AdsiPS

1.0.0.3

Public/Get-ADSIGroupPolicyObject.ps1

function Get-ADSIGroupPolicyObject
{
<#
.SYNOPSIS
    This function will query Active Directory Group Policy Objects
 
.DESCRIPTION
    This function will query Active Directory Group Policy Objects
     
.PARAMETER Credential
    Specifies alternative Credential to use
     
.PARAMETER DomainDistinguishedName
    Specify the DistinguishedName of the Domain to query.
     
.PARAMETER SizeLimit
    Specify the number of item(s) to output.
    Default is 100.
 
.EXAMPLE
    Get-ADSIGroupPolicyObject
 
    Retrieve all the group policy in the current domain
 
.NOTES
    github.com/lazywinadmin/AdsiPS
 
    https://msdn.microsoft.com/en-us/library/cc232507.aspx
#>
    [CmdletBinding()]
    PARAM (
        [Parameter()]
        [Alias("Domain", "DomainDN")]
        [String]$DomainDistinguishedName = $(([adsisearcher]"").Searchroot.path),
        
        [Alias("RunAs")]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential = [System.Management.Automation.PSCredential]::Empty,
        
        [Alias("ResultLimit", "Limit")]
        [int]$SizeLimit = '100'
    )
    BEGIN { }
    PROCESS
    {
        TRY
        {
            $ScriptName = (Get-Variable -name MyInvocation -Scope 0 -ValueOnly).MyCommand

            # Building the basic search object with some parameters
            Write-Verbose -message "[$ScriptName] Create DirectorySearcher"
            $Search = New-Object -TypeName System.DirectoryServices.DirectorySearcher -ErrorAction 'Stop'
            Write-Verbose -message "[$ScriptName] Set SizeLimit of '$SizeLimit'"
            $Search.SizeLimit = $SizeLimit
            Write-Verbose -message "[$ScriptName] Set Filter '(objectCategory=groupPolicyContainer)'"
            $Search.Filter = "(objectCategory=groupPolicyContainer)"
            
            IF ($PSBoundParameters['DomainDistinguishedName'])
            {
                Write-Verbose -message "[$ScriptName] DomainDistinguishedName specified = '$DomainDistinguishedName'"
                IF ($DomainDistinguishedName -notlike "LDAP://*") {
                    Write-Verbose -message "[$ScriptName] DomainDistinguishedName notlike 'LDAP://*', prepending LDAP://"
                    $DomainDistinguishedName = "LDAP://$DomainDistinguishedName"
                }#IF
                $Search.SearchRoot = $DomainDistinguishedName
            }
            IF ($PSBoundParameters['Credential'])
            {
                Write-Verbose -message "[$ScriptName] Different Credential specified: '$($credential.username)'"
                $Cred = New-Object -TypeName System.DirectoryServices.DirectoryEntry -ArgumentList $DomainDistinguishedName, $($Credential.UserName), $($Credential.GetNetworkCredential().password)
                $Search.SearchRoot = $Cred
            }
            If (-not $PSBoundParameters["SizeLimit"])
            {
                Write-Warning -Message "[$ScriptName] Default SizeLimit: 100 Results"
            }

            Write-Verbose -message "[$ScriptName] Looking for objects..."
            foreach ($GPO in $($Search.FindAll()))
            {
                # Define the properties
                # The properties need to be lowercase!!!!!!!!
                $Properties = @{
                    adspath                 = $gpo.properties.adspath                 -as [system.string]
                    gpcfunctionalityversion = $gpo.properties.gpcfunctionalityversion -as [system.int32]
                    usnchanged              = $gpo.properties.usnchanged              -as [system.string]
                    showinadvancedviewonly  = $gpo.properties.showinadvancedviewonly  -as [system.string]
                    displayname             = $gpo.properties.displayname             -as [system.string]
                    whencreated             = $gpo.properties.whencreated             -as [System.DateTime]
                    gpcmachineextensionnames= $gpo.properties.gpcmachineextensionnames-as [system.string]
                    instancetype            = $gpo.properties.instancetype            -as [system.string]
                    versionnumber           = $gpo.properties.versionnumber           -as [system.int32]
                    gpcfilesyspath          = $gpo.properties.gpcfilesyspath          -as [system.string]
                    usncreated              = $gpo.properties.usncreated              -as [system.string]
                    flags                   = $gpo.properties.flags                   -as [system.int32]
                    whenchanged             = $gpo.properties.whenchanged             -as [System.DateTime]
                    cn                      = $gpo.properties.cn                      -as [system.string]
                    objectguid              = $gpo.properties.objectguid
                    distinguishedname       = $gpo.properties.distinguishedname       -as [system.string]
                    objectcategory          = $gpo.properties.objectcategory          -as [system.string]
                    iscriticalsystemobject  = $gpo.properties.iscriticalsystemobject  -as [system.string]
                    objectclass             = $gpo.properties.objectclass
                    systemflags             = $gpo.properties.systemflags             -as [system.string]
                    dscorepropagationdata   = $gpo.properties.dscorepropagationdata   -as [system.string]
                    name                    = $gpo.properties.name                    -as [system.string]
                    raw                     = $gpo
                }

                # Output the info
                New-Object -TypeName PSObject -Property $Properties
                
            }
        }#TRY
        CATCH
        {
            Write-Warning -Message "[$ScriptName] Something wrong happened!"
            $PSCmdlet.ThrowTerminatingError($_)
        }
    }#PROCESS
    END
    {
        Write-Verbose -message "[$ScriptName] End."
    }
}