Solved

Unable to retrieve group membership of a Foreign Security Principals account

Posted on 2011-03-19
3
1,645 Views
Last Modified: 2013-12-24
I'm trying to retrieve the local  group membership (groups in my local domain) from Foreign Security Principals accounts (created after granting access to a resource to an account from a trusted domain) via VBScript.  I'm using the code below but no matter what I do I'm not seeing the group membership.  The code works fine with a normal account.

Set objGroup = GetObject("LDAP://CN=S-1-5-21-466423297-1915321860-2068054413-25636,CN=ForeignSecurityPrincipals,DC=mydomain,DC=root")

arrGroups = objGroup.memberOf

I can see the membership when I look in the AD Users and Computers console.

Any ideas?
0
Comment
Question by:LonPete67
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 36385399
If memory serves me, the memberOf attribute is non-existent for Foreign Security Principals - thus no results.

Since these SIDs/GUIDs are objects representing groups/principals in your trusted domain(s), you need to enumerate them to a real domain/group (or user) then go after the memberOf of that result.



0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 37475334
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question