@@ -6702,25 +6702,26 @@ function Get-NetGPOGroup {
67026702 $Group , $Relation = $Membership.Key.Split (' __' , $Option ) | ForEach-Object {$_.Trim ()}
67036703
67046704 # extract out ALL members
6705- $MembershipValue = $Membership.Value.Split (' ,' | ForEach-Object { $_.Trim (' *' | Where-Object {$_ }
6706- if ($MembershipValue -isnot [System.Array ]) { $MembershipValue = @ ($MembershipValue ) }
6705+ $MembershipValue = $Membership.Value | Where-Object {$_ } | ForEach-Object { $_.Trim (' *' | Where-Object {$_ }
67076706
67086707 if ($ResolveMemberSIDs ) {
67096708 # if the resulting member is username and not a SID, attempt to resolve it
67106709 $GroupMembers = @ ()
67116710 ForEach ($Member in $MembershipValue ) {
6712- if ($Member -notmatch ' ^S-1-.*'
6713- $MemberSID = Convert-NameToSid - ObjectName $Member | Select-Object - ExpandProperty SID
6714- if ($MemberSID ) {
6715- $GroupMembers += $MemberSID
6711+ if ($Member -and ($Member.Trim () -ne ' '
6712+ if ($Member -notmatch ' ^S-1-.*'
6713+ $MemberSID = Convert-NameToSid - ObjectName $Member | Select-Object - ExpandProperty SID
6714+ if ($MemberSID ) {
6715+ $GroupMembers += $MemberSID
6716+ }
6717+ else {
6718+ $GroupMembers += $Member
6719+ }
67166720 }
67176721 else {
67186722 $GroupMembers += $Member
67196723 }
67206724 }
6721- else {
6722- $GroupMembers += $Member
6723- }
67246725 }
67256726 $MembershipValue = $GroupMembers
67266727 }
@@ -6732,25 +6733,35 @@ function Get-NetGPOGroup {
67326733 }
67336734
67346735 ForEach ($Membership in $Memberships.GetEnumerator ()) {
6735- if ($Membership.Key -match ' ^\*'
6736+ if ($Membership -and $Membership .Key -and ( $Membership .Key - match' ^\*' ) ) {
67366737 # if the SID is already resolved (i.e. begins with *) try to resolve SID to a name
67376738 $GroupSID = $Membership.Key.Trim (' *'
6738- $GroupName = Convert-SidToName - SID $GroupSID
6739+ if ($GroupSID -and ($GroupSID.Trim () -ne ' '
6740+ $GroupName = Convert-SidToName - SID $GroupSID
6741+ }
6742+ else {
6743+ $GroupName = $False
6744+ }
67396745 }
67406746 else {
67416747 $GroupName = $Membership.Key
67426748
6743- if ($Groupname -match ' Administrators'
6744- $GroupSID = ' S-1-5-32-544'
6745- }
6746- elseif ($Groupname -match ' Remote Desktop'
6747- $GroupSID = ' S-1-5-32-555'
6748- }
6749- elseif ($Groupname -match ' Guests'
6750- $GroupSID = ' S-1-5-32-546'
6751- }
6752- else {
6753- $GroupSID = Convert-NameToSid - ObjectName $Groupname | Select-Object - ExpandProperty SID
6749+ if ($GroupName -and ($GroupName.Trim () -ne ' '
6750+ if ($Groupname -match ' Administrators'
6751+ $GroupSID = ' S-1-5-32-544'
6752+ }
6753+ elseif ($Groupname -match ' Remote Desktop'
6754+ $GroupSID = ' S-1-5-32-555'
6755+ }
6756+ elseif ($Groupname -match ' Guests'
6757+ $GroupSID = ' S-1-5-32-546'
6758+ }
6759+ elseif ($GroupName.Trim () -ne ' '
6760+ $GroupSID = Convert-NameToSid - ObjectName $Groupname | Select-Object - ExpandProperty SID
6761+ }
6762+ else {
6763+ $GroupSID = $Null
6764+ }
67546765 }
67556766 }
67566767
@@ -6777,19 +6788,21 @@ function Get-NetGPOGroup {
67776788 if ($ResolveMemberSIDs ) {
67786789 $GroupMembers = @ ()
67796790 ForEach ($Member in $_.GroupMembers ) {
6780- if ($Member -notmatch ' ^S-1-.*'
6781- # if the resulting member is username and not a SID, attempt to resolve it
6782- $MemberSID = Convert-NameToSid - ObjectName $Member | Select-Object - ExpandProperty SID
6783- if ($MemberSID ) {
6784- $GroupMembers += $MemberSID
6791+ if ($Member -and ($Member.Trim () -ne ' '
6792+ if ($Member -notmatch ' ^S-1-.*'
6793+ # if the resulting member is username and not a SID, attempt to resolve it
6794+ $MemberSID = Convert-NameToSid - ObjectName $Member | Select-Object - ExpandProperty SID
6795+ if ($MemberSID ) {
6796+ $GroupMembers += $MemberSID
6797+ }
6798+ else {
6799+ $GroupMembers += $Member
6800+ }
67856801 }
67866802 else {
67876803 $GroupMembers += $Member
67886804 }
67896805 }
6790- else {
6791- $GroupMembers += $Member
6792- }
67936806 }
67946807 $_.GroupMembers = $GroupMembers
67956808 }
0 commit comments