Getting an ambiguous identity error. I can search successfully to return the group that a user account is a member of, but when I try to search for the groups that a computer account is a member of there is the ambiguous identity error. I tried to use a -type or -identity switch, but either I did not have the syntax correct or it was just not applicable.

Where my targeted computer account is called SNA00760856, I have been working on using...

Get-QADGroup -Containsindirectmember SNA00760856

Any massaging that I can do to the command to get the groups that the computer SNA00760856 is a member of? Dropping in a user account in place of the computer account works like a charm.

I have also tried to qualify the computer name with the domain info.
Ie SNA00760856.mydivision.mydomain.com or mydivision\SNA00760856

Also tried to collect the membership of the computer using which I know is wrong after a closer reading of the switch info....

Get-QADobject -IndirectMemberOf SNA00760856

Results in ambiguous identity as well.

You can get the group memberships of a computer in AD through the ActiveDirectory module with Get-ADPrincipalGroupMembership. You'll need to search via the computers DistinguishedName, which can be achieved by leveraging Get-ADComputer:

Get-ADPrincipalGroupMembership (Get-ADComputer SNA00760856).DistinguishedName

That'll return all of the group objects SNA00760856 is a member of.

If you want to clean up the output, use this

Get-ADPrincipalGroupMembership (Get-ADComputer ComputerName) | select-object name

If you export to a list use

Get-AdPrincipalGroupMembership ( Get-ADComputer XXXXXXX ) | Out-File C:\XXX\XXX