Verifying whether a user is a member of the given group or not
Sometimes, there comes a need to check whether a user account is member of the particular AD group or not. If the group has no further groups in it, it is easy to verify it from either the user account's Memberof or Groups Members tab in ADUC. If the group has nested groups, it is difficult to go through each group and figure out whether the user account is member or not. The difficulty increases when you have multiple accounts to verify. The PowerShell function given in this section will simplify this task. It takes a single or list of usernames and checks whether they are members (including nested) of the given AD group. The output indicates the username, group name, and whether a user is a member or not:
Function Test-IsGroupMember { [CmdletBinding()] param( [Parameter(Mandatory=$true,Position=0)] [string[]]$UserName, [Parameter(Mandatory=$true,Position=1)] [string]$GroupName ) $GroupMembers = Get-ADGroupMember -Identity...