ps/Modules/Alkami.DevOps.SystemEngineering/Public/Test-IsUserDomainAdmin.ps1

function Test-IsUserDomainAdmin {

<#
.SYNOPSIS
  Tests if a user is a domain administrator

.DESCRIPTION
  Checks a user's principal group membership for membership in the domain admins group

.PARAMETER User
  [string] The username to check in SAMAccountName format.  If not provided, defaults to current user

.EXAMPLE
  Test-IsUserDomainAdmin

.EXAMPLE
  Test-IsUserDomainAdmin "someadmin@corp.alkamitech.com"
#>

    [CmdletBinding()]
    [OutputType([System.Boolean])]
    Param(
        [Parameter(Mandatory = $false)]
        [Alias("UserName")]
        [string]$User
    )

    $logLead = (Get-LogLeadName)

    if ([String]::IsNullOrEmpty($User)) {

        $userToCheck = [System.Security.Principal.WindowsIdentity]::GetCurrent()

    } else {

        if ($User -notmatch "\@") {

            Write-Warning "$logLead : Username supplied must be SAMAccountName format"
            return $null
        }

        $userToCheck = $user
    }

    $principal = New-Object System.Security.Principal.WindowsPrincipal($userToCheck)
    return $principal.IsInRole("Domain Admins")
}