This is from memory and I don't have an AD environment up to quickly test it, but if I remember right, you need to add "ntSecurityDescriptor" to your properties list. That property will be an object similar to what you get from calling Get-Acl on files / folders.
That GUI actually performs several steps to populate that dialog box, and you'd have to duplicate those steps.
For example, group membership isn't tracked as part of the user object. It's tracked as part of the group object. So behind the scenes, the GUI is querying all groups who have xxx user as a member, and then displaying those groups. It isn't a single command, and it's actually fairly complex, but if you're at the command-line you have to do it all.