1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
| function Get-GroupMemberLocal { [CmdletBinding(DefaultParameterSetName='Name')] param ( [Parameter(Mandatory,Position=0,ParameterSetName='Name')] [string] $Name,
[Parameter(Mandatory,Position=0,ParameterSetName='Sid')] [System.Security.Principal.SecurityIdentifier] $Sid,
[string] $Computer = $env:COMPUTERNAME )
if ($PSCmdlet.ParameterSetName -eq 'Sid') { $Name = $sid.Translate([System.Security.Principal.NTAccount]).Value.Split('\')[-1] }
$ADSIComputer = [ADSI]("WinNT://$Computer,computer") $group = $ADSIComputer.psbase.children.find($Name, 'Group') $group.psbase.invoke("members") | ForEach-Object { try { $disabled = '-' $disabled = $_.GetType().InvokeMember("AccountDisabled", 'GetProperty', $null, $_, $null) } catch {} [PSCustomObject]@{ Name = $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null) SID = [Security.Principal.SecurityIdentifier]::new($_.GetType().InvokeMember("objectSid", 'GetProperty', $null, $_, $null),0) Path = $_.GetType().InvokeMember("AdsPath", 'GetProperty', $null, $_, $null) Type = $_.GetType().InvokeMember("Class", 'GetProperty', $null, $_, $null) Disabled = $disabled } } }
|