active directory - Simplify powershell query -


i learning powershell, , looking query couple of ad groups , determine whether user member of ad group.

  • part 1 : query ad group has 10 nested ad groups
  • part 2: query user's ad group , pull list
  • part 3: not posted, compare output of part 1 , part 2

searched online , found tits , bits. aware of active directory module, avoid using it, since script executed user non-technical , avoid installing rsat that.

i have powershell version 2 , windows 7

part 1

group1 ad group has 10 nested ad groups.

write-host "fetching information groups.please wait.." add-type -assemblyname system.directoryservices.accountmanagement $ct = [system.directoryservices.accountmanagement.contexttype]::domain $group=[system.directoryservices.accountmanagement.groupprincipal]::findbyidentity  ($ct,'group1') $group1 = $group.getmembers | {$_.structuralobjectclass -eq "group"} | select    samaccountname $group1 = $group1 -replace("=", " ") -replace("{", " ") -replace("@", " ") -replace ("}", " ") -replace("samaccountname", " ")  -replace '\s+', ' ' $adgroups = foreach ($l in group1) {$l.trim()}

to ensure ad group information fetched program or exit script

if (($adgroups | out-string) -like $null) {   write-host "unable fetch ad groups information" -foreground "red"   start-sleep 10   break  }

part 2

temp location files can written

$location = "c:\ad" $ct = [system.directoryservices.accountmanagement.contexttype]::domain $user = [system.directoryservices.accountmanagement.userprincipal]::findbyidentity($ct, $username) if ($user -like $null) {   write-host "user not exist in ad" -foreground "magenta"   start-sleep 10   break } write-host "please wait...looking user group membership..." $usergroups = $user.getgroups()

removing file if exists.

remove-item $location\useradgroups.txt $usergroups | select samaccountname | out-file $location\useradgroups.txt -append $testr = gc $location\useradgroups.txt if (($testr | out-string) -like $null) {   write-host "unable fetch user ad groups   information" -foreground "red"   start-sleep 10   remove-item $location\useradgroups.txt   break } $useradgroups = foreach ($l in $testr ) {$l.trim()} $useradgroups | select-string -pattern "\w" | out-file $location\useradgroups.txt $useradgroups = gc $location\useradgroups.txt

question:

unless trim output, cannot compare it. had write script shown above:

  1. avoid writting output text file
  2. avoid -replace("=", " ") -replace("{", " ") in part 1
  3. simplify code.

any suggestion powershell gurus welcomed. me in learning process

so you're trying recursively adgroupmembers? sort of this or this? there more 1 way things. you can use [asdi] type accelerator.

$groups = [adsi]'ldap://cn=groupname,ou=groups,ou=place,dc=tomorrow,dc=today' $group | get-member  foreach($group in $groups){     $members = $group.member     foreach($member in $members){         #is group or user?         #if group group members         #if user user part of group     } }

are trying format distinguishedname of user?

$user = "cn=huck finn,ou=users,ou=today,ou=tomorrow,dc=yesterday,dc=com" $splits = ($user -split ',') [pscustomobject]@{username=$splits[0].substring(3);oupath=($splits[1..($splits.count-1)] | % {$_.substring(3)}) -join '\'}

hope helped.


Comments

Post a Comment

Popular posts from this blog

curl - PHP fsockopen help required -

i trying work on cloudflare api , have found in documentation. unfortunately have no idea how can use in fsockopen or through curl. here example of post request. need know how can make request below data post using curl or fsockopen curl https://www.cloudflare.com/api_json.html -d 'a=cache_lvl' \ -d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \ -d 'email=sample@example.com' \ -d 'z=example.com' \ -d 'v=agg' here link cloudflare https://www.cloudflare.com/docs/client-api.html#s4.2 try one: $ch = curl_init("https://www.cloudflare.com/api_json.html"); curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_followlocation, 1); curl_setopt($ch, curlopt_ssl_verifypeer,false); // handling of -d curl parameter here. $param = array( 'a' => 'cache_lvl', 'tkn' => '8afbe6dea02407989af4dd4c97bb6e25', 'email' => 'sample@example.com', 'z' =...
Read more

HTTP/1.0 407 Proxy Authentication Required PHP -

i working in restricted network/limited access internet. since have use proxy make web service call. here php code calling web service , response . $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' => $proxy_host, 'proxy_port' => $proxy_port, 'proxy_login' => $proxy_login, 'proxy_password' => $proxy_password)); response is fatal error: uncaught soapfault exception: [wsdl] soap-error: parsing wsdl: couldn't load ' http://www.xyz.com/abc/wsdls/login.wsdl ' : failed load external entity if copy url error message , paste in browser(with same proxy settings) works. 2nd scenario is, if pass values instead of variables giving me diffarant response $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' ...
Read more

c# - Resource not found error -

i have problem accessing method on homecontroller. show code of method : [httpget] public actionresult decriptidentifiantetredirige(string login_crypter, string mdp_crypter) { string loginacrypter = _globalmanager.protegemotdepasse(login_crypter); string mdpacrypter = _globalmanager.protegemotdepasse(mdp_crypter); user userapp = new models.user(login_crypter, mdp_crypter); if (userapp.authentificationvalidee(userapp.userlogin, userapp.password)) { session["name"] = userapp.userlogin; return redirecttoaction("accueil", "home"); } else { return redirecttoaction("validerauthentification", "home"); } } then in routeconfig.cs wrote route : routes.maproute( name: "authentificationapresdecryptage", url: "{controller}/{action}/{login_crypter}/{mdp_crypter}", defaults: new...
Read more