Configuration driven Active Directory management.
Register a Privileged Group Set for use during ownership assignments.
Register-AdcPrivilegedGroupSet [-Name] <String> [[-Description] <String>] [[-Code] <ScriptBlock>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
Register a Privileged Group Set for use during ownership assignments. They can be used to assign a group of identities as owners - any one of which is a viable owner for the assignment. They also provide a default SID in case none of them are assigned.
The data is calculated per-domain, cached on the first application. Cache is cleared when resetting configuration (e.g. loading a new context combination).
The SIDs resolved can be from one or multiple domains.
To test your Privileged Group Set use “Resolve-AdcPrivilegedGroupSet”. To assign it as an owner, wrap its name in two underscores on each side when assigning it as owner in the config: If the Privileged Group Set is named “DomainAdmins”, assign it as owner by setting the owner to “DomainAdmins”.
The scriptblock doing the calculation receives two parameters:
The scriptblock should return a hashtable or custom object that has two entries/properties:
Register-AdcPrivilegedGroupSet -Name PKIServer -Description $description -Code $code
Registers the Privileged Group Set “PKI Server” with the provided code.
The name of the Privileged Group Set.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
A description explaining the Privileged Group Set.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The code that calculates the data on demand. See the Description section for details on what parameters it receives and what output it should produce.
Type: ScriptBlock
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.