Recently I needed to find out if a user was in an Active Directory Group. The group contained more than 5000 entries, so using Get-ADGroupMember wasn't useful (it timed out) The following command worked well for me... get-adgroup " GroupName " -Properties Member | Select-Object -ExpandProperty Member | get-aduser | Where-Object {$_.SamAccountName -eq " username "} For small groups, and for full member lists it's as simple as Get-ADGroupMember groupname Getting the actual AD details can be performed with powershell with the following get-aduser -Filter 'GivenName -like " FirstName* " -and Surname -like " LastName* "' or, if you know the SamAccountName... get-aduser SamAccountName To list the groups that an account belongs to Get - ADPrincipalGroupMembership username | select name