Creating a sid mapping file

This topic contains 3 replies, has 2 voices, and was last updated by Profile photo of Ron Ron 2 months, 2 weeks ago.

  • Author
    Posts
  • #68598
    Profile photo of rambog cnonline.net
    rambog cnonline.net
    Participant

    I need to compile a text file which has the following entries for groups in my domain having a sidhistory attribute. Over many migrations, we have groups having multiple SIDhistory values. The text file needs to look like the following for a group having 3 sidhistory values with each entry on a separate line:
    S-1-5-21-1144065412-1993610285-1348768671-2548,S-1-5-21-1454430755-160824244-2817426031-28398
    S-1-5-21-2037530647-159734737-1230779191-2313,S-1-5-21-1454430755-160824244-2817426031-28398
    S-1-5-21-1417001333-1682526488-839522115-261812,S-1-5-21-1454430755-160824244-2817426031-28398

    As you can see, I have 3 old sids being mapped to a single new sid.

    The problem I have is that all three lines are contained in a single line with each line mashed into the next entry.

    Please let me know how I should amend my code below to get the desired result. I have tried using hash tables and also indexing the $Sidhistory array with the [$j] and I get "Unable to index into an object of type System.String".

    #First gather all the groups in the applicable OU which contain a SIDHistory
    $Newgroups = Get-ADGroup -Filter {SIDHistory -ne "$null"} -SearchBase "OU=Security Groups,OU=Groups,dc=domain,dc=com" -ResultPageSize 1000 -Server dc1.domain.com -Properties SID,SIDHistory,accountNameHistory,DisplayName

    $SIDMap = @()
    Foreach ($grp in $Newgroups) {
    $QtyofSIDs = $grp.SIDHistory.Count
    $SIDHistoryTemp = @()
    For ($j=0; $j -lt $QtyofSIDs; $j++) {
    $temp1 = $grp.SIDHistory.Value[$j]
    $temp1 = $temp1.value
    $temp2 = "$temp1" + "," + "$($grp.SID.Value)"
    $SIDHistoryTemp += $temp2
    }
    $SIDMap += $SIDHistoryTemp
    }

  • #68602
    Profile photo of Ron
    Ron
    Participant

    $SIDHist = ($grp.SIDHistory|%{$_.value}) -join ','

  • #68608
    Profile photo of rambog cnonline.net
    rambog cnonline.net
    Participant

    Thank you, Ron.

    While it looked to me like the line of code you presented would join the sidhistory values together in one line (Without the existing group's SID), it got me thinking along the lines of using -join. As such, here is what worked for me:

    $SIDMap = @()
    Foreach ($grp in $INTgroups) {
    $QtyofSIDs = $grp.SIDHistory.Count
    $SIDHistoryTemp = @()
    For ($j=0; $j -lt $QtyofSIDs; $j++) {
    $SIDHistoryTemp = -join (($grp.SIDHistory.Value[$j]),",",($grp.sid.Value))
    $SIDMap += $SIDHistoryTemp
    }
    }
    $SIDMap | Out-File -FilePath "C:\Users\xxxx\Documents\SID-Mapping.txt"

  • #68650
    Profile photo of Ron
    Ron
    Participant

    Ah, I didn't look closely enough at your sample output. This should be more concise and a little easier to read, untested of course.

    $SIDMap = Foreach ($grp in $Newgroups) {
      $grp.SIDHistory | Foreach-Object {
         $_.Value + "," + $grp.SID.Value
      }
    } 

You must be logged in to reply to this topic.