Check if the current PowerShell session user is a Domain Admin

This topic contains 3 replies, has 2 voices, and was last updated by  postanote 3 weeks, 5 days ago.

  • Author
    Posts
  • #92015

    Naw Awn
    Participant

    $CurrentUser = ([System.Diagnostics.Process]::GetCurrentProcess().GetOwner().User
    Is there any way to feed $CurrentUser in place of 'GetCurrent() on the script below?

    $thisUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()
    $WinPrincipal = New-Object System.Security.Principal.WindowsPrincipal($thisUser)
    return ($WinPrincipal.IsInRole("Domain Admins"))

    I just simply wanted to check if a given user is a domain admin or not without using AD PowerShell module.
    Thanks

  • #92024

    postanote
    Participant

    Your second code block already does what you state your goal is. There is little reason for the current user part of this as that second block is only for the current user.

    You actually don't even need all this code. You can simply use whoami

    whoami of course only works for the currently logged on user and shows all the associated local and domain groups the user belongs to.

    (whoami /ALL /FO CSV | ConvertFrom-CSV) | Select 'User Name' | Where 'User Name' -like '*Domain Admins*'

    Results
    CONTOSO\Domain Admins

    Are you are asking that, a user is not logged on with an account that is not a domain admin, and then they do a RunAS elevation or New-PSSession, Enter-PSSession and passing in a domain admin credential?

    If so, then the whoami use case still applies in the PoSH remote session.

    So, why are you trying to skip the AD cmdlets use case?
    You don't have to install any AD cmdlets to use the AD cmdlets. You can use implicit PSRemoting and proxy those to any system, and they are never physically on the system, and the disappear when you close the remote session or the console or ISE window.

  • #92038

    Naw Awn
    Participant

    Thanks, postanote. It works like a charm! The idea was to log in to a machine (with no RSAT) with standard user account but run the powershell session with a domain admin account then run lots of wmi/ciminstance queries to the domain computers/servers.
    GetCurrent() only picks up the logged in user account. So, even if you run the PowerShell with Domain admin account. it still returns $false. Thanks again. Naw

You must be logged in to reply to this topic.