Function Reference

_AD_IsMemberOf

Returns 1 if the object (user, group, computer) is a member of the specified group or any contained group.

#Include <AD.au3>
_AD_IsMemberOf($sGroup[, $sObject = @Username[, $bIncludePrimaryGroup = False[, $bRecursive = False[, $iDepth = 10]]]])

 

Parameters

$sGroup Group to be checked for membership. Can be specified as sAMAccountName or Fully Qualified Domain Name (FQDN)
$sObject Optional: Object type (user, group, computer) to check for membership of $sGroup. Can be specified as sAMAccountName or Fully Qualified Domain Name (FQDN) (default = @UserName)
$bIncludePrimaryGroup Optional: Additionally checks the primary group for object membership (default = False)
$bRecursive Optional: Recursively check all groups of $sGroup up to the depth defined by $iDepth (default = False)
$iDepth Optional: Maximum depth of recursion (default = 10)

 

Return Value

Success: 1, Specified object (user, group, computer) is a member of the specified group
Failure: 0, @error set
    0 - $sObject is not a member of $sGroup
    1 - $sGroup does not exist
    2 - $sObject does not exist

 

Remarks

Determines if the object is an immediate member of the group. This function does not verify membership in any nested groups.

 

Related

_AD_GetUserGroups, _AD_GetUserPrimaryGroup, _AD_RecursiveGetMemberOf

 

Example


#AutoIt3Wrapper_AU3Check_Parameters= -d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6
#AutoIt3Wrapper_AU3Check_Stop_OnWarning=Y
; *****************************************************************************
; Example 1
; Get a list of group names the current user is a member of.
; Check the group membership of the current user for the first group.
; This will always return 1.
; *****************************************************************************
#include <AD.au3>

Global $aUser, $sFQDN_Group, $sFQDN_User, $iResult

; Open Connection to the Active Directory
_AD_Open()
If @error Then Exit MsgBox(16, "Active Directory Example Skript", "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended)

; Get the Fully Qualified Domain Name (FQDN) for the current user
$sFQDN_User = _AD_SamAccountNameToFQDN()

; Get an array of group names (FQDN) that the current user is immediately a member of
$aUser = _AD_GetUserGroups(@UserName)
$sFQDN_Group = $aUser[1]

; Check the group membership of the specified user for the specified group
$iResult = _AD_IsMemberOf($sFQDN_Group, $sFQDN_User)
Select
    Case $iResult = 1
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User is a member of the specified group!")
    Case ($iResult = 0 And @error = 1)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "Group does not exist!")
    Case ($iResult = 0 And @error = 2)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User does not exist!")
    Case ($iResult = 0)
        MsgBox(64, "Active Directory Functions", _
                "User: " & $sFQDN_User & @CRLF & _
                "Group: " & $sFQDN_Group & @CRLF & _
                "User is a not member of the specified group!")
EndSelect

; Close Connection to the Active Directory
_AD_Close()