Other Posts in this Series:
- Use ADSI to List Nested Members of an AD Group (Updated)
- Use ADSI and FromFileTime to Convert Datetime Attributes in Active Directory
- Use ADSI to Find Logon Workstations in Active Directory
- Search Active Directory using PowerShell ADSISearcher Filters
- Use PowerShell ADSI to Search Users in Active Directory
This post provides an example of how we can use ADSI to check if a computer is a member of an AD Group using the [ADSISearcher] type accelerator:
#remember that this is used as a regular expression (using -match), so escape any brackets etc with a back slash
$ADGroup = "Example_AD_Group"
$machineName = "AlkaneMachine"
#check if computer is a member of the group
$ADGroupObj = (([ADSISearcher] "(&(objectCategory=computer)(objectClass=computer)(cn=$machineName))").FindOne().Properties.memberof -match "CN=$ADGroup,")
if ($ADGroupObj -and $ADGroupObj.count -gt 0)
{
#computer is a member - do something!
}