On Wed, Dec 28, 2011 at 3:17 PM, Michael Leone <oozerd...@gmail.com> wrote:
> On Wed, Dec 28, 2011 at 2:44 PM, Ben Scott <mailvor...@gmail.com> wrote:
>
>> Do a bitwise AND between the candidate user's value and ACCOUNT_DISABLED.
>>
>> I'm only on page 143 of "PowerShell in Action", and haven't gotten
>> to bitwise operators yet, but Google results suggest this should work:
>>
>> if ($user.UserAccountControl -band $ACCOUNT_DISABLED) { ...
>
> Not working for me ... here's the script, and if fails on that IF ...
>
> $ADS_UF_ACCOUNTDISABLED = 0x00002
> $ADS_UF_NORMAL_ACCOUNT = 0x00200
> $UserToFind = "leonem"
> $Search = New-Object DirectoryServices.DirectorySearcher([ADSI]"")
> $Search.filter = "(&(objectClass=user)(sAMAccountName=$UserToFind))"
> $SearchResults=$Search.FindAll()
>
> ForEach ($Result in $SearchResults) {
> $User=$Result.GetDirectoryEntry()
> $User.givenName
This works:
[int] $uac = $User.userAccountControl[0]
if ($uac -band $ADS_UF_NORMAL_ACCOUNT )
{
Write-Host "Normal user"
}
else
{
Write-Host "Abnormal user"
}
}
So I have to force the conversion to an INT type, then I can test with
IF or SWITCH or whatever, against my constants.
Thanks for all the help!
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
