I have a AD hosted on 2003R2 and 2008R2, I would like to check the membership for the domain computer (e.g. compA) when an user logs on using that computer (e.g. compA) and perform certain operations inside a script. I think WMI could probably be useful but I am unable to find the proper query to get the list of groups of the computer account in question. Any idea?
Asked
Active
Viewed 4,648 times
2 Answers
1
Get-WmiObject win32_ComputerSystem | Format-List DomainRole
0"Stand Alone Workstation"
1"Member Workstation"
2"Stand Alone Server"
3"Member Server"
4"Back-up Domain Controller"
5"Primary Domain Controller"
Raj J
- 677
- 4
- 7
-
Thank you for your input, but I do not need the roles for that machine and instead I want to get a list of groups (domain local group) associated with that machine. – William Apr 18 '12 at 01:20
1
Here's a script that I've modified from this site. I haven't tested the code, but it looks sound.
Option Explicit
Dim objNetwork, strDomain, strComputer, objComputer, objGroup, strGroupMemberships
Dim arrGroupMemberships
' Get the domain and username from the WScript.Network object
Set objNetwork = CreateObject("WScript.Network")
strDomain = objNetwork.UserDomain
strComputer = objNetwork.ComputerName
' Instanciate the user object from the data above
Set objComputer = GetObject("WinNT://" & strDomain & "/" & strComputer)
' Run through the users groups and put them in the string
For Each objGroup In objComputer.Groups
strGroupMemberships = strGroupMemberships & objGroup.Name & ","
Next
arrGroupMemberships = Split(strGroupMemberships, ",")
' Loop through array to get groups that this computer is a member of
This should get you going in the right direction if you haven't solved it by now.
Jay Adams
- 306
- 1
- 5