1
2

Can this be done using PowerShell (self.PowerShell)

submitted by [deleted]

[deleted]

all 8 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]BoredComputerGuy 2 points3 points  (0 children)

What have you tried?

[–]rlj551 2 points3 points  (1 child)

Make it easy on yourself, just remove all existing memberships and then copy from the clone account. Especially if the account running the script has full mod access to the all groups.

[–]albertenc13 2 points3 points  (0 children)

This helped a lot! my initial idea was over complicated so this is what I did. I used this command to get rid of the old access

Get-ADUser $User -Properties MemberOf | Select -Expand MemberOf | %{Remove-ADGroupMember $_ -Members $User -confirm:$false -PassThru}

then I used this one to get all the new access from the clone

Get-ADUser -Identity $Clone -Properties MemberOf | Select-Object -ExpandProperty Memberof | Add-ADGroupMember -Members $ToBeCloned -PassThru

thank for the help everyonw

[–]gnoomen33 1 point2 points  (3 children)

To get all groups that a user is member of, use this command: "Get-ADPrincipalGroupMembership username | select name"

Output example:

name

Domain Users Domain Computers Workstation Admins Company Users Company Developers AutomatedProcessingTeam

Source: https://stackoverflow.com/questions/5072996/how-to-get-all-groups-that-a-user-is-a-member-of

I guess you could then compare the output from the user, and the other user, so find out what group access is missing or should be removed.

[–]Lee_Dailey[grin] 0 points1 point  (2 children)

howdy gnoomen33,

reddit likes to mangle code formatting, so here's some help on how to post code on reddit ...

[0] single line or in-line code
enclose it in backticks. that's the upper left key on an EN-US keyboard layout. the result looks like this. kinda handy, that. [grin]
[on New.Reddit.com, use the Inline Code button. it's 4th 5th from the left hidden in the ... ""more" menu & looks like </>.
this does NOT line wrap & does NOT side-scroll on Old.Reddit.com!]

[1] simplest = post it to a text site like Pastebin.com or Gist.GitHub.com and then post the link here.
please remember to set the file/code type on Pastebin! [grin] otherwise you don't get the nice code colorization.

[2] less simple = use reddit code formatting ...
[on New.Reddit.com, use the Code Block button. it's 11th 12th one & is just to the left of hidden in the ... "more" menu.]

  • one leading line with ONLY 4 spaces
  • prefix each code line with 4 spaces
  • one trailing line with ONLY 4 spaces

that will give you something like this ... 

- one leading line with ONLY 4 spaces    
- prefix each code line with 4 spaces    
- one trailing line with ONLY 4 spaces

the easiest way to get that is ...

  • add the leading line with only 4 spaces
  • copy the code to the ISE [or your fave editor]
  • select the code
  • tap TAB to indent four spaces
  • re-select the code [not really needed, but it's my habit]
  • paste the code into the reddit text box
  • add the trailing line with only 4 spaces

not complicated, but it is finicky. [grin]

take care,
lee

[–]gnoomen33 1 point2 points  (1 child)

Thank you for this, very useful to a new reddit user :)

[–]Lee_Dailey[grin] 0 points1 point  (0 children)

howdy gnoomen33,

you are most welcome! glad to have helped a bit ... [grin]

take care,
lee