0

Query:

Get-ADUser -LDAPFilter '(|(userpassword=*)(unixuserpassword=*))' -Properties * |     Select-Object samaccountname, description, UnixUserPassword, UserPassword, unicodePwd, msSFU30Name, msSFU30Password, os400-password

Results: Running powershell as SYSTEM user: Gives 5 users details Getting only userpassword entries and not unixuserpassword

Running powershell as Admin user: Gives 16 users details Getting both userpassword and unixuserpassword

Can anyone point out which permission or config setting causing this behaviour? Thanks.

RDX
  • 409
  • 6
  • 22
  • You should be seeing 8 properties as you've specified just that. Does the call without the RHS pipe filter not give you what you're after? Permissions would be checked on the account objects themselves from AD – Abraham Zinala Feb 08 '23 at 06:26
  • Are there any errors when [running as SYSTEM](https://stackoverflow.com/a/51612478/1701026)? – iRon Feb 08 '23 at 07:13
  • @iRon No errors while running – RDX Feb 08 '23 at 12:16
  • @AbrahamZinala ..yes i get 8 properties but for 5 users only while running as SYSTEM. – RDX Feb 08 '23 at 12:18
  • Is your computer in the same domain as the admin user? What happens if you add a `SearchBase`? – iRon Feb 08 '23 at 12:23
  • are you running script on a DC ? on basic domain member workstation or server SYSTEM is only a local user with local permissions. – tuyau2poil Feb 09 '23 at 15:18

0 Answers0