Public/Test-SIDInAD.ps1
|
<#
.SYNOPSIS Searches for a user SAM account name by SID in Active Directory. .DESCRIPTION The `Test-SIDInAD` function searches for a user SAM account name using a provided SID value. It accepts an array of search root paths and logs the search process. .PARAMETER SIDValue The SID value to search for. .PARAMETER SearchRoots An array of search root paths to search in. .PARAMETER LogPath (Optional) Path to the log file where log messages will be written. .EXAMPLE PS C:\> $samaccountname = Test-SIDInAD -SIDValue "S-1-5-21-..." -SearchRoots @("GC://dc=test,dc=LOCAL", "GC://dc=testing,dc=LOCAL") # Tests the SID value against the AD .EXAMPLE PS C:\> $samaccountname = Test-SIDInAD -SIDValue "S-1-5-21-..." -SearchRoots @("GC://dc=test,dc=LOCAL") -LogPath "C:\path\to\logfile.log" # Tests the SID value against the AD with logging .NOTES N\A #> function Test-SIDInAD { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$SIDValue, [Parameter(Mandatory = $true)] [string[]]$SearchRoots, [Parameter(Mandatory = $false)] [string]$LogPath ) # Define the search filter $strFilter = "(&(objectCategory=User)(objectSid=$SIDValue))" $samaccountname = $null foreach ($searchRoot in $SearchRoots) { $samaccountname = Search-ADForSID -SearchRoot $searchRoot -Filter $strFilter -LogPath $LogPath if ($samaccountname) { Write-Log -Message "Found SID $SIDValue in Active Directory with SAM account name: $samaccountname" -LogPath $LogPath break } } if (-not $samaccountname) { Write-Log -Message "SID $SIDValue not found in Active Directory" -LogPath $LogPath } return $samaccountname } |