Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
JSI Tip 9410. How can the 'net user' command return a comma delimited string of a domain user's local or global group membership?
Jerold Schulman
June 1, 2005
1 Min Read
Using the net user command, I have scripted GetGroups.bat to return a comma delimited string containing a domains user's local or global group membership.
The syntax for using GetGroups.bat is:
call GetGroups User L|G
Where User is the User Name (sAMAccountName) and L|G is an L if you wish to return Local group membership, or a G if you wish to return Global group membership.
The output is displayed on the console, but can be redirected to a file, or processed with a FOR command. A global membership string might look like:
"Domain Admins","accountants","Schema Admins","Enterprise Admins"
GetGroups.bat contains:
@echo offsetlocalif {%2}=={} goto syntaxset user=%1set gt=%2if /i "%gt%" EQU "L" goto OKif /i "%gt%" NEQ "G" goto syntax:OKset grps=set ft=NONEfor /f "Tokens=1-3 Delims=*" %%g in ('net user %user% /domain^|find "*"') do ( set wrk=%%g# call :group set wrk=%%h# call :group set wrk=%%i# call :group)@echo %grps%endlocalgoto :EOF:syntax@echo Syntax: GetGroups User L^|Gendlocalgoto :EOF:groupif /i "%wrk:~0,5%" EQU "Local" set ft=L&goto :EOFif /i "%wrk:~0,6%" EQU "Global" set ft=G&goto :EOFif /i "%ft%" NEQ "%gt%" goto :EOFif "%wrk:~0,1%" EQU "#" goto :EOFif "%wrk:~0,1%" EQU " " goto :EOFset grp=%wrk: =%set grp=%grp: #=%set grp=%grp:#=%if defined grps set grps=%grps%,set grps=%grps%"%grp%"About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
