pingcastle icon indicating copy to clipboard operation
pingcastle copied to clipboard

Published 20 hours ago verified publisher icon vletoux

powershell script and non english domains

Open andreas65m opened this issue 1 year ago • 0 comments

Hello,

in "check for hidden group memberships for user accounts" there is this ps-script

Get-ADUser -Filter * -Properties PrimaryGroup | Where-Object { $_.PrimaryGroup -ne (Get-ADGroup -Identity "Domain user").DistinguishedName } | Select-Object UserPrincipalName,PrimaryGroup

The scripts does not work on german systems. The group name must be localized like this

Get-ADUser -Filter * -Properties PrimaryGroup | Where-Object { $_.PrimaryGroup -ne (Get-ADGroup -Identity "Domänen-Benutzer").DistinguishedName } | Select-Object UserPrincipalName,PrimaryGroup

Would it possible to modify the script in the document this way

$DomainUsersSid = New-Object System.Security.Principal.SecurityIdentifier ([System.Security.Principal.WellKnownSidType]::AccountDomainUsersSid,(Get-ADDomain).DomainSID) Get-ADUser -Filter * -Properties PrimaryGroup | Where-Object { $_.PrimaryGroup -ne (Get-ADGroup -Filter {SID -eq $DomainUsersSid} ).DistinguishedName } | Select-Object UserPrincipalName,PrimaryGroup

Greetings Andreas

andreas65m avatar Dec 18 '23 12:12 andreas65m