Retrieves the list of groups that contain the Active Directory object specified by the Identifier and IdentifierClass parameters.
Get-DRAGroupMembership -Domain <String> -IdentifierClass <String> -Identifier <String> [-ContainerDN <String>] [-EnforceServerLimit <SwitchParameter>] [-IncludeChildContainers <SwitchParameter>] [-ObjectsPerResponse <Int32>] [-ResumeString <String>] [-Attributes <String[]>] [-DRARestServer <String>] [-DRARestPort <Int32>] [-IgnoreCertificateErrors <SwitchParameter>] [-Force <SwitchParameter>] [-Timeout <Int32>] [<CommonParameters>]
The Get-DRAGroupMembership cmdlet returns the groups that have the Identifier object as a member. The requesting user must have the View All Group Properties power. You can view the default list of properties or request specific properties. You can also control the number of groups returned in the results, and iterate result sets, if necessary. See the examples for information on how to view specific properties and how to control the pages of results returned from the server. The response will also have the property TotalObjectCount which contains the total number of groups having the Identifier object as a member.
|
Attribute / Description |
Parameters / Values |
||||
|---|---|---|---|---|---|
|
Required |
Position |
Default Value |
Accept Pipeline input? |
Accept wildcard characters? |
|
|
IdentifierClass <String> Specifies the object type of Identifier. Valid values are: computer, contact, group, and user. |
true |
named |
true (ByPropertyName) |
false |
|
|
Identifier <String> The name or distinguished name of an existing Active Directory object. When the name is specified, an additional call to the DRA Server is needed to obtain the distinguished name for the object. |
true |
named |
true (ByPropertyName) |
false |
|
|
Domain <String> The domain of the object in fqdn format. For example: mydomain.corp |
true |
named |
|
true (ByPropertyName) |
false |
|
DRARestServer [<String>] The name of the computer running the DRA Rest Service. The requested DRA operation will execute on this server. If the parameter is not specified, the value defaults to 'localhost'. |
false |
named |
|
true (ByPropertyName |
false |
|
DRARestPort [<Int32>] The port where the DRA REST Service listens for requests. If the parameter is not specified, the value defaults to 8755. |
false |
named |
8755 |
true (ByPropertyName |
false |
|
IgnoreCertificateErrors [<SwitchParameter>] Allows the request to bypass any SSL certificate errors, such as the InvalidOperation error that occurs when the REST Service is bound to a self-signed certificate. |
false |
named |
false |
false |
|
|
Force [<SwitchParameter>] Suppresses any request for user input and supplies a 'yes' response. For example: -Force with a delete request will perform the delete without presenting the confirmation request to the user. |
false |
named |
|
false |
false |
|
Timeout [<Int32>] The number of seconds to wait before the request to the DRA REST server times out. To specify an infinite timeout, you can set this parameter to -1. |
false |
named |
100 seconds |
true (ByPropertyName) |
false |
|
<CommonParameters> Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see About CommonParameters. |
|
|
|
|
|
NOTE:For more information, type "Get-Help Get-DRAGroupMembership -detailed". For technical information, type "Get-Help Get-DRAGroupMembership -full".
Example 16-21 1
PS C:\>Get-DRAGroupMembership -Domain MyDomain.corp -Identifier "George" -IdentifierClass "user"
This example retrieves the list of groups in MyDomain.corp that contain the user, George. The identifier contains the name of the object. The REST Server first requests the distinguished name for the object, followed by the group membership. If the Attributes parameter is not specified, a default list of properties will be returned.
Example 16-22 2
PS C:\>Get-DRAGroupMembership -Domain MyDomain.corp -Identifier "CN=George,OU=IT13,DC=MyDomain,DC=corp" -IdentifierClass "user" -Attributes "DistinguishedName","FriendlyName"
This example retrieves the group membership of the user named George in MyDomain.corp. The identifier contains the distinguished name. The results will include the properties DistinguishedName and FriendlyName for each group in which George is a member.
Example 16-23 3
PS C:\>Get-DRAGroupMembership -Domain MyDomain.corp -Identifier "CN=George,OU=IT13,DC=MyDomain,DC=corp" -IdentifierClass "user" -Attributes "DistinguishedName","FriendlyName" -ObjectsPerResponse 500 -StartRow 501 -ResumeString "{904E1327-F859-490A-A420-8DE8D0F299EF}"
This example retrieves the groups in the MyDomain.corp that have George as a member. The identifier contains the distinguished name for George. The results will include the properties DistinguishedName and FriendlyName for each group. The server will return 500 items in the result, starting from the item specified by the StartRow parameter. The ResumeString is used when there are multiple pages of results to be returned. If more data is available, the results will include the ResumeString property, which can be used to request the next page of results.