Permalink
Browse files

Update Functions

  • Loading branch information...
lazywinadmin committed Jul 13, 2015
1 parent b71f84d commit ae92c67e0ed5d685d111f087c840e76d2703ea2a
Showing with 52 additions and 5 deletions.
  1. +5 −5 AD-OBJECT-Get-ADSITokenGroup/Get-ADSITokenGroup.ps1
  2. +47 −0 _Test/AD-TokenGroups_Test.ps1
@@ -26,11 +26,11 @@
GroupName Count SamAccountName
--------- ----- --------------
- wbiegames\MTL_GroupB 2 TestUser
- wbiegames\MTL_GroupA 2 TestUser
- wbiegames\MTL_GroupC 2 TestUser
- wbiegames\MTL_GroupD 2 TestUser
- wbiegames\MTL-GroupE 1 TestUser
+ lazywinadmin\MTL_GroupB 2 TestUser
+ lazywinadmin\MTL_GroupA 2 TestUser
+ lazywinadmin\MTL_GroupC 2 TestUser
+ lazywinadmin\MTL_GroupD 2 TestUser
+ lazywinadmin\MTL-GroupE 1 TestUser
.NOTES
Francois-Xavier Cat
@@ -0,0 +1,47 @@
+$UserSam = "TestAccount"
+
+$Search = New-Object -TypeName System.DirectoryServices.DirectorySearcher -ErrorAction 'Stop'
+$Search.Filter = "(&((objectclass=user)(samaccountname=$UserSam)))"
+$Search.FindAll() | ForEach-Object -Process {
+ $Account = $_
+ $AccountGetDirectory = $Account.GetDirectoryEntry();
+
+ # Add the properties tokenGroups
+ $AccountGetDirectory.GetInfoEx(@("tokenGroups"), 0)
+
+
+ $($AccountGetDirectory.Get("tokenGroups"))|
+ ForEach-Object -Process {
+ # Create SecurityIdentifier to translate into group name
+ $Principal = New-Object System.Security.Principal.SecurityIdentifier($_, 0)
+ $domainName = [adsi]"LDAP://$($Principal.AccountDomainSid)"
+
+ <#
+ TypeName: System.Security.Principal.SecurityIdentifier
+
+ Name MemberType Definition
+ ---- ---------- ----------
+ CompareTo Method int CompareTo(System.Security.Principal.SecurityIdentifier sid), int IComparable[SecurityIdentifier].CompareTo(System.Security.Principal.Security...
+ Equals Method bool Equals(System.Object o), bool Equals(System.Security.Principal.SecurityIdentifier sid)
+ GetBinaryForm Method void GetBinaryForm(byte[] binaryForm, int offset)
+ GetHashCode Method int GetHashCode()
+ GetType Method type GetType()
+ IsAccountSid Method bool IsAccountSid()
+ IsEqualDomainSid Method bool IsEqualDomainSid(System.Security.Principal.SecurityIdentifier sid)
+ IsValidTargetType Method bool IsValidTargetType(type targetType)
+ IsWellKnown Method bool IsWellKnown(System.Security.Principal.WellKnownSidType type)
+ ToString Method string ToString()
+ Translate Method System.Security.Principal.IdentityReference Translate(type targetType)
+ AccountDomainSid Property System.Security.Principal.SecurityIdentifier AccountDomainSid {get;}
+ BinaryLength Property int BinaryLength {get;}
+ Value Property string Value {get;}
+ #>
+ # Prepare Output
+ $Properties = @{
+ SamAccountName = $Account.properties.samaccountname -as [string]
+ GroupName = $principal.Translate([System.Security.Principal.NTAccount])
+ }
+ # Output Information
+ New-Object -TypeName PSObject -Property $Properties
+ }
+}

0 comments on commit ae92c67

Please sign in to comment.