This function uses [ADSI] to test group membership based on the constructed security token of the principal. You can pipe objects to this function. The function writes $true or $false for each tested object.

This function makes use of Richard Muellers “PowerShell script to check group membership”. Check the related link.

Inputs

[Microsoft.ActiveDirectory.Management.ADAccount] You can pipe an ADAccount object, such as returned by Get-AdUser or Get-AdComputer, to Test-GroupMembership.

Outputs

[bool] Test-GroupMembership returns $true or $false for each tested account.

Example 1

Get-AdUser -Filter * | Test-GroupMemership -GroupName "Domain Users"

This example gets users from Active Directory and tests wether or not they are member of the “Domain Users” security group.

Example 2

Get-AdComputer -Filter * | Test-GroupMemership -GroupName "Domain Computers"

This example gets computers from Active Directory and tests wether or not they are member of the “Domain Computers” security group.

Related Links

Richard Muellers Script in the TechNet ScriptCenter: http://gallery.technet.microsoft.com/scriptcenter/5adf9ad0-1abf-4557-85cd-657da1cc7df4

Download & Source for Test-GroupMembership

I’ve published the Script to the PowerShell Gallery, you can install it using the following command:

Install-Script -Name Test-GroupMembership -Path <Path>

And you can find the source in the following GitHub Repository: tomtorggler/PowerShell