Kamis, 22 Desember 2016

Powershell v2 Function Get EnabledUserflags

This morning BigTeddy posted trying to figure out how to enumerate the specific values enabled for a given user on a local machine:
Local user UserFlags
After posting a few of my older links:
  • http://learningpcs.blogspot.com/2009/09/bscript-set-user-password-to-never.html
  • http://learningpcs.blogspot.com/2011/01/powershell-winnt-provider.html
I realized I hadnt done much with this, so, I created a function to enumerate the flags that are enabled once the userflags values are obtained.  BigTeddy had already gotten that part, so, you can pattern after him.  This function explicitly displays which flags are enabled:
function Get-EnabledUserflags {
 param(
  $userflags
 )

 $userflags_enum = @{
  "ADS_UF_SCRIPT" = "1";
  "ADS_UF_ACCOUNTDISABLE" = "2";
  "ADS_UF_HOMEDIR_REQUIRED" = "8";
  "ADS_UF_LOCKOUT" =
"16";
  "ADS_UF_PASSWD_NOTREQD" = "32";
  "ADS_UF_PASSWD_CANT_CHANGE" = "64";
  "ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED" = "128";
  "ADS_UF_TEMP_DUPLICATE_ACCOUNT" = "256";
  "ADS_UF_NORMAL_ACCOUNT" = "512";
  "ADS_UF_INTERDOMAIN_TRUST_ACCOUNT" = "2048";
  "ADS_UF_WORKSTATION_TRUST_ACCOUNT" = "4096";
  "ADS_UF_SERVER_TRUST_ACCOUNT" = "8192";
  "ADS_UF_DONT_EXPIRE_PASSWD" = "65536";
  "ADS_UF_MNS_LOGON_ACCOUNT" = "131072";
  "ADS_UF_SMARTCARD_REQUIRED" = "262144";
  "ADS_UF_TRUSTED_FOR_DELEGATION" = "524288";
  "ADS_UF_NOT_DELEGATED" = "1048576";
  "ADS_UF_USE_DES_KEY_ONLY" = "2097152";
  "ADS_UF_DONT_REQUIRE_PREAUTH" = "4194304";
  "ADS_UF_PASSWORD_EXPIRED" = "8388608";
  "ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION" = "16777216";
 }

 $userflags_enum.GetEnumerator() | % {
 if ( $_.value -band $userflags )
  {
   $_.name
  }
 }
}

lamsim

About lamsim

Author Description here.. Nulla sagittis convallis. Curabitur consequat. Quisque metus enim, venenatis fermentum, mollis in, porta et, nibh. Duis vulputate elit in elit. Mauris dictum libero id justo.

Subscribe to this Blog via Email :