PowerView is a great tool for domain enumeration part of the PowerSploit collection. Almost every function is available in Empire too. Although each function is pretty self-explainable and you should explore it yourself I'll provide some hints here. I can also highly recommend reading the source code for these kinds of Powershell based hacking tools, because there are usually tons of tips and examples bundled with them.
Invoke-EnumerateLocalAdminEnumerates members of the local Administrators groups across all machines in the domain.
Get-NetLocalGroup -ComputerName MX01 -GroupName "Remote Management Users"Gets members of users who can use WinRM on a specific machine.
Get-NetLocalGroup -ComputerName MX01 -GroupName "Remote Desktop Users"Gets members of users who can RDP to a specific machine.
Get-NetGPOGroup -ResolveMemberSIDsGets all GPOs in a domain that set "Restricted Groups" on on target machines, and resolve the SIDs of the member groups or users.
Find-GPOLocation -UserName testuser -LocalGroup RDPTakes a speicifc user or group and checks where the user has access to through GPO enumeration. Here we can see what boxes testuser can RDP into.