@@ -5012,7 +5012,7 @@ function Get-DomainSID {
50125012 $DCSID.Substring (0 , $DCSID.LastIndexOf (' -'
50135013 }
50145014 else {
5015- Write-Warning " Error extracting domain SID for $Domain "
5015+ Write-Verbose " Error extracting domain SID for $Domain "
50165016 }
50175017}
50185018
@@ -7043,20 +7043,26 @@ function Find-GPOLocation {
70437043 ' PageSize' = $PageSize
70447044 }
70457045
7046- # enumerate all GPO group mappings for the target domain
7046+ # enumerate all GPO group mappings for the target domain that involve our target SID set
70477047 $GPOgroups = Get-NetGPOGroup @GPOGroupArgs | ForEach-Object {
70487048
70497049 $GPOgroup = $_
70507050
7051- # if the locally set group is what we're looking for or the locally set group is a
7052- # member of what we're looking for, check the GroupMembers for our target SID
7053- if ( ( $GPOgroup.GroupSID -match $TargetLocalSID ) -or ( $GPOgroup .GroupMemberOf -contains $TargetLocalSID ) ) {
7051+ # if the locally set group is what we're looking for, check the GroupMembers ('members')
7052+ # for our target SID
7053+ if ($GPOgroup.GroupSID -match $TargetLocalSID ) {
70547054 $GPOgroup.GroupMembers | Where-Object {$_ } | ForEach-Object {
70557055 if ( ($TargetSIDs [0 ] -eq ' *' -or ($TargetSIDs -Contains $_ ) ) {
70567056 $GPOgroup
70577057 }
70587058 }
70597059 }
7060+ # if the group is a 'memberof' the group we're looking for, check GroupSID against the targt SIDs
7061+ if ( ($GPOgroup.GroupMemberOf -contains $TargetLocalSID ) ) {
7062+ if ( ($TargetSIDs [0 ] -eq ' *' -or ($TargetSIDs -Contains $GPOgroup.GroupSID ) ) {
7063+ $GPOgroup
7064+ }
7065+ }
70607066 } | Sort-Object - Property GPOName - Unique
70617067
70627068 $GPOgroups | ForEach-Object {
@@ -7065,12 +7071,18 @@ function Find-GPOLocation {
70657071 $GPOguid = $_.GPOName
70667072 $GPOPath = $_.GPOPath
70677073 $GPOType = $_.GPOType
7068- $GPOMembers = $_.GroupMembers
7074+ if ($_.GroupMembers ) {
7075+ $GPOMembers = $_.GroupMembers
7076+ }
7077+ else {
7078+ $GPOMembers = $_.GroupSID
7079+ }
7080+
70697081 $Filters = $_.Filters
70707082
70717083 if (-not $TargetObject ) {
70727084 # if the * wildcard was used, set the ObjectDistName as the GPO member SID set
7073- # so all relationship mappings are output
7085+ # so all relationship mappings are output
70747086 $TargetObjectSIDs = $GPOMembers
70757087 }
70767088 else {
@@ -7306,8 +7318,7 @@ function Find-GPOComputerAdmin {
73067318
73077319 $TargetOUs | Where-Object {$_ } | ForEach-Object {
73087320
7309- # for each OU the computer is a part of, get the full OU object
7310- $GPOgroups += Get-NetOU - Domain $Domain - DomainController $DomainController - ADSpath $_ - FullData - PageSize $PageSize | ForEach-Object {
7321+ $GPOLinks = Get-NetOU - Domain $Domain - DomainController $DomainController - ADSpath $_ - FullData - PageSize $PageSize | ForEach-Object {
73117322 # and then get any GPO links
73127323 if ($_.gplink ) {
73137324 $_.gplink.split (" ][" | ForEach-Object {
@@ -7316,25 +7327,39 @@ function Find-GPOComputerAdmin {
73167327 }
73177328 }
73187329 }
7319- } | ForEach-Object {
7320- $GPOGroupArgs = @ {
7321- ' Domain' = $Domain
7322- ' DomainController' = $DomainController
7323- ' UsePSDrive' = $UsePSDrive
7324- ' ResolveMemberSIDs' = $True
7325- ' PageSize' = $PageSize
7330+ }
7331+
7332+ $GPOGroupArgs = @ {
7333+ ' Domain' = $Domain
7334+ ' DomainController' = $DomainController
7335+ ' UsePSDrive' = $UsePSDrive
7336+ ' ResolveMemberSIDs' = $True
7337+ ' PageSize' = $PageSize
7338+ }
7339+
7340+ # extract GPO groups that are set through any gPlink for this OU
7341+ $GPOGroups += Get-NetGPOGroup @GPOGroupArgs | ForEach-Object {
7342+ ForEach ($GPOLink in $GPOLinks ) {
7343+ $Name = $_.GPOName
7344+ if ($GPOLink -like " *$Name *"
7345+ $_
7346+ }
73267347 }
7327- # for each GPO link, get any locally set user/group SIDs
7328- Get-NetGPOGroup @GPOGroupArgs
73297348 }
73307349 }
73317350
73327351 # for each found GPO group, resolve the SIDs of the members
73337352 $GPOgroups | Sort-Object - Property GPOName - Unique | ForEach-Object {
73347353 $GPOGroup = $_
73357354
7336- $GPOGroup.GroupMembers | ForEach-Object {
7355+ if ($GPOGroup.GroupMembers ) {
7356+ $GPOMembers = $GPOGroup.GroupMembers
7357+ }
7358+ else {
7359+ $GPOMembers = $GPOGroup.GroupSID
7360+ }
73377361
7362+ $GPOMembers | ForEach-Object {
73387363 # resolve this SID to a domain object
73397364 $Object = Get-ADObject - Domain $Domain - DomainController $DomainController - PageSize $PageSize - SID $_
73407365
@@ -7349,8 +7374,8 @@ function Find-GPOComputerAdmin {
73497374 $GPOComputerAdmin | Add-Member Noteproperty ' GPODisplayName' $GPOGroup.GPODisplayName
73507375 $GPOComputerAdmin | Add-Member Noteproperty ' GPOGuid' $GPOGroup.GPOName
73517376 $GPOComputerAdmin | Add-Member Noteproperty ' GPOPath' $GPOGroup.GPOPath
7352- $GPOComputerAdmin | Add-Member Noteproperty ' GPOType' $GPOType .GPOType
7353- $GPOComputerAdmin
7377+ $GPOComputerAdmin | Add-Member Noteproperty ' GPOType' $GPOGroup .GPOType
7378+ $GPOComputerAdmin
73547379
73557380 # if we're recursing and the current result object is a group
73567381 if ($Recurse -and $GPOComputerAdmin.isGroup ) {
@@ -7685,7 +7710,7 @@ function Get-NetLocalGroup {
76857710 # 0 = success
76867711 if (($Result -eq 0 ) -and ($Offset -gt 0 )) {
76877712
7688- # Work out how mutch to increment the pointer by finding out the size of the structure
7713+ # Work out how much to increment the pointer by finding out the size of the structure
76897714 $Increment = $LOCALGROUP_MEMBERS_INFO_2 ::GetSize()
76907715
76917716 # parse all the result structures
@@ -7979,7 +8004,7 @@ filter Get-NetShare {
79798004 # 0 = success
79808005 if (($Result -eq 0 ) -and ($Offset -gt 0 )) {
79818006
7982- # Work out how mutch to increment the pointer by finding out the size of the structure
8007+ # Work out how much to increment the pointer by finding out the size of the structure
79838008 $Increment = $SHARE_INFO_1 ::GetSize()
79848009
79858010 # parse all the result structures
@@ -8073,7 +8098,7 @@ filter Get-NetLoggedon {
80738098 # 0 = success
80748099 if (($Result -eq 0 ) -and ($Offset -gt 0 )) {
80758100
8076- # Work out how mutch to increment the pointer by finding out the size of the structure
8101+ # Work out how much to increment the pointer by finding out the size of the structure
80778102 $Increment = $WKSTA_USER_INFO_1 ::GetSize()
80788103
80798104 # parse all the result structures
@@ -8175,7 +8200,7 @@ filter Get-NetSession {
81758200 # 0 = success
81768201 if (($Result -eq 0 ) -and ($Offset -gt 0 )) {
81778202
8178- # Work out how mutch to increment the pointer by finding out the size of the structure
8203+ # Work out how much to increment the pointer by finding out the size of the structure
81798204 $Increment = $SESSION_INFO_10 ::GetSize()
81808205
81818206 # parse all the result structures
@@ -8340,7 +8365,7 @@ filter Get-NetRDPSession {
83408365
83418366 if (($Result -ne 0 ) -and ($Offset -gt 0 )) {
83428367
8343- # Work out how mutch to increment the pointer by finding out the size of the structure
8368+ # Work out how much to increment the pointer by finding out the size of the structure
83448369 $Increment = $WTS_SESSION_INFO_1 ::GetSize()
83458370
83468371 # parse all the result structures
@@ -12573,6 +12598,7 @@ function Get-NetDomainTrust {
1257312598 $DomainTrust | Add-Member Noteproperty ' ObjectGuid' " {$ObjectGuid }"
1257412599 $DomainTrust | Add-Member Noteproperty ' TrustType' $ ($TrustAttrib -join ' ,'
1257512600 $DomainTrust | Add-Member Noteproperty ' TrustDirection' " $Direction "
12601+ $DomainTrust.PSObject.TypeNames.Add (' PowerView.DomainTrustLDAP'
1257612602 $DomainTrust
1257712603 }
1257812604 $Results.dispose ()
@@ -12601,7 +12627,7 @@ function Get-NetDomainTrust {
1260112627 # 0 = success
1260212628 if (($Result -eq 0 ) -and ($Offset -gt 0 )) {
1260312629
12604- # Work out how mutch to increment the pointer by finding out the size of the structure
12630+ # Work out how much to increment the pointer by finding out the size of the structure
1260512631 $Increment = $DS_DOMAIN_TRUSTS ::GetSize()
1260612632
1260712633 # parse all the result structures
@@ -12650,7 +12676,10 @@ function Get-NetDomainTrust {
1265012676 # if we're using direct domain connections through .NET
1265112677 $FoundDomain = Get-NetDomain - Domain $Domain - Credential $Credential
1265212678 if ($FoundDomain ) {
12653- $FoundDomain.GetAllTrustRelationships ()
12679+ $FoundDomain.GetAllTrustRelationships () | ForEach-Object {
12680+ $_.PSObject.TypeNames.Add (' PowerView.DomainTrust'
12681+ $_
12682+ }
1265412683 }
1265512684 }
1265612685 }
@@ -12699,7 +12728,10 @@ function Get-NetForestTrust {
1269912728 $FoundForest = Get-NetForest - Forest $Forest - Credential $Credential
1270012729
1270112730 if ($FoundForest ) {
12702- $FoundForest.GetAllTrustRelationships ()
12731+ $FoundForest.GetAllTrustRelationships () | ForEach-Object {
12732+ $_.PSObject.TypeNames.Add (' PowerView.ForestTrust'
12733+ $_
12734+ }
1270312735 }
1270412736 }
1270512737}
@@ -13144,9 +13176,10 @@ function Invoke-MapDomainTrust {
1314413176 $TargetDomain = $Trust.TargetName
1314513177 $TrustType = $Trust.TrustType
1314613178 $TrustDirection = $Trust.TrustDirection
13179+ $ObjectType = $Trust.PSObject.TypeNames | Where-Object {$_ -match ' PowerView' | Select-Object - First 1
1314713180
1314813181 # make sure we process the target
13149- $Null = $Domains.push ($TargetDomain )
13182+ $Null = $Domains.Push ($TargetDomain )
1315013183
1315113184 # build the nicely-parsable custom output object
1315213185 $DomainTrust = New-Object PSObject
@@ -13156,6 +13189,7 @@ function Invoke-MapDomainTrust {
1315613189 $DomainTrust | Add-Member Noteproperty ' TargetSID' $Trust.TargetSID
1315713190 $DomainTrust | Add-Member Noteproperty ' TrustType' " $TrustType "
1315813191 $DomainTrust | Add-Member Noteproperty ' TrustDirection' " $TrustDirection "
13192+ $DomainTrust.PSObject.TypeNames.Add ($ObjectType )
1315913193 $DomainTrust
1316013194 }
1316113195 }
0 commit comments