When testing security settings, I sometimes want a quick way to get a report listing the groups to which the user I'm currently logged on as belongs. Can I get such a report?
Yes, you can use the Whoami command with the /groups option to get a report like the one in Figure 1. As you can see, the sample report shows that the user is a member of Administrators and Users and has the following special security principal SIDs in his or her access token: Local, Authenticated Users, Interactive, NTLM Authentication, Remote Interactive Logon, and This Organization.
One caveat: If you lock a workstation, go home, and then log back on to the system remotely through Terminal Services, you won't see the REMOTE INTERACTIVE LOGON special SID. The original logon wasn't remote, so the access token isn't rebuilt.
End of Article
