Which Groups Does WindowsIdentity.Groups Return? (C# vs PowerShell)
A very interesting post : Which Groups Does WindowsIdentity.Groups Return?
Also very interesting is comparing the code in C# + .NET 3.0 in this article against this PowerShell example :
$wi = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$wi.groups |% {$_.Translate([System.Security.Principal.ntaccount])} |
select @{n='Domain';e={$_.value.split('\')[-2]}},
@{n='Account';e={$_.value.split('\')[-1]}} |
sort domain
The output looks like this (domain and account sorted on domain as in original article :
PoSH> $wi = [System.Security.Principal.WindowsIdentity]::GetCurrent()
PoSH>
PoSH> $wi.groups |% {$_.Translate([System.Security.Principal.ntaccount])} |
>> select @{n='Domain';e={$_.value.split('\')[-2]}},
>> @{n='Account';e={$_.value.split('\')[-1]}} |
>> sort domain
>>
Domain Account
------ -------
Everyone
LOCAL
BUILTIN Users
BUILTIN Administrators
MOWXP None
NT AUTHORITY Authenticated Users
NT AUTHORITY INTERACTIVE
PoSH>
You see C# 3.0 helps but it's still not PowerShell ;-)
* Edit * After remark from Jaykul on IRC, Yes We can also group them, even more like the original, just by adding -GroupBy domain :
PoSH> $wi = [System.Security.Principal.WindowsIdentity]::GetCurrent()
PoSH>
PoSH> $wi.groups |% {$_.Translate([System.Security.Principal.ntaccount])} |
>> select @{n='Domain';e={$_.value.split('\')[-2]}},
>> @{n='Account';e={$_.value.split('\')[-1]}} |
>> Sort domain | ft account -GroupBy domain
>>
:
Account
-------
Everyone
LOCAL
Domain: BUILTIN
Account
-------
Users
Administrators
Domain: MOWXP
Account
-------
None
Domain: NT AUTHORITY
Account
-------
Authenticated Users
INTERACTIVE
PoSH>
Enjoy,
Greetings /\/\o\/\/