for each $group in GetADUsergroups(,1)
  ? $group
next

function getADUserGroups(optional $username, optional $mode)
  Dim $objTrans, $objUser, $group, $array[0], $i
  if $username=""
    $username=@ldomain + "\"+ @userid
  endif
  if not instr($username,"\")
    $username=@ldomain + "\" + $username
  endif
  $user=join(split($username,"\"),"/")
  $objUserWinNT = GetObject("WinNT://" + $user + ",user")
  If @error=0
    $intGroupID = $objUserWinNT.primaryGroupID
    $strFilter = "(|"
    For Each $objGroup in $objUserWinNT.Groups
      $strFilter = $strFilter + "(sAMAccountName=" +  $objGroup.name + ")"
    Next
    $strFilter = $strFilter + ")"
    $strAttributes = "sAMAccountName,primaryGroupToken,distinguishedName"
    $objRootDSE = GetObject("LDAP://RootDSE")
    $strDNSDomain = $objRootDSE.Get("defaultNamingContext")
    $adoConnection = CreateObject("ADODB.Connection")
    $adoCommand = CreateObject("ADODB.Command")
    $adoConnection.Provider = "ADsDSOObject"
    $adoConnection.Open("Active Directory Provider")
    $adoCommand.ActiveConnection = $adoConnection
    $strQuery = "<LDAP://" + $strDNSDomain + ">;" + $strFilter + ";" + $strAttributes + ";subtree"
    $adoCommand.CommandText = $strQuery
    $adoCommand.Properties("Page Size").value=100
    $adoCommand.Properties("Timeout").value=30
    $adoCommand.Properties("Cache Results").value= not 1
    $adoRecordset = $adoCommand.Execute
    If $adoRecordset.EOF = 0
      Do
        $intGroupToken = $adoRecordset.Fields("primaryGroupToken").Value
        If $intGroupToken = $intGroupID
          if $mode=0
            $array[$i] = $adoRecordset.Fields("sAMAccountName").Value
          else
            $array[$i] = $adoRecordset.Fields("distinguishedName").value
          endif
          $i=$i+1
          $found=1
        EndIf
      $adoRecordset.MoveNext
      Until $adoRecordset.EOF or $found=1
    endif
    $adoRecordset.Close
    $adoConnection.Close
  endif
  $objTrans = CreateObject("NameTranslate")
  if @error
    exit @error
  else
    $objTrans.Init(3, "")
    $objTrans.Set(3,$username)
    $username = $objTrans.Get(1)
    if @error
      exit @error
    else
      for each $group in getobject("LDAP://" + $username).GetEx("memberof")
        redim preserve $array[$i]
        if $mode=0
          $array[$i]=GetObject("LDAP://" + $Group).cn
        else
          $array[$i]=$group          
        endif
        $i=$i+1
      next
      $getADUserGroups=$array  
    endif
  endif
endfunction