Bill-Stewart/Get-ComputerGroupMembership.ps1

## Get-ComputerGroupMembership.ps1
# Get-ComputerGroupMembership.ps1

#requires -version 3
#requires -RunAsAdministrator

<#
.SYNOPSIS
Gets a computer's group memberships based on resultant set of policy (RSOP) data.

.DESCRIPTION
Gets a computer's group memberships based on resultant set of policy (RSOP) data. This is helpful in checking whether computer group membership changes are visible from the computer's perspective.

.PARAMETER ComputerName
Specfies one or more computer names. Wildcards are not permitted. If no computer names are specified, the default is the current computer.

.OUTPUTS
PSObjects with the following properties:
* ComputerName - The computer name
* MemberOf - The group the computer is a member of
#>

[CmdletBinding()]
param(
  [Parameter(ValueFromPipeline)]
  [String[]]
  $ComputerName
)

begin {
  function ConvertFrom-SID {
    param(
      [Security.Principal.SecurityIdentifier]
      $SID
    )
    $result = $SID.Value
    try {
      $result = $SID.Translate([Security.Principal.NTAccount]).Value
    }
    catch {
    }
    return $result
  }

  function Get-ComputerGroupMembership {
    param(
      [String]
      $computerName
    )
    $params = @{
      "Class"        = "RSOP_Session"
      "Namespace"    = "ROOT\rsop\computer"
      "Property"     = "SecurityGroups"
      "ComputerName" = $computerName
    }
    Get-WmiObject @params | Select-Object -ExpandProperty SecurityGroups | ForEach-Object {
      [PSCustomObject] @{
        "ComputerName" = $computerName
        "MemberOf"     = ConvertFrom-SID $_
      }
    }
  }
}

process {
  if ( $null -eq $ComputerName ) {
    Get-ComputerGroupMembership ([Net.Dns]::GetHostName())
  }
  else {
    foreach ( $ComputerNameItem in $ComputerName ) {
      Get-ComputerGroupMembership $ComputerNameItem
    }
  }
}
	# Get-ComputerGroupMembership.ps1

	#requires -version 3
	#requires -RunAsAdministrator

	<#
	.SYNOPSIS
	Gets a computer's group memberships based on resultant set of policy (RSOP) data.

	.DESCRIPTION
	Gets a computer's group memberships based on resultant set of policy (RSOP) data. This is helpful in checking whether computer group membership changes are visible from the computer's perspective.

	.PARAMETER ComputerName
	Specfies one or more computer names. Wildcards are not permitted. If no computer names are specified, the default is the current computer.

	.OUTPUTS
	PSObjects with the following properties:
	* ComputerName - The computer name
	* MemberOf - The group the computer is a member of
	#>

	[CmdletBinding()]
	param(
	[Parameter(ValueFromPipeline)]
	[String[]]
	$ComputerName
	)

	begin {
	function ConvertFrom-SID {
	param(
	[Security.Principal.SecurityIdentifier]
	$SID
	)
	$result = $SID.Value
	try {
	$result = $SID.Translate([Security.Principal.NTAccount]).Value
	}
	catch {
	}
	return $result
	}

	function Get-ComputerGroupMembership {
	param(
	[String]
	$computerName
	)
	$params = @{
	"Class" = "RSOP_Session"
	"Namespace" = "ROOT\rsop\computer"
	"Property" = "SecurityGroups"
	"ComputerName" = $computerName
	}
	Get-WmiObject @params \| Select-Object -ExpandProperty SecurityGroups \| ForEach-Object {
	[PSCustomObject] @{
	"ComputerName" = $computerName
	"MemberOf" = ConvertFrom-SID $_
	}
	}
	}
	}

	process {
	if ( $null -eq $ComputerName ) {
	Get-ComputerGroupMembership ([Net.Dns]::GetHostName())
	}
	else {
	foreach ( $ComputerNameItem in $ComputerName ) {
	Get-ComputerGroupMembership $ComputerNameItem
	}
	}
	}