Advertisement
Yevrag35

ADSI Local Group Member SID

Dec 9th, 2020
1,779
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [CmdletBinding()]
  2. param
  3. (
  4.     [Parameter(Mandatory=$false, Position = 0)]
  5.     [string[]] $GroupsToExclude
  6. )
  7. Begin
  8. {
  9.     $groupNames = Get-CimInstance -ClassName Win32_Group -Filter "Domain='$env:COMPUTERNAME'" -Property Name | Select-Object -ExpandProperty Name
  10.     [string[]] $groupNames = $groupNames | Where-Object { $_ -notin $GroupsToExclude }
  11.  
  12.     $de = [adsi]"WinNT://$env:COMPUTERNAME"
  13. }
  14. Process
  15. {
  16.     foreach ($groupName in $groupNames)
  17.     {
  18.         try
  19.         {
  20.             $adminGroup = $de.Children.Find($groupName, "Group")
  21.  
  22.             foreach ($mem in $adminGroup.psbase.Invoke("members"))
  23.             {
  24.                 $type = $mem.GetType()
  25.                 $name = $type.InvokeMember("Name", "GetProperty", $null, $mem, $null)
  26.  
  27.                 [byte[]] $sidBytes = $type.InvokeMember("ObjectSid", "GetProperty", $null, $mem, $null)
  28.                 $sid = New-Object System.Security.Principal.SecurityIdentifier($sidBytes, 0)
  29.  
  30.                 [pscustomobject]@{
  31.                     Group = $groupName
  32.                     Name = $name
  33.                     Sid = $sid.Value
  34.                 }
  35.             }
  36.         }
  37.         finally
  38.         {
  39.             $adminGroup.Dispose()
  40.         }
  41.     }
  42. }
  43. End
  44. {
  45.     $de.Dispose()
  46. }
  47.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement