Avatar of crash1624
crash1624 asked on

Powershell script Unexpected Token

Hello,

I'm running this script on a DC and getting an "unexpected token" error.  The syntax looks correct to me but I'm seeing this error nevertheless.  Thanks in advance for any assistance.

$URL = “LDAP://DC= MYDOMAIN,DC=local”;
$root = New-Object DirectoryServices.DirectoryEntry $URL
$ds = New-Object DirectoryServices.DirectorySearcher
$ds.SearchRoot = $root
$ds.filter = “objectCategory=Person”
$src = $ds.FindAll()
Write-Host $src.Count ” user objects found.`n”
$src | %{
$de = $_.GetDirectoryEntry()
$accessrules = $de.get_ObjectSecurity().GetAccessRules($true, $false,[System.Security.Principal.SecurityIdentifier]) | ?{$_.IdentityReference -eq “S-1-5-32-561¿}
if ((Measure-Object -inputobject $accessrules).Count -eq 0)
{
$ar = New-Object System.DirectoryServices.ActiveDirectoryAccessRule([System.Security.Principal.SecurityIdentifier]“S-1-5-32-561¿, “ReadProperty, WriteProperty”, “Allow”, [guid]“5805bc62-bdc9-4428-a5e2-856a0f4c185e”)
$de.get_ObjectSecurity().AddAccessRule($ar)
$de.CommitChanges()
Write-Host -f yellow (“Added:`t” + $de.properties["sAMAccountName"])
Start-Sleep -m 200
}
else
{
Write-Host -f green (“Unchanged:`t” + $de.properties["sAMAccountName"])
}
}

Write-Host "Press any key to continue ..."

$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")

Write-Host
Write-Host "A"
Write-Host "B"
Write-Host "C"

Open in new window



Output from Powershell =

Unexpected token 'S-1-5-32-561?' in expression or statement.
At C:\userattributes.ps1:13 char:129
+ $ar = New-Object System.DirectoryServices.ActiveDirectoryAccessRule([System.S
ecurity.Principal.SecurityIdentifier]"S-1-5-32-561? <<<< , "ReadProperty, Write
Property", "Allow", [guid]"5805bc62-bdc9-4428-a5e2-856a0f4c185e")
    + CategoryInfo          : ParserError: (S-1-5-32-561?:String) [], ParentCo
   ntainsErrorRecordException
    + FullyQualifiedErrorId : UnexpectedToken
PowershellActive Directory

Avatar of undefined
Last Comment
Qlemo

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Subash Sundharan

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Qlemo

Guys, please use indention for code blocks!
$URL = "LDAP://DC= MYDOMAIN,DC=local";
$root = New-Object DirectoryServices.DirectoryEntry $URL
$ds = New-Object DirectoryServices.DirectorySearcher
$ds.SearchRoot = $root
$ds.filter = "objectCategory=Person"
$src = $ds.FindAll()
Write-Host $src.Count " user objects found.`n"
$src | %{
  $de = $_.GetDirectoryEntry()
  $accessrules = $de.get_ObjectSecurity().GetAccessRules($true, $false,[System.Security.Principal.SecurityIdentifier]) | ?{$_.IdentityReference -eq "S-1-5-32-561"}
  if ((Measure-Object -inputobject $accessrules).Count -eq 0)
  {
    $ar = New-Object System.DirectoryServices.ActiveDirectoryAccessRule([System.Security.Principal.SecurityIdentifier]"S-1-5-32-561", "ReadProperty, WriteProperty", "Allow", [guid]"5805bc62-bdc9-4428-a5e2-856a0f4c185e")
    $de.get_ObjectSecurity().AddAccessRule($ar)
    $de.CommitChanges()
    Write-Host -f yellow ("Added:`t" + $de.properties["sAMAccountName"])
    Start-Sleep -m 200
  }
  else
  {
    Write-Host -f green ("Unchanged:`t" + $de.properties["sAMAccountName"])
  }
}

Write-Host "Press any key to continue ..."

$x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")

Write-Host
Write-Host "A"
Write-Host "B"
Write-Host "C"

Open in new window

is so much better to read ...
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23