Hi
I am trying to replace a lot of our existing Powershell Scripts used for Active Directory and File System properties.
I need to get a Users SID (based on their SAMAccountname or DistinguishedName but am having issues.
Can anybody advise how to return the SID.
Also, following this I need to replace the following Powershell commands
$user = get-aduser -identity “Hussain_Test1K”
$acl = get-acl newdrive:\Hussain_Test1K
$filesystemrights = [system.security.accesscontrol.filesystemrights]“FullControl”
$Accesscontroltype = [system.security.accesscontrol.accesscontroltype]::Allow
$inheritanceflags = [system.security.accesscontrol.inheritanceflags]“ContainerInherit, ObjectInherit”
$propagationflags = [system.security.accesscontrol.propagationflags]“none”
$accessrule = new-object System.Security.AccessControl.filesystemaccessrule ($user.sid, $filesystemrights, $inheritanceflags, $propagationflags, $accesscontroltype)
$acl.addaccessrule($accessrule)
set-acl -path newdrive:\Hussain_Test1K -AclObject $acl -ea stop
I think I can use ‘Invoke Method’ for some of this but would be grateful for those with expertise for advice
Many thanks
@gary.cobden Do you want to run power shell scripts?
If yes used powershell activity for this
No, I do not want to use Powershell Scripts; I want to use the UiPath Active Directory tools for the first part to get the SID
And ideally Invoke Method to assign the directory permissions
@gary.cobden can you share some example might be I can help after that
@raja.arslankhan
This is the main body of the existing Powershell Script that I want to convert so Powershell is not used
new-psdrive -name newDrive -psprovider filesystem -root “\abc\home\xyz” -credential $mycreds
new-item -itemtype directory newdrive:\billybragg -force
$user = get-aduser -identity “billybragg”
$acl = get-acl newdrive:\billybragg
$filesystemrights = [system.security.accesscontrol.filesystemrights]“FullControl”
$Accesscontroltype = [system.security.accesscontrol.accesscontroltype]::Allow
$inheritanceflags = [system.security.accesscontrol.inheritanceflags]“ContainerInherit, ObjectInherit”
$propagationflags = [system.security.accesscontrol.propagationflags]“none”
$accessrule = new-object System.Security.AccessControl.filesystemaccessrule ($user.sid, $filesystemrights, $inheritanceflags, $propagationflags, $accesscontroltype)
$acl.addaccessrule($accessrule)
set-acl -path newdrive:\Hussain_Test1K -AclObject $acl -ea stop
Thx
Hi,’
You can use Active Directory package and extarct details using standard activities,please follow the below thread:
Get Objects by Filter, retrieves a list of properties of a user in AD and tehn you could extract any value you like form AD,
Check Email Address in Active Directory - Learn / Academic Alliance - UiPath Community Forum
Hope this helps.
Thanks.
@prateek.mehandiratta9
Alas - your suggestion does still not let me get the SID which I require for processing some file permissions. The variable returns NULL
@prateek.mehandiratta9
Ah, think I’ve got it using ObjectSID which returns as byte[28].
Any ideas how to convert this to the standard S-1-2-34-5678912345-1234512345-1234512345-12345 format???
Hi @gary.cobden
Great you are able to extract it, can you parse this into a string, follow the below thread:
Conversion to Base64 format - Help - UiPath Community Forum
Thanks.