AdsiPS icon indicating copy to clipboard operation
AdsiPS copied to clipboard

Published 20 hours ago verified publisher icon lazywinadmin

Review LDAP lookup using SID, GUID, DN

Open lazywinadmin opened this issue 6 years ago • 2 comments

Interesting tweet from Mathias: https://twitter.com/IISResetMe/status/1116344879624392704

Your periodic reminder that the ADSI LDAP provider supports any distinguished name value (not just the actual DN) in its path when binding to an object:

[adsi]"LDAP://<SID=1-5-21-485916533-229056652-338576073-3519>"

or

[adsi]"LDAP://<GUID=7e1246dd-307e-4417-98ca-2e1b2666e0c8>"

lazywinadmin avatar Apr 12 '19 05:04 lazywinadmin

Is it not already possible on certain functions ?

.PARAMETER Identity
    Specifies the Identity of the User
    You can provide one of the following properties
    DistinguishedName
    Guid
    Name
    SamAccountName
    Sid
    UserPrincipalName
    Those properties come from the following enumeration:
    System.DirectoryServices.AccountManagement.IdentityType

christophekumor avatar Apr 14 '19 07:04 christophekumor

Hum you right @christophekumor Maybe we should validate all functions (where possible) support that.

lazywinadmin avatar May 23 '19 02:05 lazywinadmin