Can someone please try to explain this very odd behaviour

Ask your Windows PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.
Post Reply
User avatar
ErnieB
Posts: 40
Joined: Thu Jan 19, 2017 2:14 pm

Can someone please try to explain this very odd behaviour

Post by ErnieB » Fri Nov 10, 2017 1:07 am

All,

I not seen the following before and wandrered if anyone eles had run into it

I am using PowerShell 5.1.14393.1480

if I fun the following code in the PowerShell console (Start > Run > PowerShell) it returns an answer of 'Authorised' as I am indeed a member of an AD group whose SID is S-1-5-21-3674026133-984544165-2712361304-145687 however when I run the exact same code from an IDE (I have tried PowerShell Studio, PowerGIU and PowerShell ISE) that all some up with the oposite answer 'NotAuthorised' why? to test simply look at an AD group you are a member of note the SID and replace the SID in the script with the one for your group.

function Check-UserIsAuthorised {
[cmdletbinding()]
param($AuthorisedGroupSID)

$X = @([System.Security.Principal.WindowsIdentity]::GetCurrent().Groups | Select-Object -ExpandProperty value)

if ($X -contains "S-1-5-21-3674026133-984544165-2712361304-145687") {
write-verbose "Authorised"
return "Authorised"
}
else {
Write-Verbose "NotAuthorised"
return "NotAuthorised"
}

}

Check-UserIsAuthorised

User avatar
jvierra
Posts: 11476
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: Can someone please try to explain this very odd behaviour

Post by jvierra » Fri Nov 10, 2017 1:18 am

Works fine for me for all of the above except PowerGUI which I don't have to test with.

User avatar
jvierra
Posts: 11476
Joined: Tue May 22, 2007 9:57 am
Contact:

Re: Can someone please try to explain this very odd behaviour

Post by jvierra » Fri Nov 10, 2017 1:22 am

Maybe it is your spelling:

Code: Select all

function Check-UserIsAuthorized {
    [cmdletbinding()]
    param (
        [System.Security.Principal.SecurityIdentifier]$AuthorizedGroupSID
    )
    
    if($AuthorizedGroupSID -in [System.Security.Principal.WindowsIdentity]::GetCurrent().Groups){
        write-verbose 'User is authorized'
        return $true
    } else {
        Write-Verbose 'User is NOT authorized'
        return $false
    }
}

Check-UserIsAuthorized 'S-1-5-21-1990907114-190243296-4277213585-1013' -v


User avatar
ErnieB
Posts: 40
Joined: Thu Jan 19, 2017 2:14 pm

Re: Can someone please try to explain this very odd behaviour

Post by ErnieB » Fri Nov 10, 2017 1:35 am

Thanks for the prompt reply Jim,

However on this occasion it is me being an idiot!

I have two user accounts (with varying privliages) I was running my PowerShell console under one account and the IDEs under the other acount and only one of the accounts is in the group, Dah! :oops:

Post Reply