-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathInvoke-FindPrivilegedFSPs.ps1
More file actions
38 lines (34 loc) · 1.58 KB
/
Invoke-FindPrivilegedFSPs.ps1
File metadata and controls
38 lines (34 loc) · 1.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# PowerShell script authored by Sean Metcalf (@PyroTek3)
# 2025-10-08
# Script provided as-is
Param
(
$Domain = $env:userdnsdomain
)
$DomainDC = (Get-ADDomainController -Discover -DomainName $Domain).Name
$DomainInfo = Get-ADDomain -Server $DomainDC
$DomainEntry = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$($DomainInfo.DistinguishedName)")
#$GroupArray = @('Administrators','Account Operators','Backup Operators','Cert Publishers','DNSAdmins','Domain Admins','Enterprise Admins','Print Operators','Remote Desktop Users','Server Operators')
$GroupArray = @('S-1-5-32-544','S-1-5-32-548','S-1-5-32-551',"-517",'-1101','-512','-519','S-1-5-32-550','S-1-5-32-555','S-1-5-32-549')
ForEach ($GroupArrayItem in $GroupArray)
{
IF ($GroupArrayItem -like 'S-1-*')
{ $GroupArrayItemSID = $GroupArrayItem }
ELSE
{ $GroupArrayItemSID = $($DomainInfo.DomainSID.Value) + $GroupArrayItem }
$GroupInfo = (Get-ADGroup -Identity $GroupArrayItemSID -Server $DomainDC)
$GroupInfoDN = $GroupInfo.DistinguishedName
Write-Host "Scanning $($GroupInfo.Name) for FSPs..."
$GroupEntry = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$GroupInfoDN")
$MemberArray = @()
[array]$MemberArray = $groupEntry.Properties["member"]
$FSPMemberArray = @()
$FSPMemberArray = $MemberArray | Select-String -Pattern 'ForeignSecurityPrincipals' -CaseSensitive
IF ($FSPMemberArray)
{
Write-Host ""
Write-Host "$($GroupInfo.Name) FSP Members:"
$FSPMemberArray
Write-Host ""
}
}