LDAP: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
No edit summary (change visibility) |
||
| Line 15: | Line 15: | ||
|- | |- | ||
| S-1-5-32-554 || BUILTIN\Pre-Windows 2000 Compatible Access | | S-1-5-32-554 || BUILTIN\Pre-Windows 2000 Compatible Access | ||
|- | |||
| -rootdomainSid-512 || Domain Admins | |||
|- | |- | ||
| $rootDomainSid-519 || Enterprise Admins | | $rootDomainSid-519 || Enterprise Admins | ||
Latest revision as of 10:07, 15 September 2014
Well known SID's
some well known sid's
where objectSID -eq
| S-1-5-32-544 | Administrators |
| S-1-5-32-548 | Account Operators |
| S-1-5-32-549 | Server Operators |
| S-1-5-32-551 | Backup Operators |
| S-1-5-32-554 | BUILTIN\Pre-Windows 2000 Compatible Access |
| -rootdomainSid-512 | Domain Admins |
| $rootDomainSid-519 | Enterprise Admins |
| $rootDomainSid-518 | Schema Admins |
| $rootDomainSid-500 | Administrator |
http://support.microsoft.com/kb/243330
in powershell
$strFilter = "(&(objectCategory=User)(Department=Finance))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{$objItem = $objResult.Properties; $objItem.name}
$objItem
Quickly find administrator account
get-aduser -Filter * | where sid -like "*-500"