Display AD Membership of a User and their Computer
I created a shortcut to the below script on desktop computers in the organisation. The script is designed to be executed by a normal user and it will list the AD membership of their currently logged on AD user account, and the membership of the computer that they are logged on to.Create a bat file with the below contents, pointing it to your PowerShell script.
@ powershell -file \\Servername\Tools\membership.ps1
Create a PowerShell script with the below contents. Note, users will need the PowerShell AD module installed on their PC.
Import-Module activedirectory
$computer = Get-ChildItem env:COMPUTERNAME | select-object -expandproperty value
$user = Get-ChildItem env:USERNAME | select-object -expandproperty value
Write-Host "Please see below the group membership of your AD user account:"
Get-ADPrincipalGroupMembership -identity $user | select-object -property "name","groupcategory" | sort-object -property "groupcategory" | Format-Table -Autosize
Write-Host "Please see below the group membership of your current computer:"
Get-ADComputer -identity $computer | Get-ADPrincipalGroupMembership | select-object -property "name" | Format-Table -Autosize
Write-Host "If you have any queries regarding the above information please contact the Service Desk."
TIMEOUT /T -1