Can you help me to create a Powershell Script to connect AD and check if the user is member of a group or not from client machine and set a registery key based on the condition
Powershell Script to connect AD and check if the user is member of a group or not from client
Maybe this:
$username=$env:username
IF (([adsisearcher]"(samaccountname=$UserName)").FindOne().Properties.memberof -match "CN=YourADGroup" ){New-ItemProperty -Path "HKCU:RegistryKeyPath" -Name "RegistryKeyName" -Value "RegistryValue" -Force | Out-Null}
Hi,
The PowerShell AD module has to be installed first.
https://4sysops.com/wiki/how-to-install-the-powershell-active-directory-module/
Then you check the user like this
$username = 'user1'
$group = 'group1'
$user = Get-ADGroupMember -Identity $group | Where-Object {$_.name -eq $username}
if($user){
Write-Host 'member found'
}
else{
Write-Host 'member not found'
}
Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi Lan,
Thanks for the prompt reply.
however am looking for a script to create a registry key on the client machine depending on the membership of user of the security group.
script has to run as a logon script from client machine, user will have only domain user permission, the above script runs only if the user has read permission on ad
Thanks in advanced.
If the user doesn't have the read permission on the group, you have to run the script as some other user with the permission.
To create a registry key you can use the New-Item cmdlet
https://devblogs.microsoft.com/scripting/use-powershell-to-easily-create-new-registry-keys/
8 people are following this question.
