My apologies if this is a bit convoluted for my first post here but I’m at my wits end on this. I have a script which audits certain groups within a trusted domain for membership changes, adds, removes and the dates associated. For some group members who are cross domains I’m obviously getting the sid in place of the account name. I’m needing a way to translate these sids and keep the formatting provided in the script as this is for non-technical auditing types. My code is below and followed by this is the report formatting:
Not exactly sure what you’re after but have you tried and do e.g.
get-aduser -filter "SID -eq 'S-1-5-21-1565465683-344022488-928725530-353447'" -server 'dc in other domain'
If that works for you then it should be simple to add an IF statement if you have a SID for the account name and then make a seperate call to the other domain.
But again not sure if that is what you’re looking for.
This does seem to work, but I’m curious as to how the if statement would format the output. Its going to auditors so this needs to remain in the same format/place. I could probably make my life easier by just ouputting the group memberships after the initial report but I’d like to work through this first. Seems not many have come across this issue or have no need for it
So first $memberData collects the necessary information in one call instead of two seperate calls.
Next the if-statement evaluates the name value, if it looks like a SID then check against the other domain.
If it doesn’t look like a SID, just grab the name as in your current code.
Last step, create the string you want using the $name variable and the whencreated from the $memberData variable.