1

In school we need to map network drives using PowerShell. These drives shall be mapped based on group membership. My PowerShell script looks like following: 

Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$groupdomain = [System.DirectoryServices.AccountManagement.ContextType]::Domain
$user = [System.DirectoryServices.AccountManagement.UserPrincipal]::Current
$GroupName = "year1"
$group = [System.DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity($groupdomain,$GroupName)
if($user.IsMemberOf($group))
{
    net use S: \\dc\studentinfo\1ABHIT
}

I have written something very similar, only with the user being directly added to the group 1AHIT. In this case the user is added to the group "year1" by group nesting (Group structure: user --> 1AHIT --> year1).

The script works by checking if the user is member of the group 1AHIT, which is the group it's been added "manually".

It doesn't work with checking for the nested group. After debugging the code I learned that the $group object is the object of the group year1, the if($user.IsMemberOf($group)) returns false.

Claire Furney
  • 2,115
  • 3
  • 24
  • 36
Matthias Lassnig
  • 81
  • 1
  • 8

1 Answers1

0

.NET 3.5 to the rescue with UserPrincipal.GetAuthorizationGroups.

if ($user.GetAuthorizationGroups() -contains $group) 
{
    net use S: \\dc\studentinfo\1ABHIT
}

Not directly related but still useful: it's also possible to do this directly with LDAP, see this question.

Community
  • 1
  • 1
Jeroen Mostert
  • 27,176
  • 2
  • 52
  • 85