Export ForeignSecurityPrincipals container foreign SIDs into readable name
Hi
Anyone know if there is a script where you can export the foreign SID in the ForeignSecurityPrincipals container and at the same time to dump the MemberOf of those SIDs to a file.
The memberof should be the group in our domain where the user SID a member of.
Cheers
Bry
Anyone know if there is a script where you can export the foreign SID in the ForeignSecurityPrincipals container and at the same time to dump the MemberOf of those SIDs to a file.
The memberof should be the group in our domain where the user SID a member of.
Cheers
Bry
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi mkline71
that's awesome..! Thanks very much for that bit of info :-)
I will research but off the top of your head, would you happen to know how I may <sidtoname> in the adfind process and have the .csv populated with the 'friendly' names?
Again, many thanks for your reply.
Cheers
Bry
that's awesome..! Thanks very much for that bit of info :-)
I will research but off the top of your head, would you happen to know how I may <sidtoname> in the adfind process and have the .csv populated with the 'friendly' names?
Again, many thanks for your reply.
Cheers
Bry
I'll try and test later when I get home, I'll let you know.
Thanks
Mike
Thanks
Mike
Just add in the field you want to output as well such as displayname or name.
adfind -fsps displayname name objectsid memberof -csv > c:\FSPDump.csv
adfind -fsps displayname name objectsid memberof -csv > c:\FSPDump.csv
adfind displayname name objectsid memberof -csv > dumpfile.csv
Not sure what the -fsps switches are but didn't work for me.
ASKER
Hi darkstar3d
thanks for your response - Apologies for delay in getting back, been out of the office.
I'll be back in on Monday to try further tests and update.
Cheers
Bry
thanks for your response - Apologies for delay in getting back, been out of the office.
I'll be back in on Monday to try further tests and update.
Cheers
Bry
ASKER
hi
What I done to dump out the friendly name is the following:
adfind -sc fspdmp objectsid memberof -csv > c:\dumpfile2.csv
Works for me now
I'll award points to MKLINE71 as this was the pointer that got me the solution and was pretty much close..!.
Thanks also to darkstar3d for the response - Much appreciated.
Cheers
Bry
What I done to dump out the friendly name is the following:
adfind -sc fspdmp objectsid memberof -csv > c:\dumpfile2.csv
Works for me now
I'll award points to MKLINE71 as this was the pointer that got me the solution and was pretty much close..!.
Thanks also to darkstar3d for the response - Much appreciated.
Cheers
Bry
Man good call, I should have gotten
-sc fspdmp
Joe has so many shortcuts that it is hard to keep track sometimes :)
Thanks
Mike
http://adisfun.blogspot.co
-sc fspdmp
Joe has so many shortcuts that it is hard to keep track sometimes :)
Thanks
Mike
http://adisfun.blogspot.co
ASKER
On Error Resume Next
Set objGroup = GetObject _
("LDAP://CN=S-1-5-21-57989
objGroup.GetInfo
arrMemberOf = objGroup.GetEx("memberOf")
WScript.Echo "I'm a member of:"
For Each strMember in arrMemberOf
WScript.echo strMember
Next
I would like to target the whole container and exoort to .csv or similar.
Cheers
Bry