LDAP: Difference between revisions

From WikiWiki
Jump to navigation Jump to search
No edit summary   (change visibility)
No edit summary   (change visibility)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Well known [[SID]]'s =
= Well known [[SID]]'s =
some well known sid's
where objectSID -eq
where objectSID -eq
{| border="1" style="border-collapse:collapse;"
{| border="1" style="border-collapse:collapse;"
Line 10: Line 13:
|-
|-
| S-1-5-32-551 || Backup Operators
| S-1-5-32-551 || Backup Operators
|-
| S-1-5-32-554 || BUILTIN\Pre-Windows 2000 Compatible Access
|-
| -rootdomainSid-512    || Domain Admins
|-
|-
| $rootDomainSid-519    || Enterprise Admins
| $rootDomainSid-519    || Enterprise Admins
|-
|-
| $rootDomainSid-518    || Schema Admins
| $rootDomainSid-518    || Schema Admins
|-
| $rootDomainSid-500    || Administrator
|}
|}


Line 39: Line 48:


$objItem
$objItem
</syntaxhighlight>
Quickly find administrator account
<syntaxhighlight lang="powershell">
get-aduser -Filter * | where sid -like "*-500"
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 09:07, 15 September 2014

Well known SID's

some well known sid's


where objectSID -eq

S-1-5-32-544 Administrators
S-1-5-32-548 Account Operators
S-1-5-32-549 Server Operators
S-1-5-32-551 Backup Operators
S-1-5-32-554 BUILTIN\Pre-Windows 2000 Compatible Access
-rootdomainSid-512 Domain Admins
$rootDomainSid-519 Enterprise Admins
$rootDomainSid-518 Schema Admins
$rootDomainSid-500 Administrator

http://support.microsoft.com/kb/243330

in powershell

$strFilter = "(&(objectCategory=User)(Department=Finance))"

$objDomain = New-Object System.DirectoryServices.DirectoryEntry

$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = "Subtree"

$colProplist = "name"
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}

$colResults = $objSearcher.FindAll()

foreach ($objResult in $colResults)
    {$objItem = $objResult.Properties; $objItem.name}

$objItem


Quickly find administrator account

get-aduser -Filter * | where sid -like "*-500"