Parsers/GPO/Groups.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#region GPO Parsers
Function Write-GPOGroupsXMLData
{
    [CmdletBinding()]
    [OutputType([String])]
    param
    (
        [Parameter(Mandatory = $true)]
        [System.Xml.XmlElement]$XML    
    )

    $Properties = $XML.Properties

    if (($Properties.removeAllAccounts) -or ($Properties.deleteAllUsers) -or ($Properties.deleteAllGroups))
    {
        Write-Warning "Write-GPOGroupsXMLData: Deleting all users or groups en masse is not supported"
        Add-ProcessingHistory -Type Group -Name "GroupsXML: $($Properties.GroupName)" -ParsingError
    }
    
    $groupHash = @{}
    $groupHash.GroupName = $Properties.GroupName
    if ($XML.groupSid -ne $null)
    {
        $groupHash.GroupName = $Properties.groupSid
    }
    
    $groupHash.Description = $Properties.Description

    $actionHash = @{"ADD" = @(); "REMOVE" = @()}
    if ($Properties.userAction -ne $null)
    {
        $actionHash[$Properties.userAction] += if ($Properties.sid -ne $null) {$Properties.sid} else {$Properties.name}
    }

    if ($Properties.Members -ne $null)
    {
        $members = $Properties.Members.SelectNodes("//Member")
        foreach ($m in $members)
        {
            $actionHash[$m.Action] += if ($m.sid -ne $null) {$m.sid} else {$m.name}
        }
    }

    if ($actionHash["ADD"].Count -gt 0)
    {
        $groupHash.MembersToInclude = $actionHash["ADD"]
    }

    if ($actionHash["REMOVE"].Count -gt 0)
    {
        $groupHash.MembersToInclude = $actionHash["REMOVE"]
    }

    Write-DSCString -Resource -Type Group -Name "Groups(XML): $($groupHash.GroupName)" -Parameters $groupHash
}

Function Write-GroupINFData
{
    [CmdletBinding()]
    [OutputType([String])]
    param
    (
        [Parameter(Mandatory = $true)]
        [System.Collections.DictionaryEntry]$GroupData
    ) 
}
#endregion