LDAP: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
|||
| Line 1: | Line 1: | ||
= Well known [[SID]]'s = | = Well known [[SID]]'s = | ||
some well known sid's | |||
where objectSID -eq | where objectSID -eq | ||
{| border="1" style="border-collapse:collapse;" | {| border="1" style="border-collapse:collapse;" | ||
| Line 41: | Line 44: | ||
$objItem | $objItem | ||
</syntaxhighlight> | |||
Quickly find administrator account | |||
<syntaxhighlight lang="powershell"> | |||
get-aduser -Filter * | where sid -like "*-500" | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 17:22, 13 March 2014
Well known SID's
some well known sid's
where objectSID -eq
| S-1-5-32-544 | Administrators |
| S-1-5-32-548 | Account Operators |
| S-1-5-32-549 | Server Operators |
| S-1-5-32-551 | Backup Operators |
| S-1-5-32-554 | BUILTIN\Pre-Windows 2000 Compatible Access |
| $rootDomainSid-519 | Enterprise Admins |
| $rootDomainSid-518 | Schema Admins |
http://support.microsoft.com/kb/243330
in powershell
$strFilter = "(&(objectCategory=User)(Department=Finance))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{$objItem = $objResult.Properties; $objItem.name}
$objItem
Quickly find administrator account
get-aduser -Filter * | where sid -like "*-500"