SHARE
TWEET

ADM-Get-Assoc

alcaron Jan 28th, 2013 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #   ----------------------------------------------------------------------------------------------------
  2. #   This script will let you pull a list of applications in App-V based on who has access to them.
  3. #   The list is of applications, not packages, because individual applications can have different
  4. #   rights.
  5. #
  6. #   The script will output the name of the application and the AD-Group the permissions came from.
  7. #   Which can be handy when you know a user has rights, but aren't sure which group conveys it.
  8. #
  9. #   Usage is straightforward. This script is provided as is, and it intended for testing purposes only,
  10. #   do not use in a production environment, do not use if you don't know what it is doing. And lost
  11. #   data or damage caused as a result of using this script is your responsibility, and yours alone.
  12. #
  13. #   Don't forget to update the $srv and $db vars to reflect your actual environment, and check the
  14. #   AD Group filter near the bottom.
  15. #   ----------------------------------------------------------------------------------------------------
  16.  
  17.                
  18. Import-Module ActiveDirectory
  19.  
  20. function Get-Assoc($strGroup) {
  21.         # Setup SQL query and values.
  22.         $srv = "<sqlserver>"
  23.         $db = "AppVDB"
  24.         $conTime = 30
  25.         $qryTime = 120
  26.         $query = "SELECT dbo.APPLICATIONS.name,dbo.APPLICATION_ASSIGNMENTS.group_ref FROM dbo.APPLICATIONS INNER JOIN dbo.APPLICATION_ASSIGNMENTS ON dbo.APPLICATIONS.app_id = dbo.APPLICATION_ASSIGNMENTS.app_id WHERE group_ref ='$strGroup'"
  27.  
  28.         # Setup and open SQL connection.
  29.         $conn = New-Object System.Data.SqlClient.SqlConnection
  30.         $conStr = "Server={0};Database={1};Integrated Security=True;Connect Timeout={2}" -f $srv,$db,$conTime
  31.         $conn.ConnectionString = $conStr
  32.         $conn.Open()
  33.  
  34.         # Setup SQL command.
  35.         $cmd = New-Object System.Data.SqlClient.SqlCommand($query, $conn)
  36.         $cmd.CommandTimeout = $qryStr
  37.  
  38.         # Execute SL comand, adapt results to System.Data.DataSet and close connection.
  39.         $ds = New-Object System.Data.DataSet
  40.         $da = New-Object System.Data.SqlClient.SqlDataAdapter($cmd)
  41.         [void]$da.Fill($ds)
  42.         $conn.Close()
  43.         foreach($i in $ds.Tables)
  44.         {
  45.                 foreach($row in $i)
  46.                 {
  47.                         "Application: {0}`r`n--Assignment: {1}`r`n" -f $row.name,(Get-ADGroup $row.group_ref).SamAccountName
  48.                 }
  49.         }
  50. }
  51. while($mode -ne 1 -and $mode -ne 2) { $mode; $mode = Read-Host "[1]: Find Users Software`r`n[2]: Find Groups Software`r`nSelection" }
  52.  
  53. if($mode -eq "1")
  54. {
  55.         $user = Read-Host "User to search for"
  56.         $groups = Get-ADUser $user -Properties MemberOf
  57.         "Results:"
  58.         foreach($i in $groups.MemberOf){
  59.                 # Check to make sure the group name matches corp. convention. Remove this check if it
  60.                 # does not apply to you. This is done to only use software distribution groups and
  61.                 # ignore things like security groups, etc. Saves time and can clean up the output.
  62.                 if($i.Contains("USa_") -eq $true){
  63.                         $long = (Get-ADGroup -Identity "$i").SID
  64.                         Get-Assoc $long
  65.                 }
  66.         }
  67. } elseif($mode -eq "2") {
  68.         $search = Read-Host "AD Group to search for"
  69.         $long = (Get-ADGroup $search).SID
  70.         "Results:"
  71.         Get-Assoc $long
  72. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top