7

While easy on Linux, not as easy on Windows from what I've been able to gather so far. I've found the command that kinda does what I want which is:

net user username /domain

However I wish to strip all of the data except for the list of the groups. I think findstr may be the answer but I'm not sure of how to use this to do that. Essentially, I guess the script would do something like this (unless there is a more specific command which would be fabulous):

net user username /domain > temp.txt
findstr (or some other command) file.txt > groups.txt
del temp.txt

The output of the data would be a list like this:

group1; group2; group3

Now, I could be going about this a complicated way, so as I mentioned if there is a command that can output ONLY a user's security groups that would be fantastic.

Improve this question
4
  • Is writing a custom tool in Python or C# acceptable?
    – grawity_u1686
    Commented Oct 7, 2011 at 8:03
  • That's beyond my capabilities but if you can get me something that I can compile and execute I'd certainly be very thankful :)
    – Smitty
    Commented Oct 7, 2011 at 11:24
  • This isn't something you'd normally want to do in Windows. Can you explain why you want the output in this particular format? We may be able to suggest an alternative.
    – Harry Johnston
    Commented Oct 8, 2011 at 0:21
  • Take a look at this Stack Overflow thread: How to get all groups that a user is a member of?
    – aschipfl
    Commented Jan 10 at 9:56

3 Answers 3

Reset to default
3

Use PowerShell!

$user = [wmi] "Win32_UserAccount.Name='JohnDoe',Domain='YourDomainName'"
$user.GetRelated('Win32_Group')

or only for group names:

$user = [wmi] "Win32_UserAccount.Name='JohnDoe',Domain='YourDomainName'"
$user.GetRelated('Win32_Group') | Select Name

http://social.technet.microsoft.com/Forums/en-US/winserverpowershell/thread/67defa12-6ad1-439b-bd11-3abfc5b5208a/

Improve this answer
2

Hmm.

net user paul /domain | find "Global Group memberships"

Will give you the the groups, but if you don't want the header you'd need something more involved:

for /f "tokens=4*" %f in ('net user paul /domain ^| find "Global Group memberships"') do echo %f

So %f contains the groups.

Improve this answer
3
  • Thanks, that kinda looks like what I'm after but the first example only outputs data from that line, if there are say a dozen groups, most won't show and the second example you gave is giving me the error "f was unexpected at this time" from what I gather, it's not liking the final "%f", I'm just a beginner with these batch scripts :)
    – Smitty
    Commented Oct 7, 2011 at 11:27
  • 1
    If you use it in a script, you need to use %%f. Yes, good point, the output will wrap and get lost. Do you have an output you can paste, I don't have the right setup to test. It may need something more robust than hacking bits out of the net user command :)
    – Paul
    Commented Oct 7, 2011 at 11:36
  • Hmm.. won't let me edit my comment, anyways: From my VM machine, the output of net user username / domain is essentially the same as my work one. A copy of it can be found here
    – Smitty
    Commented Oct 7, 2011 at 11:40
2 
dsquery user -name "My Full Name" | dsget user -memberof | dsget group -samid

I found this pretty much gives me what I was looking for, in case anyone was curious! :)

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .