Here are few commands that you may find useful.

Commands on AD client machine

All commands below were tested on XP SP3 joined to AD domain (served with Win2008R1/32-bit trial - to save memory) logged with domain user.

To see your AD account details and membership:

net user %username% /domain

WARNING!

The Local Group Memberships seems to be unreliable - there is no membership shown for domain user even when it is NOT empty. Therefore use rather gui app compmgmt.msc - node Local Users and Groups

To see applied policies:

gpresult

Apply policies

gpupdate /force

Give Admin rights to specific AD user on specific PC

It is not so easy as one would expect - possible solution is to use so called Group Policy Preferences. There is very good guide: Use GPO to set user as a local administrator on a single computer

Important NOTE for XP SP3 users!

You need to install Group Policy Preference Client Side Extensions for Windows XP (KB943729) to support Group Policy Preferences on XP - as pointed out in another article Manage Local Active Directory Groups using Group Policy Preferences - I strongly recommend to read whole 4 part series written by Petri.

Resources

• using gpresult:
  • https://blogs.technet.microsoft.com/musings_of_a_technical_tam/2012/02/15/group-policy-basics-part-2-understanding-which-gpos-to-apply/
• working example on using simple group policy object
  • https://mizitechinfo.wordpress.com/2013/08/06/simple-guide-implementing-group-policy-in-windows-server-2012-r2/