[guid]((([directoryservices.directorysearcher] "(samaccountname=theuser)").findall())[0].properties.getenumerator() | ? { $_.name -eq "objectguid"}).value[0]
Comments -
- Construct a DirectorySearcher with an LDAP search filter
- Surround expression with parenthesis to use the returned value (this technique is used multiple times)
- Find all objects
- Take the first (and only) by indexing with [0]
- Get the properties
- Convert to an enumerator, so they are available in name-value pairs
- Filter out anything but objectGuid using Where-Object (?)
- Get the first value, as the value is always a collection
- Convert the value - it is a byte[] to a guid, by type-casting it with [guid]
No comments:
Post a Comment