Multiple domain search with user

i am able to run get-aduser cmdlet but when i try with one user it only gives for current domain how i can check if user has another domain ?

user has another domain ? Can you clarify it little more.
Are you trying to get user from another domain ?

meand user has account in multiple domain like

asia, emea, nawest, naeast are domains

That means, those are different user accounts in different domains.
Can you share the code you are using ? You can use -Server parameter of Get-AdUser cmdlet where you can specify another domain, you will get the result if the user running this cmdlet has permissions.

i was able to get user search, now my issue is when i search for memberof for one user it gives me list of all groups which user is part list looks like


However i want to just get result like GNAEAST-VCTX-TELE-TSYS2-2-V1, not sure how to get this

ok. So you just want to get only the username from the DistinguishedName.

you can easily use split or regex here. Split will be an easy one to understand.

# if $r is the variable you have the DistinguishedName value
$CNName = ($r -split ',')[0] # the first one which is CN=GNAEAST-VCTX-TELE-TSYS2-2-V1
$CNName.TrimStart('CN=') # this will give you the desired value.

i got this but here memberof list is more than 50 lines when exported in CSV so its not helping

my code looks like below

$SID =Read-Host -Prompt " Please Provide SID: "
$Domainlist = Read-Host -Prompt " DOmain ASIAPAC, NAEAST, EMEA "

$r=(Get-Aduser $SID -server $Domainlist -Properties MemberOf | Select MemberOf).MemberOf

$CNName = ($r -split β€˜,’)[0] #| Out-File I:$SID.csv

this is only checking and providing result of first group but user is part of multiple group, i guess spilt is removing rest all enteries

I think you want all the groups where a user is part of. If so

Get-ADPrincipalGroupMembership username | Select-Object -ExpandProperty name

before we tried get-aduser we tried ADPrincipalGroupMembership cmdlet but its not working in our environment
'it says Get-ADPrincipalGroupMembership : An unspecified error has occurred"
so we are trying other option like get-aduser

$r should be a collection of objects, so you can process it with a foreach loop. I’m assuming from your code that you want a CSV file per user.

Not tested:

$SID =Read-Host -Prompt " Please Provide SID: "
$Domainlist = Read-Host -Prompt " DOmain ASIAPAC, NAEAST, EMEA "

$r = Get-Aduser $SID -server $Domainlist -Properties MemberOf | Select-Object -ExpandProperty MemberOf

foreach ($group in $r) {

    $CName = ($group -split β€˜,’)[0]
    $CNName.Trimstart(β€˜CN=’) | Out-File -PSPath "I:\$SID.csv" -Append -NoClobber


this is giving only one memberof to and make it correct and removing all others memberof in CSV it display same group name next row repeating 70+ time like


You should b easily able to debug the above code. Hope you are using VScode or atleast PowerShell ISE.
you can create a breakpoint then start debugging, it will help you to catch the bug.

1 Like

Just to at least mention it once. .TrimStart() does not work as you might think it does. If the CN starts with a β€œC” or an β€œN” or both it would cut off more than you actually wanted to. See this examples:


Take a very close look to the output!!

issue here is its accepting first memberof group and it provides accurate result but in this loop its copy pasting total number of group with same first group… not sure if i am able to explain it… i am suing Powershell ISE here

There’s a typo in my post, $CName instead of $CNName. Did you spot that and correct it?

Taking into account @Olaf’s comment. I have amended the code as below to use the replace operator with a regex.

$SID =Read-Host -Prompt " Please Provide SID: "
$Domainlist = Read-Host -Prompt " DOmain ASIAPAC, NAEAST, EMEA "

$r = Get-Aduser $SID -server $Domainlist -Properties MemberOf | Select-Object -ExpandProperty MemberOf

foreach ($group in $r) {

    $group -replace 'CN=(.+?),.+','$1' | Out-File -PSPath "I:\$SID.csv" -Append -NoClobber


@matt-bloomfield Wow this is working as expected, i was so struggling since more than 5 days but it has fixed, can you explain this line logic $group -replace β€˜CN=(.+?),.+’,’$1’

$group is user variable or we created, what is this $1 denotes

Actually this would be enough as well:

$group -replace '^CN='
1 Like

The brackets in the match part of the -replace operator declare a capture group. So this (.+?) matches the text after CN= up to the first comma. $1 is an automatic variable, that has the value of that capture group.

That only, strips the CN= though. OP wanted just the group name without the OU and domain information.

I had in my mind that the rest of the CN is already stripped away with the -split operator before. So - assumed that there will not be a comma inside the common name - this should do the trick:

($group -split ',')[0] -replace '^CN='

… another version would be this:

($group -split '=')[1] -replace ',(OU)|(DC)$'
1 Like