell>
-Get-ADPrincipalGroupMembership -Identity $env:username | Select name
-Get-ADPrincipalGroupMembership -Identity 'username' | Select name
 </code>
@@ Line 28: / Line 42: @@
 <code powershell>
 (New-Object System.DirectoryServices.DirectorySearcher("(&(objectCategory=User)(samAccountName=$($env:username)))")).FindOne().GetDirectoryEntry().memberOf
+</code>
+===== Get Local Admins =====
+<code>
+net localgroup administrators
+</code>
+===== Get Members of a Group =====
+<code powershell>
+Get-ADGroupMember "X3 NZ Provoke Developers" -Recursive
 </code>