
#region Common

enum GPPItemAction {

enum GPPItemActionDisplay {

enum GPPType {

enum GPPContext {
    #User I'll enable it later

class PSGPPreferencesItem {
    # This class is needed to gather all unique module's classes under a single umbrella.
    # It allows to strongly type input for the Serialize-GPPItem function - the purpose of that function is
    # to be able to serialize any GPP object we throw at it, but not other objects.
    # Therefore a single parent is required.

class GPPSection : PSGPPreferencesItem {
    # GPPSection is what you see on the second level in the GPP folder in the GUI.
    # For example, "Local Users and Groups" is the "Groups" section. Yes, "User" objects are a part of the "Groups" section.

class GPPItemProperties : PSGPPreferencesItem {

class GPPItemFilter : PSGPPreferencesItem {

class GPPItem : PSGPPreferencesItem {
    hidden [string]$status
    hidden [int]$image = $Properties.action.value__
    [datetime]$changed = (Get-Date)
    [guid]$uid = [guid]::NewGuid()
    [bool]$removePolicy # not yet implemented (Remove this item when it is no longer applied)
    [bool]$bypassErrors = $true # not yet implemented (Stop processing items in this extension if an error occures (Inverted))

#region Filters

enum GPPItemFilterBool {

enum GPPItemFilterComputerType {

enum GPPItemFilterDatePeriod {

enum GPPItemFilterDateDoW {

enum GPPItemFilterFileType {

enum GPPItemFilterOSType {
    SV # Member Server
    DC # Domain Controller

enum GPPItemFilterTerminalType {

enum GPPItemFilterTerminalOption {

class GPPItemFilterBattery : GPPItemFilter {


class GPPItemFilterComputer : GPPItemFilter {

class GPPItemFilterCPU : GPPItemFilter {

class GPPItemFilterDate : GPPItemFilter {

    GPPItemFilterDate ([GPPItemFilterBool]$bool, [bool]$not, [GPPItemFilterDatePeriod] $period, [GPPItemFilterDateDoW] $dow) {
        $this.period = $period
        $this.dow = $dow

    GPPItemFilterDate([GPPItemFilterBool]$bool, [bool]$not, [GPPItemFilterDatePeriod] $period, [int] $day) {
        $this.period = $period
        $ = $day

    GPPItemFilterDate([GPPItemFilterBool]$bool, [bool]$not, [GPPItemFilterDatePeriod] $period, [datetime]$Date) {
        $this.period = $period
        $ = $Date.Day
        $this.month = $Date.Month
        $this.year = $Date.Year

class GPPItemFilterDisk : GPPItemFilter {

class GPPItemFilterDomain : GPPItemFilter {

class GPPItemFilterVariable : GPPItemFilter {

class GPPItemFilterFile : GPPItemFilter {

class GPPItemFilterIpRange : GPPItemFilter {

class GPPItemFilterLanguage : GPPItemFilter {

class GPPItemFilterLdap : GPPItemFilter {

class GPPItemFilterMacRange : GPPItemFilter {

class GPPItemFilterMsi : GPPItemFilter {
    # TODO

class GPPItemFilterOS : GPPItemFilter {
    static [string]$class = 'NT'

class GPPItemFilterOrgUnit : GPPItemFilter {

class GPPItemFiltePcmcia : GPPItemFilter {


class GPPItemFilterPortable : GPPItemFilter {

class GPPItemFilterProcMode : GPPItemFilter {

class GPPItemFilterRam : GPPItemFilter {

class GPPItemFilterRegistry : GPPItemFilter {
    # TODO

class GPPItemFilterGroup : GPPItemFilter {

class GPPItemFilterSite : GPPItemFilter {

class GPPItemFilterTerminal : GPPItemFilter {

class GPPItemFilterTime : GPPItemFilter {

class GPPItemFilterWmi : GPPItemFilter {

class GPPItemFilterRunOnce : GPPItemFilter {
    static [bool]$hidden = 1
    [guid]$id = [guid]::NewGuid()

class GPPItemFilterCollection : GPPItemFilter {


#region Groups

enum GPPItemGroupMemberAction {

enum GPPItemUserActionDisplay {

enum GPPItemUserSubAuthority {

enum GPPItemUserSubAuthorityDisplay {

class GPPItemGroupsSection : GPPItem {
    # This class is needed only because both GPPItemGroup and GPPItemUser can be members of GPPSectionGroups (the "Groups" section in an XML-file)

class GPPItemGroupMember : PSGPPreferencesItem {

    GPPItemGroupMember([GPPItemGroupMemberAction] $Action, [string]$Name, [System.Security.Principal.SecurityIdentifier] $SID) {
        $this.action = $Action
        $ = $Name
        $this.sid = $SID

    GPPItemGroupMember([GPPItemGroupMemberAction] $Action, [string]$Name) {
        $this.action = $Action
        $ = $Name

class GPPItemPropertiesGroup : GPPItemProperties {
    hidden [bool]$removeAccounts = 0 # Always zero - don't know why, don't know what it does

    GPPItemPropertiesGroup ([GPPItemAction] $Action, [string] $Name, [System.Security.Principal.SecurityIdentifier] $SID) {
        $this.action = $Action
        $this.groupName = $Name
        $this.groupSid = $SID

    GPPItemPropertiesGroup ([GPPItemAction] $Action, [string] $Name, [System.Security.Principal.SecurityIdentifier] $SID, [GPPItemGroupMember[]]$Members) {
        $this.action = $Action
        $this.groupName = $Name
        $this.groupSid = $SID
        $this.Members = $Members

    GPPItemPropertiesGroup ([GPPItemAction] $Action, [string] $Name, [System.Security.Principal.SecurityIdentifier] $SID, [string] $NewName, [string] $Description) {
        $this.action = $Action
        $this.groupName = $Name
        $this.groupSid = $SID
        $this.newName = $NewName
        $this.description = $Description

    GPPItemPropertiesGroup ([GPPItemAction] $Action, [string] $Name, [System.Security.Principal.SecurityIdentifier] $SID, [string] $NewName, [string] $Description, [GPPItemGroupMember[]] $Members) {
        $this.action = $Action
        $this.groupName = $Name
        $this.groupSid = $SID
        $this.newName = $NewName
        $this.description = $Description
        $this.Members = $Members

    GPPItemPropertiesGroup ([GPPItemAction] $Action, [string] $Name, [System.Security.Principal.SecurityIdentifier] $SID, [string] $NewName, [string] $Description, [GPPItemGroupMember[]] $Members, [bool] $DeleteAllUsers, [bool] $DeleteAllGroups) {
        $this.action = $Action
        $this.groupName = $Name
        $this.groupSid = $SID
        $this.newName = $NewName
        $this.description = $Description
        $this.Members = $Members
        $this.deleteAllUsers = $DeleteAllUsers
        $this.deleteAllGroups = $DeleteAllGroups

    [void]RemoveMember([GPPItemGroupMember] $Member) {
        $NewMembers = [System.Collections.Generic.List[GPPItemGroupMember]]::new()
        foreach ($ExistingMember in $this.Members) {
            if ($ExistingMember -ne $Member) {
        $this.Members = $NewMembers

class GPPItemGroup : GPPItemGroupsSection {
    static [guid]$clsid = '{6D4A79E4-529C-4481-ABD0-F5BD7EA93BA7}'

    GPPItemGroup([GPPItemPropertiesGroup] $Properties, [bool] $Disabled) {
        $this.Properties = $Properties
        $ = $Properties.groupName
        $this.disabled = $Disabled

    GPPItemGroup([GPPItemPropertiesGroup] $Properties, [guid] $UID, [bool] $Disabled) {
        $this.Properties = $Properties
        $ = $Properties.groupName
        $this.uid = $UID
        $this.disabled = $Disabled

    GPPItemGroup([GPPItemPropertiesGroup] $Properties, [bool] $Disabled, [string] $Name) {
        $this.Properties = $Properties
        $ = $Name
        $this.disabled = $Disabled

    GPPItemGroup([GPPItemPropertiesGroup] $Properties, [guid] $UID, [bool] $Disabled, [string] $Name) {
        $this.Properties = $Properties
        $ = $Name
        $this.uid = $UID
        $this.disabled = $Disabled

class GPPItemPropertiesUser : GPPItemProperties {
    # [string]$cpassword - EVIL, EVIL PROPERTY, ONE SHOULD NEVER USE IT

    hidden static [string] GetSubAuthorityDisplayNameById ([string] $ID) {
        $GPPItemUserSubAuthorityDisplayName = @(
            'Administrator (built-in)'
            'Guest (built-in)'
        return $GPPItemUserSubAuthorityDisplayName[$ID]

    GPPItemPropertiesUser ([GPPItemAction] $Action, [string] $Name, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMustChangePassword, [bool] $AccountDisabled, [nullable[datetime]] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $null
        $this.userName = $Name
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.changeLogon = $UserMustChangePassword
        $this.acctDisabled = $AccountDisabled
        if ($AccountExpires) {
            $this.expires = Convert-DateTimeToGPPExpirationDate -DateTime $AccountExpires

    GPPItemPropertiesUser ([GPPItemAction] $Action, [string] $Name, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMayNotChangePassword, [bool] $PasswordNeverExpires, [bool] $AccountDisabled, [nullable[datetime]] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $null
        $this.userName = $Name
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.noChange = $UserMayNotChangePassword
        $this.neverExpires = $PasswordNeverExpires
        $this.acctDisabled = $AccountDisabled
        if ($AccountExpires) {
            $this.expires = Convert-DateTimeToGPPExpirationDate -DateTime $AccountExpires

    GPPItemPropertiesUser ([GPPItemAction] $Action, [GPPItemUserSubAuthority] $BuiltInUser, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMustChangePassword, [bool] $AccountDisabled, [nullable[datetime]] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $BuiltInUser
        $this.userName = [GPPItemPropertiesUser]::GetSubAuthorityDisplayNameById($BuiltInUser.value__)
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.changeLogon = $UserMustChangePassword
        $this.acctDisabled = $AccountDisabled
        if ($AccountExpires) {
            $this.expires = Convert-DateTimeToGPPExpirationDate -DateTime $AccountExpires

    GPPItemPropertiesUser ([GPPItemAction] $Action, [GPPItemUserSubAuthority] $BuiltInUser, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMayNotChangePassword, [bool] $PasswordNeverExpires, [bool] $AccountDisabled, [nullable[datetime]] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $BuiltInUser
        $this.userName = [GPPItemPropertiesUser]::GetSubAuthorityDisplayNameById($BuiltInUser.value__)
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.noChange = $UserMayNotChangePassword
        $this.neverExpires = $PasswordNeverExpires
        $this.acctDisabled = $AccountDisabled
        if ($AccountExpires) {
            $this.expires = Convert-DateTimeToGPPExpirationDate -DateTime $AccountExpires

    GPPItemPropertiesUser ([GPPItemAction] $Action, [nullable[GPPItemUserSubAuthority]] $BuiltInUser, [string] $Name, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMustChangePassword, [bool] $AccountDisabled, [string] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $BuiltInUser
        $this.userName = $Name
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.changeLogon = $UserMustChangePassword
        $this.acctDisabled = $AccountDisabled
        $this.expires = $AccountExpires

    GPPItemPropertiesUser ([GPPItemAction] $Action, [nullable[GPPItemUserSubAuthority]] $BuiltInUser, [string] $Name, [string] $NewName, [string] $FullName, [string] $Description, [bool] $UserMayNotChangePassword, [bool] $PasswordNeverExpires, [bool] $AccountDisabled, [string] $AccountExpires) {
        $this.action = $Action
        $this.subAuthority = $BuiltInUser
        $this.userName = $Name
        $this.newName = $NewName
        $this.fullName = $FullName
        $this.description = $Description
        $this.noChange = $UserMayNotChangePassword
        $this.neverExpires = $PasswordNeverExpires
        $this.acctDisabled = $AccountDisabled
        $this.expires = $AccountExpires

class GPPItemUser : GPPItemGroupsSection {
    static [guid]$clsid = '{DF5F1855-51E5-4d24-8B1A-D9BDE98BA1D1}'

    GPPItemUser([GPPItemPropertiesUser] $Properties, [bool] $Disabled) {
        $this.Properties = $Properties
        $ = $Properties.userName
        $this.disabled = $Disabled

    GPPItemUser([GPPItemPropertiesUser] $Properties, [guid] $UID, [bool] $Disabled) {
        $this.Properties = $Properties
        $ = $Properties.userName
        $this.uid = $UID
        $this.disabled = $Disabled

    GPPItemUser([GPPItemPropertiesUser] $Properties, [bool] $Disabled, [string] $Name) {
        $this.Properties = $Properties
        $ = $Name
        $this.disabled = $Disabled

    GPPItemUser([GPPItemPropertiesUser] $Properties, [guid] $UID, [bool] $Disabled, [string] $Name) {
        $this.Properties = $Properties
        $ = $Name
        $this.uid = $UID
        $this.disabled = $Disabled

class GPPSectionGroups : GPPSection {
    static [guid]$clsid = '{3125E937-EB16-4b4c-9934-544FC6D24D26}'
    [System.Collections.Generic.List[GPPItemGroupsSection]]$Members = @()

    GPPSectionGroups([GPPItemGroupsSection[]] $Members, [bool] $Disabled) {
        $this.Members = $Members
        $this.disabled = $Disabled

#region IniFiles
class GPPItemPropertiesIni : GPPItemProperties {

class GPPItemIni : GPPItem {
    static [guid]$clsid = '{EEFACE84-D3D8-4680-8D4B-BF103E759448}'

class GPPSectionIniFiles : GPPSection {
    static [guid]$clsid = '{694C651A-08F2-47fa-A427-34C4F62BA207}'