Retrieve group memberships of a particular object in Active Directory.

      Get-QADMemberOf [-Identity] IdentityParameter [-Indirect]  
         [-SizeLimit Int32] [-LdapFilter String]
            ADProperties DateTimeOptions Advanced_Options
               [-IncludeAllProperties] [-SerializeValues] 

   -identity    The Distinguished Name (DN), Canonical Name, GUID or, where applicable,
                the Domain\Name, UPN or SID of the object you wish to find. 

   -Indirect    Retrieve all groups to which the object belongs, (include inherited groups.)

   ADProperties Retrieve objects that match one or more of the properties below:
                [-Description String] [-Name String] [-DisplayName String]
                [-Anr String]  (ambiguous name resolution)

                Only return items matching a date range:
                [-CreatedOn DateTime] [-CreatedAfter DateTime] [-CreatedBefore DateTime]
                [-LastChangedOn DateTime] [-LastChangedAfter DateTime] [-LastChangedBefore DateTime]

   -SizeLimit   Maximum number of items to be returned (default=1000) 

   -LdapFilter  A case-sensitive LDAP search filter.
If an Identity value is supplied this parameter will be ignored. -IncludeAllProperties Retrieve all attributes of the computer object -SerializeValues Output the object properties as a string (serialized) this makes it easy to export attribute values to a text file. When used with -IncludeAllProperties,
an entire object can be exported from AD into a text file. Advanced_Options: [-PageSize Int32] [-ObjectAttributes Object] [-WildcardMode WildcardMode] [-DontConvertValuesToFriendlyRepresentation] [-ReturnPropertyNamesOnly] [-UseDefaultExcludedProperties] [-DontUseDefaultIncludedProperties] [-UseDefaultExcludedPropertiesExcept String []] [-IncludedProperties String[]] [-ExcludedProperties String[]] [-Proxy] [-Service String] [-UseGlobalCatalog] [-ConnectionAccount String] [-ConnectionPassword SecureString] [-Credential PSCredential] [-Connection ArsConnection]

By default Get-QADMemberof will connect to any available domain controller with the credentials of the locally logged on user, to connect to a specific domain controller using a specific account, either use the advanced options (-Proxy/-Service/-ConnectionAccount) or use the Connect-QADService cmdlet to make the connection.


Retrieve groups of which LiamJ is a direct member:

PS C:> Get-QADMemberOf 'ss64Dom\LiamJ'

Retrieve groups of which LiamJ is a direct or indirect member and whose group name starts with 'Admin'

PS C:> Get-QADMemberOf 'domainName\userName' -Indirect -Name 'Admin*'

“It is the friends you can call up at 4 a.m. that matter” - Marlene Dietrich


Get-QADGroupMember - Retrieve members of a group
Quest cmdlets
Syntax - Wildcards

Copyright © 1999-2017
Some rights reserved