Loading ...Archive for March, 2007
« Previous EntriesStatic Members and PowerShell obscurity
Thursday, March 29th, 2007I recently posted a question on the Microsoft PowerShell NG on how to use a .Net function in PowerShell.
It might be easier if I put this in context. I had a requirement to take a string containing a mixture of upper and lowercase letters, and rewrite it with a hyphen preceding the uppercase letters. This [...]
Extended Rights in Active Directory
Wednesday, March 28th, 2007Extended Rights are one of the mechanisms behind Active Directory permissions that allow for such granular control over the delegation of tasks in your environment. There’s a Technet article that explains delegation and touches on Extended Rights (near the bottom).
Extended Rights exists in AD as objects stored within the Extended-Rights container, which is located in [...]
Security Identifiers (SIDs) and NT Account name
Monday, March 26th, 2007I have a couple of functions that are quite useful when dealing with Active Directory permissions.
Translate SID to NT Account:
:get-NTaccount.ps1
#----------------------------------------------------------------------------------------------------------
function get-NTaccount
#----------------------------------------------------------------------------------------------------------
{
Param (
$SID
)
$id = New-Object System.Security.Principal.SecurityIdentifier($sid)
$account = $id.Translate( [System.Security.Principal.NTAccount] )
return $account
}
#----------------------------------------------------------------------------------------------------------
get-NTaccount "S-1-5-21-812403740-544655063-2921696178-1958"
In this function we take a SID in string format, and cast it as a SecurityIdentifier and then use the .Net method to translate [...]
« Previous Entries