JSI Tip 9610. How can I return the NetBIOS names of the local and domain groups that the logged on user is a member of?

Using SecTok.exe, I have scripted MbrShp.bat to return the NetBIOS local and domain group names that the logged on user's security token indicates they are a member of. The output is displayed on the console, like:

"NT AUTHORITY\Authenticated Users"
"NT AUTHORITY\This Organization"
"JSIINC\Accounts Payables"
The syntax for using MbrShp.bat is:

To output to a file:


To process the returned membership:

for /f "Tokens=*" %%a in ('MbrShp') do (
set group=%%a
:: do something

MbrShp.bat contains:

@echo off
set wrk="%TEMP%\MbrShp_%RANDOM%.TMP"
@echo Logon Session>%wrk%
@echo LOCAL>>%wrk%
for /f "Tokens=*" %%a in ('sectok^|findstr /B "Group:"') do (
 set group=%%a
 set group=!group:* - =!
 for /f "Tokens=*" %%b in ('@echo !group!^|findstr /B /G:%wrk% /V') do (
  @echo "%%b"

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.