Get-QADMemberof

Retrieve group memberships of a particular object in Active Directory.

Syntax
      Get-QADMemberOf [-Identity] IdentityParameter [-Indirect]  
         [-SizeLimit Int32] [-LdapFilter String]
            ADProperties DateTimeOptions Advanced_Options
               [-IncludeAllProperties] [-SerializeValues] 
  
Key

   -identity    The Distinguished Name (DN), Canonical Name, GUID or, where applicable,
                the Domain\Name, UPN or SID of the object you wish to find. 

   -Indirect    Retrieve all groups to which the object belongs, (include inherited groups.)

   ADProperties Retrieve objects that match one or more of the properties below:
                [-Description String] [-Name String] [-DisplayName String]
                [-Anr String]  (ambiguous name resolution)

   DateTimeOptions
                Only return items matching a date range:
                [-CreatedOn DateTime] [-CreatedAfter DateTime] [-CreatedBefore DateTime]
                [-LastChangedOn DateTime] [-LastChangedAfter DateTime] [-LastChangedBefore DateTime]

   -SizeLimit   Maximum number of items to be returned (default=1000) 

   -LdapFilter  A case-sensitive LDAP search filter.
                If an Identity value is supplied this parameter will be ignored.

   -IncludeAllProperties
                Retrieve all attributes of the computer object

   -SerializeValues
                Output the object properties as a string (serialized) this makes it easy to
                export attribute values to a text file. When used with -IncludeAllProperties, 
                an entire object can be exported from AD into a text file.

   Advanced_Options:
                [-PageSize Int32] [-ObjectAttributes Object] [-WildcardMode WildcardMode]  
                [-DontConvertValuesToFriendlyRepresentation] [-ReturnPropertyNamesOnly]
                [-UseDefaultExcludedProperties] [-DontUseDefaultIncludedProperties] 
                [-UseDefaultExcludedPropertiesExcept String []] 
                [-IncludedProperties String[]] [-ExcludedProperties String[]]
                [-Proxy] [-Service String] [-UseGlobalCatalog] 
                [-ConnectionAccount String] [-ConnectionPassword SecureString]
                [-Credential PSCredential] [-Connection ArsConnection]

Notes:
By default Get-QADMemberof will connect to any available domain controller with the credentials of the locally logged on user, to connect to a specific domain controller using a specific account, either use the advanced options (-Proxy/-Service/-ConnectionAccount) or use the Connect-QADService cmdlet to make the connection.

Examples

Retrieve groups of which LiamJ is a direct member:

PS C:> Get-QADMemberOf 'ss64Dom\LiamJ'

Retrieve groups of which LiamJ is a direct or indirect member and whose group name starts with 'Admin'

PS C:> Get-QADMemberOf 'domainName\userName' -Indirect -Name 'Admin*'

“It is the friends you can call up at 4 a.m. that matter” - Marlene Dietrich

Related:

Get-QADGroupMember - Retrieve members of a group
Quest cmdlets
Syntax - Wildcards


Back to the Top

© Copyright SS64.com 1999-2013
Some rights reserved