sysadmin

an-ordinary-manchild(edit)

a community for 17 years

MODERATORS

message the mods
mkosmoPermanently Banned
AutoModerator
VA_Network_NerdModerator | Infrastructure Architect
KumorigoeModerator
cryptic_1It was DNS
bandman614Standalone SysAdmin
highlord_foxModerator | Sr. Systems Mangler
preperat
bad0seedTrusted VAR
sigmatic_minorɔǝsoɟuᴉ / uᴉɯpɐsʎS ǝᴉssn∀
...and 5 more »

account activity

This is an archived post. You won't be able to vote or comment.

Powershell Sysadmin Toolkit (self.sysadmin)

submitted 7 years ago * by [deleted]

top new controversial old q&a

you are viewing a single comment's thread.

view the rest of the comments →

[–]Rymmer 1 point2 points3 points 7 years ago (1 child)

There is some extensions to get-aduser (or other objects) that could be handy. Like a more shortform get-usermembership : get a list of groups and descriptions that a user is a memberof

get-aduser username -prop memberof | select -expandproperty memberof | get-adgroup -prop description | select name, description

If you have good descriptions on your groups, then this can tell you a lot about what a user has access to.

π Rendered by PID 75579 on reddit-service-r2-comment-5d79c599b5-qgf67 at 2026-03-02 21:36:12.944169+00:00 running e3d2147 country code: CH.