LDAP: Difference between revisions
Jump to navigation
Jump to search
No edit summary (change visibility) |
No edit summary (change visibility) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Well known [[SID]]'s = | = Well known [[SID]]'s = | ||
some well known sid's | |||
where objectSID -eq | where objectSID -eq | ||
{| border="1" style="border-collapse:collapse;" | {| border="1" style="border-collapse:collapse;" | ||
Line 10: | Line 13: | ||
|- | |- | ||
| S-1-5-32-551 || Backup Operators | | S-1-5-32-551 || Backup Operators | ||
|- | |||
| S-1-5-32-554 || BUILTIN\Pre-Windows 2000 Compatible Access | |||
|- | |||
| -rootdomainSid-512 || Domain Admins | |||
|- | |- | ||
| $rootDomainSid-519 || Enterprise Admins | | $rootDomainSid-519 || Enterprise Admins | ||
|- | |- | ||
| $rootDomainSid-518 || Schema Admins | | $rootDomainSid-518 || Schema Admins | ||
|- | |||
| $rootDomainSid-500 || Administrator | |||
|} | |} | ||
Line 39: | Line 48: | ||
$objItem | $objItem | ||
</syntaxhighlight> | |||
Quickly find administrator account | |||
<syntaxhighlight lang="powershell"> | |||
get-aduser -Filter * | where sid -like "*-500" | |||
</syntaxhighlight> | </syntaxhighlight> |
Latest revision as of 09:07, 15 September 2014
Well known SID's
some well known sid's
where objectSID -eq
S-1-5-32-544 | Administrators |
S-1-5-32-548 | Account Operators |
S-1-5-32-549 | Server Operators |
S-1-5-32-551 | Backup Operators |
S-1-5-32-554 | BUILTIN\Pre-Windows 2000 Compatible Access |
-rootdomainSid-512 | Domain Admins |
$rootDomainSid-519 | Enterprise Admins |
$rootDomainSid-518 | Schema Admins |
$rootDomainSid-500 | Administrator |
http://support.microsoft.com/kb/243330
in powershell
$strFilter = "(&(objectCategory=User)(Department=Finance))"
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"
$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{$objItem = $objResult.Properties; $objItem.name}
$objItem
Quickly find administrator account
get-aduser -Filter * | where sid -like "*-500"