functions/Get-GPWmiFilter.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
function Get-GPWmiFilter
{
<#
    .SYNOPSIS
        Get a WMI filter in current domain
     
    .DESCRIPTION
        The Get-GPWmiFilter function query WMI filter(s) in current domain with specific name or GUID.
     
    .PARAMETER Name
        The name of WMI filter you want to query out.
        Default Value: '*'
     
    .PARAMETER Guid
        The guid of WMI filter you want to query out.
     
    .PARAMETER Server
        The server to contact.
        Specify the DNS Name of a Domain Controller.
     
    .PARAMETER Credential
        The credentials to use to contact the targeted server.
     
    .EXAMPLE
        PS C:\> Get-GPWmiFilter -Name 'Virtual Machines'
         
        Get WMI filter(s) with the name 'Virtual Machines'
     
    .EXAMPLE
        PS C:\> Get-GPWmiFilter
         
        Get all WMI filters in current domain
#>

    [CmdletBinding(DefaultParameterSetName = 'ByName')]
    param
    (
        [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, Position = 0, ParameterSetName = "ByName")]
        [ValidateNotNull()]
        [string[]]
        $Name = "*",
        
        [Parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = "ByGUID")]
        [ValidateNotNull()]
        [Guid[]]
        $Guid,
        
        [string]
        $Server = $env:USERDNSDOMAIN,
        
        [System.Management.Automation.PSCredential]
        $Credential
    )
    
    begin
    {
        #region Resolve Server
        try { $PSBoundParameters.Server = Get-DomainController -Server $Server -Credential $Credential }
        catch
        {
            Stop-PSFFunction -String 'Get-GPWmiFilter.FailedADAccess' -StringValues $Server -EnableException $EnableException -ErrorRecord $_
            return
        }
        #endregion Resolve Server
        
        $parameters = @{
            Properties = "msWMI-Name", "msWMI-Parm1", "msWMI-Parm2", "msWMI-Author", "msWMI-ID", "Modified", 'nTSecurityDescriptor'
            Server = $PSBoundParameters.Server
        }
        if (Test-PSFParameterBinding -ParameterName Credential) { $parameters['Credential'] = $Credential }
        
        $selectProperties = @(
            '"msWMI-Name" as Name'
            '"msWMI-Author" as Author'
            '"msWMI-Parm1" as Description'
            '"msWMI-ID".Trim("{}") to GUID as ID'
            'Modified'
            '"msWMI-Parm2" as Filter'
            'DistinguishedName'
            'nTSecurityDescriptor.Owner as SecOwner'
            'nTSecurityDescriptor.Access as SecAccess'
            'nTSecurityDescriptor as SecACL'
        )
        [System.Collections.ArrayList]$foundPolicies = @()
    }
    process
    {
        if (Test-PSFFunctionInterrupt) { return }
        
        if ($Guid)
        {
            foreach ($guidItem in $Guid)
            {
                Write-PSFMessage -String 'Get-GPWmiFilter.SearchGuid' -StringValues $guidItem -Level Debug
                $ldapFilter = "(&(objectClass=msWMI-Som)(Name={$guidItem}))"
                Get-ADObject @parameters -LDAPFilter $ldapFilter | Select-PSFObject -Property $selectProperties -TypeName 'GroupPolicy.WMIFilter' | Where-Object {
                    if ($foundPolicies -notcontains $_.ID)
                    {
                        $null = $foundPolicies.Add($_.ID)
                        return $true
                    }
                }
            }
        }
        elseif ($Name)
        {
            foreach ($nameItem in $Name)
            {
                Write-PSFMessage -String 'Get-GPWmiFilter.SearchName' -StringValues $nameItem -Level Debug
                $ldapFilter = "(&(objectClass=msWMI-Som)(msWMI-Name=$nameItem))"
                Get-ADObject @parameters -LDAPFilter $ldapFilter | Select-PSFObject -Property $selectProperties -TypeName 'GroupPolicy.WMIFilter' | Where-Object {
                    if ($foundPolicies -notcontains $_.ID)
                    {
                        $null = $foundPolicies.Add($_.ID)
                        return $true
                    }
                }
            }
        }
    }
}