2 lines
430 B
PowerShell
2 lines
430 B
PowerShell
Get-NetGPO | %{Get-ObjectAcl -ResolveGUIDs -Name $_.Name} | %{$acl=$_; $a=[string]$acl.IdentityReference; $b=$a.Substring($a.IndexOf("\")+1); $c=$null; $c=Get-NetUser "$b"; If ($c -ne $null -And $c.userprincipalname -like "*") { $dn=$acl.ObjectDN; If($dn -match 'CN=({[0-9A-F\-]+}),.+'){ $cn=$matches[1]; $gpo=Get-NetGPO -GPOname "$cn"; Write-Output "User: $b / $($c.userprincipalname) - delegated to GPO: $($gpo.displayname)"}}}
|