Active Directory -- user's GROUP membership, compare ?

Please look at this solution:  https://www.experts-exchange.com/questions/28409555/Compare-group-membership-from-two-AD-accounts-with-Powershell.html

I have created the script below and it works perfectly for what you have asked.

All you need to do is when you run the script it will ask for the samaccountname of the user to check (user1) and then ask you to type in the name of the user to compare against (user2). Then it will add any groups from User2 to User1 that User1 does not already have.

Import-Module activedirectory
$User = Read-Host "Type sAMAccountName of user to check"
$CompareUser = Read-Host "Type sAMAccountName of user to compare against"

$UserGroups = Get-ADPrincipalGroupMembership -Identity $User
$CompareGroups = Get-ADPrincipalGroupMembership -Identity $CompareUser

$Compared = Compare-Object -ReferenceObject $UserGroups -DifferenceObject $CompareGroups

ForEach ($Group in $Compared)
    {
        Add-ADGroupMember -Identity $Group.InputObject.DistinguishedName -Members $User -Confirm:$false
    
}

Select allOpen in new window

Will.

Will, what do I need to change so it only shows me the differences, it does not add any groups from User2 to User1 that User1 does not already have ?