LDAP: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
|||
Line 10: | Line 10: | ||
|- | |- | ||
| S-1-5-32-551 || Backup Operators | | S-1-5-32-551 || Backup Operators | ||
|- | |||
| S-1-5-32-554 || BUILTIN\Pre-Windows 2000 Compatible Access | |||
|- | |- | ||
| $rootDomainSid-519 || Enterprise Admins | | $rootDomainSid-519 || Enterprise Admins |
Revision as of 13:56, 6 January 2014
Well known SID's
where objectSID -eq
S-1-5-32-544 | Administrators |
S-1-5-32-548 | Account Operators |
S-1-5-32-549 | Server Operators |
S-1-5-32-551 | Backup Operators |
S-1-5-32-554 | BUILTIN\Pre-Windows 2000 Compatible Access |
$rootDomainSid-519 | Enterprise Admins |
$rootDomainSid-518 | Schema Admins |
http://support.microsoft.com/kb/243330
in powershell
$strFilter = "(&(objectCategory=User)(Department=Finance))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{$objItem = $objResult.Properties; $objItem.name}
$objItem