I often have to find out whether a particular user has a certain role.
This is the command to read the AD - Roles of a user:
U:\>net user z100079 /domain
The request will be processed at a domain controller for domain mobi.mobicorp.ch.
User name Z100079
Full Name Z100079
Comment Service Account für "Vertragsverlauf", Gysling Eva
User's comment
Country/region code 000 (System Default)
Account active Yes
Account expires 30.12.2099 23:00:00
Password last set 27.01.2011 13:30:38
Password expires Never
Password changeable 27.01.2011 13:30:38
Password required Yes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory
Last logon Never
Logon hours allowed All
Local Group Memberships
Global Group memberships *AMPS_WS *Domain Users
*ASES-INTERN *AISDV_CONSUMER
*ACONTRACTREADCLIENT *ASES-EXTERN
*ALOSSRATIOREADCLIENT *ACLAIMREADCLIENT
