@@ -6071,23 +6071,26 @@ The raw DirectoryServices.SearchResult object, if -Raw is enabled.
60716071 $ObjectSearcher = Get-DomainSearcher @SearcherArguments
60726072 }
60736073 }
6074- elseif ($IdentityInstance -match '^S-1-.*') {
6075- $IdentityFilter += "(objectsid=$IdentityInstance)"
6076- }
6077- elseif ($IdentityInstance -match '^(CN|OU|DC)=.*') {
6078- $IdentityFilter += "(distinguishedname=$IdentityInstance)"
6079- }
60806074 else {
6081- try {
6082- $GuidByteString = (-Join (([Guid] $IdentityInstance).ToByteArray() | ForEach-Object {$_.ToString('X').PadLeft(2,'0')})) -Replace '(..)','\$1'
6083- $IdentityFilter += "(objectguid=$GuidByteString )"
6075+ $IdentityInstance = $IdentityInstance.Replace('(', '\28').Replace(')', '\29')
6076+ if ( $IdentityInstance -match '^S-1-.*') {
6077+ $IdentityFilter += "(objectsid=$IdentityInstance )"
60846078 }
6085- catch {
6086- if ($IdentityInstance.Contains('.')) {
6087- $IdentityFilter += "(|(samAccountName=$IdentityInstance)(name=$IdentityInstance)(dnshostname=$IdentityInstance))"
6079+ elseif ($IdentityInstance -match '^(CN|OU|DC)=.*') {
6080+ $IdentityFilter += "(distinguishedname=$IdentityInstance)"
6081+ }
6082+ else {
6083+ try {
6084+ $GuidByteString = (-Join (([Guid]$IdentityInstance).ToByteArray() | ForEach-Object {$_.ToString('X').PadLeft(2,'0')})) -Replace '(..)','\$1'
6085+ $IdentityFilter += "(objectguid=$GuidByteString)"
60886086 }
6089- else {
6090- $IdentityFilter += "(|(samAccountName=$IdentityInstance)(name=$IdentityInstance))"
6087+ catch {
6088+ if ($IdentityInstance.Contains('.')) {
6089+ $IdentityFilter += "(|(samAccountName=$IdentityInstance)(name=$IdentityInstance)(dnshostname=$IdentityInstance))"
6090+ }
6091+ else {
6092+ $IdentityFilter += "(|(samAccountName=$IdentityInstance)(name=$IdentityInstance))"
6093+ }
60916094 }
60926095 }
60936096 }
0 commit comments