Public/Get-ADSIGroupPolicyObject.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
function Get-ADSIGroupPolicyObject
{
<#
.SYNOPSIS
 This function will query Active Directory Group Policy Objects
  
.PARAMETER Credential
    Specify the Credential to use
  
.PARAMETER DomainDistinguishedName
    Specify the DistinguishedName of the Domain to query
  
.PARAMETER SizeLimit
    Specify the number of item(s) to output.
    Default is 100.
  
.NOTES
 Francois-Xavier Cat
 LazyWinAdmin.com
 @lazywinadm
#>

    [CmdletBinding()]
    PARAM (
        [Parameter()]
        [Alias("Domain", "DomainDN")]
        [String]$DomainDistinguishedName = $(([adsisearcher]"").Searchroot.path),
        
        [Alias("RunAs")]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential = [System.Management.Automation.PSCredential]::Empty,
        
        [Alias("ResultLimit", "Limit")]
        [int]$SizeLimit = '100'
    )
    BEGIN { }
    PROCESS
    {
        TRY
        {
            # Building the basic search object with some parameters
            $Search = New-Object -TypeName System.DirectoryServices.DirectorySearcher -ErrorAction 'Stop'
            $Search.SizeLimit = $SizeLimit
            $Search.Filter = "(objectCategory=groupPolicyContainer)"
            
            IF ($PSBoundParameters['DomainDistinguishedName'])
            {
                IF ($DomainDistinguishedName -notlike "LDAP://*") { $DomainDistinguishedName = "LDAP://$DomainDistinguishedName" }#IF
                Write-Verbose -Message "[PROCESS] Different Domain specified: $DomainDistinguishedName"
                $Search.SearchRoot = $DomainDistinguishedName
            }
            IF ($PSBoundParameters['Credential'])
            {
                Write-Verbose -Message "[PROCESS] Different Credential specified: $($credential.username)"
                $Cred = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $DomainDistinguishedName, $($Credential.UserName), $($Credential.GetNetworkCredential().password)
                $Search.SearchRoot = $Cred
            }
            If (-not $PSBoundParameters["SizeLimit"])
            {
                Write-Warning -Message "Default SizeLimit: 100 Results"
            }
            
            foreach ($GPO in $($Search.FindAll()))
            {
                # Define the properties
                # The properties need to be lowercase!!!!!!!!
                $GPO.properties
                
                # Output the info
                #New-Object -TypeName PSObject -Property $Properties
            }
        }#TRY
        CATCH
        {
            Write-Warning -Message "[PROCESS] Something wrong happened!"
            Write-Warning -Message $error[0].Exception.Message
        }
    }#PROCESS
    END
    {
        Write-Verbose -Message "[END] Function Get-ADSISite End."
    }
}