How to find out: Domain Administrator or Not?

Question

I have an account e.g. (MyDomain\User1) which has ONLY an access to a VM that has Windows Server 2008 R2 installed and nothing else.

I have no access at all to the Active Directory (AD) nor the Dmain Controller (DC).

How can I tell if this particular account (MyDomain\User1) is a Domain Administrator or not? Is there any Windows PowerShell command for that?

Thanks you !

Answer 1

Easy, just check the current user for membership in the domain admins group.

$CurrentUser = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$WindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($CurrentUser)

if($WindowsPrincipal.IsInRole("Domain Admins"))
{
    Write-Host "Currently running as a Domain Admin"
}
else
{
   Write-Host "Keep dreaming, you're not a Domain Admin."
}