Can someone please try to explain this very odd behaviour

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 6 years and 4 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
ErnieB
Posts: 56
Last visit: Mon Dec 19, 2022 2:09 am

Can someone please try to explain this very odd behaviour

Post by ErnieB »

All,

I not seen the following before and wandrered if anyone eles had run into it

I am using PowerShell 5.1.14393.1480

if I fun the following code in the PowerShell console (Start > Run > PowerShell) it returns an answer of 'Authorised' as I am indeed a member of an AD group whose SID is S-1-5-21-3674026133-984544165-2712361304-145687 however when I run the exact same code from an IDE (I have tried PowerShell Studio, PowerGIU and PowerShell ISE) that all some up with the oposite answer 'NotAuthorised' why? to test simply look at an AD group you are a member of note the SID and replace the SID in the script with the one for your group.

function Check-UserIsAuthorised {
[cmdletbinding()]
param($AuthorisedGroupSID)

$X = @([System.Security.Principal.WindowsIdentity]::GetCurrent().Groups | Select-Object -ExpandProperty value)

if ($X -contains "S-1-5-21-3674026133-984544165-2712361304-145687") {
write-verbose "Authorised"
return "Authorised"
}
else {
Write-Verbose "NotAuthorised"
return "NotAuthorised"
}

}

Check-UserIsAuthorised
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Can someone please try to explain this very odd behaviour

Post by jvierra »

Works fine for me for all of the above except PowerGUI which I don't have to test with.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Can someone please try to explain this very odd behaviour

Post by jvierra »

Maybe it is your spelling:

Code: Select all

function Check-UserIsAuthorized {
    [cmdletbinding()]
    param (
        [System.Security.Principal.SecurityIdentifier]$AuthorizedGroupSID
    )
    
    if($AuthorizedGroupSID -in [System.Security.Principal.WindowsIdentity]::GetCurrent().Groups){
        write-verbose 'User is authorized'
        return $true
    } else {
        Write-Verbose 'User is NOT authorized'
        return $false
    }
}

Check-UserIsAuthorized 'S-1-5-21-1990907114-190243296-4277213585-1013' -v

User avatar
ErnieB
Posts: 56
Last visit: Mon Dec 19, 2022 2:09 am

Re: Can someone please try to explain this very odd behaviour

Post by ErnieB »

Thanks for the prompt reply Jim,

However on this occasion it is me being an idiot!

I have two user accounts (with varying privliages) I was running my PowerShell console under one account and the IDEs under the other acount and only one of the accounts is in the group, Dah! :oops:
This topic is 6 years and 4 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked