All,
I not seen the following before and wandrered if anyone eles had run into it
I am using PowerShell 5.1.14393.1480
if I fun the following code in the PowerShell console (Start > Run > PowerShell) it returns an answer of 'Authorised' as I am indeed a member of an AD group whose SID is S-1-5-21-3674026133-984544165-2712361304-145687 however when I run the exact same code from an IDE (I have tried PowerShell Studio, PowerGIU and PowerShell ISE) that all some up with the oposite answer 'NotAuthorised' why? to test simply look at an AD group you are a member of note the SID and replace the SID in the script with the one for your group.
function Check-UserIsAuthorised {
[cmdletbinding()]
param($AuthorisedGroupSID)
$X = @([System.Security.Principal.WindowsIdentity]::GetCurrent().Groups | Select-Object -ExpandProperty value)
if ($X -contains "S-1-5-21-3674026133-984544165-2712361304-145687") {
write-verbose "Authorised"
return "Authorised"
}
else {
Write-Verbose "NotAuthorised"
return "NotAuthorised"
}
}
Check-UserIsAuthorised
Can someone please try to explain this very odd behaviour
Forum rules
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Re: Can someone please try to explain this very odd behaviour
Maybe it is your spelling:
Code: Select all
function Check-UserIsAuthorized {
[cmdletbinding()]
param (
[System.Security.Principal.SecurityIdentifier]$AuthorizedGroupSID
)
if($AuthorizedGroupSID -in [System.Security.Principal.WindowsIdentity]::GetCurrent().Groups){
write-verbose 'User is authorized'
return $true
} else {
Write-Verbose 'User is NOT authorized'
return $false
}
}
Check-UserIsAuthorized 'S-1-5-21-1990907114-190243296-4277213585-1013' -v
Re: Can someone please try to explain this very odd behaviour
Thanks for the prompt reply Jim,
However on this occasion it is me being an idiot!
I have two user accounts (with varying privliages) I was running my PowerShell console under one account and the IDEs under the other acount and only one of the accounts is in the group, Dah!
However on this occasion it is me being an idiot!
I have two user accounts (with varying privliages) I was running my PowerShell console under one account and the IDEs under the other acount and only one of the accounts is in the group, Dah!