You could parse the output from the GPRESULT command.

您可以解析 GPRESULT 命令的输出。

GPRESULTis the right command, but it cannot be run without parameters. /vor verbose option is difficult to manage without also outputting to a text file. E.G. I recommend using

GPRESULT是正确的命令，但是没有参数就不能运行。 /v或详细选项在不输出到文本文件的情况下很难管理。EG 我推荐使用

gpresult /user myAccount /v > C:\dev\me.txt--Ensure C:\Dev\me.txt exists

gpresult /user myAccount /v > C:\dev\me.txt--确保 C:\Dev\me.txt 存在

Another option is to display summary information only which may be entirely visible in the command window:

另一种选择是仅显示可能在命令窗口中完全可见的摘要信息：

gpresult /user myAccount /r

gpresult /user myAccount /r

The accounts are listed under the heading:

帐户列在标题下：

The user is a part of the following security groups
---------------------------------------------------

A little stale post, but I figured what the heck. Does "whoami" meet your needs?

一个有点陈旧的帖子，但我想出了什么。“whoami”是否满足您的需求？

I just found out about it today (from the same Google search that brought me here, in fact). Windows has had a whoami tool since XP (part of an add on toolkit) and has been built-in since Vista.

我今天才发现它（实际上是从把我带到这里的同一个谷歌搜索中发现的）。Windows 从 XP 开始就有了 whoami 工具（作为附加工具包的一部分），并且从 Vista 开始就内置了。

whoami /groups

Lists all the AD groups for the currently logged-on user. I believe it does require you to be logged on AS that user, though, so this won't help if your use case requires the ability to run the command to look at another user.

列出当前登录用户的所有 AD 组。我相信它确实要求您以该用户的身份登录，所以如果您的用例需要能够运行命令来查看另一个用户，这将无济于事。

Or you could use dsqueryand dsget:

或者你可以使用dsquery和dsget：

dsquery user domainroot -name <userName> | dsget user -memberof

To retrieve group memberships something like this:

要检索组成员身份，如下所示：

Tue 09/10/2013 13:17:41.65
C:\
>dsquery user domainroot -name jqpublic | dsget user -memberof
"CN=Technical Support Staff,OU=Acme,OU=Applications,DC=YourCompany,DC=com"
"CN=Technical Support Staff,OU=Contosa,OU=Applications,DC=YourCompany,DC=com"
"CN=Regional Administrators,OU=Workstation,DC=YourCompany,DC=com"

Although I can't find any evidence that I ever installed this package on my computer, you might need to install the Remote Server Administration Tools for Windows 7.

虽然我找不到任何证据表明我曾在我的计算机上安装过此软件包，但您可能需要安装适用于 Windows 7的远程服务器管理工​​具。

Use Powershell: Windows Powershell Working with Active Directory

使用 Powershell：使用 Active Directory 的 Windows Powershell

Quick Tip – Determining Group AD Membership Using Powershell

快速提示 – 使用 Powershell 确定组 AD 成员身份

Based on answer by P.Brian.Mackey-- I tried using gpresult /user <UserName> /rcommand, but it only seemed to work for my user account; for other users accounts I got this result: The user "userNameHere" does not have RSOP data.

根据 P.Brian.Mackey 的回答——我尝试使用gpresult /user <UserName> /r命令，但它似乎只适用于我的用户帐户；对于其他用户帐户，我得到了这个结果：The user "userNameHere" does not have RSOP data。

So I read through this blog-- https://blog.thesysadmins.co.uk/group-policy-gpresult-examples.html--and came upon a solution. You have to know the users computer name:

所以我通读了这个博客——https ://blog.thesysadmins.co.uk/group-policy-gpresult-examples.html——并找到了一个解决方案。您必须知道用户的计算机名称：

gpresult /s <UserComputer> /r /user:<UserName>

After running the command, you have to ENTERa few times for the program to complete because it will pause in the middle of the ouput. Also, the results gave a bunch of data including a section for "COMPUTER SETTINGS> Applied Group Policy Objects" and then "COMPUTER SETTINGS> Security groups" and finally "USER SETTINGS> security groups" (this is what we are looking for with the AD groups listed with non-truncated descriptions!).

运行该命令后，您必须ENTER多次运行程序才能完成，因为它会在输出中间暂停。此外，结果给出了一堆数据，包括“ COMPUTER SETTINGS> Applied Group Policy Objects”部分，然后是“ COMPUTER SETTINGS> Security groups”，最后是“ USER SETTINGS> security groups”（这是我们正在寻找的带有非截断描述的 AD 组！）。

Interesting to note that GPRESULT had some extra members not seen in NET USER command. Also, the sort order does not match and is not alphabetical. Any body who can add more insights in the comments that would be great.

有趣的是，GPRESULT 有一些在 NET USER 命令中没有看到的额外成员。此外，排序顺序不匹配且不按字母顺序排列。任何可以在评论中添加更多见解的机构都会很棒。

RESULTS: gpresult (with ComputerName, UserName)

结果： gpresult (with ComputerName, UserName)

For security reasons, I have included only a subset of the membership results. (36 TOTAL, 12 SAMPLE)

出于安全原因，我只包含了成员资格结果的一个子集。（共 36 个，12 个样本）

The user is a part of the following security groups
---------------------------------------------------
..
 Internet Email 
 GEVStandardPSMViewers  
 GcoFieldServicesEditors    
 AnimalWelfare_Readers  
 Business Objects   
 Zscaler_Standard_Access    
..
 GCM    
..
 GcmSharesEditors   
 GHVStandardPSMViewers  
 IntranetReportsViewers 
 JetDWUsers     -- (NOTE: this one was deleted today, the other "Jet" one was added)
..
 Time and Attendance Users  
..

RESULTS: net user /DOMAIN (with UserName)

结果： net user /DOMAIN (with UserName)

For security reasons, I have included only a subset of the membership results. (23 TOTAL, 12 SAMPLE)

出于安全原因，我只包含了成员资格结果的一个子集。（共 23 个，12 个样本）

Local Group Memberships  
Global Group memberships    ...
                             *Internet Email       *GEVStandardPSMViewers
                             *GcoFieldServicesEdito*AnimalWelfare_Readers
                             *Business Objects     *Zscaler_Standard_Acce
                             ...
                             *Time and Attendance U*GCM
                             ...
                             *GcmSharesEditors     *GHVStandardPSMViewers
                             *IntranetReportsViewer*JetPowerUsers
The command completed successfully.

Much easier way in PowerShell:

在 PowerShell 中更简单的方法：

Get-ADPrincipalGroupMembership <username>

Get-ADPrincipalGroupMembership <username>

Requirement: the account you yourself are running under must be a member of the same domain as the target user, unless you specify -Credentialand -Server(untested).

要求：您自己运行的帐户必须与目标用户是同一域的成员，除非您指定-Credential和-Server（未经测试）。