Hi
I've created a CmdLet called Convert-Username. It's a wrapper around the Microsoft API DsCrackNames, that can be used to translate between different username formats by sending the request to a DC or GC.
Chrisse Andersson uses the API in his MMC-Console for Fine Grained Password Policies and I thougth it could be very useful having as an CmdLet.
The list of Formats you can convert between is:
- DN
- NT4Account
- DisplayName
- Guid
- CanonicalName
- Upn
- CanonicalNameEx
- Spn
- Sid
You can download Convert-Username from here
Disclaimer: This software is provided "AS IS" with no warranties of any kind. The entire risk arising out of the use or performance of the software is with you.
I haven't created any Setup program yet but the installation is easy:
- Download the CmdLet
- Unzip the 2 files and put them in a directory of your chioce
- Start PowerShell and run the following:
cd <path where you put the files>
&"$env:systemroot\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" Convert-Username.dll - Add the CmdLet to the Powershell environment by running:
Add-PSSnapIn Convert-Username
You need to do the last step everytime you start PowerShell if you don't add it to your PowerShell profile.
Example:
_______________________________________________________________________________________________________
C:\PS>Convert-Username "John Doe" Upn
QueriedName Domain Name Status
----------- ------ ---- ------
John Doe somewhere.local john.doe@somewhere.local NoError
_______________________________________________________________________________________________________
In my next blog I'll give you a longer and more fun example of what you can do with Convert-Username
-----------------------------------------------------------------------------------------------------------------------
PS#> Get-Help Convert-Username -Full
-----------------------------------------------------------------------------------------------------------------------
NAME
Convert-Username
SYNOPSIS
Converts usernames to other formats.
SYNTAX
Convert-Username [-name] <String[]> [-outFormat] {<DN> | <NT4Account> | <DisplayName> | <Guid> | <CanonicalName> |
<Upn> | <CanonicalNameEx> | <Spn> | <Sid> | <DnsDomain>} -inFormat {<DN> | <NT4Account> | <DisplayName> | <Guid> |
<CanonicalName> | <Upn> | <CanonicalNameEx> | <Spn> | <Sid> | <DnsDomain> | <Unknown>} [-credential <PSCredential>]
[-noBatching <SwitchParameter>] [-domainController <String>] [-dnsDomain <String>] [<CommonParameters>]
DETAILED DESCRIPTION
The Convert-Username cmdlet uses the Active Directory to convert usernames from one format to an other.
PARAMETERS
-name <String[]>
Specifies the names for conversion is to be made.
-outFormat
Is used to specify in what format the converted usernames will be. Valid values for <CommandTypes> are:
DN NT4Account
DisplayName Guid
CanonicalName Upn
CanonicalNameEx Spn
Sid DnsDomain
You can use OutFormat or its alias, o.
-inFormat
Is used to specify in what format the names to be converted will be. Valid values for <InFormat> are:
DN NT4Account
DisplayName Guid
CanonicalName Upn
CanonicalNameEx Spn
Sid DnsDomain
Unknown
The default InFormat is Unknown
You can use InFormat or its alias, i.
-credential <PSCredential>
Specifies the credential used to validate access. If a PSCredential object obtained earlier using get-credentia
l is supplied, it will be used as is. If a user name is supplied, there will be a prompt for a password.
-noBatching <SwitchParameter>
Forces conversion to take place directly when an item is recieved through the pipe instead of batching the name
s for one large request to the Active Directory.
-domainController <String>
Forces the use of a specific DomainController.
-dnsDomain <String>
Forces the use of a specific DnsDomain.
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug,
-ErrorAction, -ErrorVariable, and -OutVariable. For more information,
type, "get-help about_commonparameters".
REMARKS
For more information, type: "get-help Convert-Username -detailed".
For technical information, type: "get-help Convert-Username -full".
Posted
08-13-2007 11:28
by
bjorn.osterman