You could do something like that (if you have verified the user credentials already):
$user = get-adobject -ldapfilter "(samaccountname=$username)" -properties memberof
Now you can use $user.memberof to iterate through all groupmemberships.
$user.memberof | % { if ($_ -match "admin_" ) { write-host "Found Admin Group"; /* DO MORE STUFF */ } }
For the user input we use this:
# Input - Read User Credentials
$credentials = Get-Credential
# Split username & password
$username = $cred.username
$password = $cred.GetNetworkCredential().password
# Get your Domain
$Root = "LDAP://" + ([ADSI]"").distinguishedName
$domain = New-Object System.DirectoryServices.DirectoryEntry($Root,$UserName,$Password)
if ($domain.name -ne $null)
{
write-host "Authenticated"
}else{
write-host "Not authenticated"
}
Hope that helps