I've tried many different commands and I get inconsistent results. So far, the most complete lists come from the following commands:
- whoami /group
- ForEach($group in $token.Groups){$group.Translate([System.Security.Principal.NTAccount])}
- (Get-ADUser UserName –Properties MemberOf | Select-Object MemberOf).MemberOf
- dsquery user -samid UserName | dsget user -memberof | dsget group -samid
Each of the above produce slightly different results, so I'm not confident that I'm getting a complete list from any one command. I've read that AdFind is the best tool to do this, but I'm struggling to understand how to get AdFind to search all domains and report all groups (both explicit and implicit). Please help.