Implemented parsing for "Memberof" assignments in GetGpoAdmins

[jonas2k]

Thanks for creating Bloodhound/Sharphound. It's awesome! While playing around, I noticed that GpoAdmin relationships are only gathered, if the fixed members assignment is used (*S-1-5-32-544__Members = ... in GptTmpl.inf). In our environment, we often define this with "Memberof" in order to avoid existing group members getting overwritten. So I extended the GetGpoAdmins method in such a way that it collects these relationships too. It worked fine during my tests.

Consider this PR as a proposal and feel free to modify it in any way to make the code meet your requirements. :)

[rvazarkar]

Correct me if I'm wrong, but S-1-5-32-544_MemberOf sets the Administrator's group to be a member of another group, not who is actually an administrator.

Is that incorrect?

[jonas2k]

That's correct, but you can also use it the other way around and add a domain group to local administrators without removing existing members by setting memberof. Let's say you have a group CONTOSO\it-staff and want to make it local admin on specific computers. You could set this group to be a member of the local administrators group by applying an accordingly configured group policy to certain computers. @HarmJ0y wrote a nice article on this topic.

[jonas2k]

I just added some more refinements.

[rvazarkar]

I like this, I'm going to do some testing on it when I get a chance

[rvazarkar]

So I'm going to probably go ahead and merge this. Unfortunately, a good bit of this code is going to need to be rewritten to accommodate some changes we're making to GPO collection in general (nothing wrong with the code you have). Thanks for bringing this up, and putting in the work to make a working solution.

[jonas2k]

Great! Thanks for reviewing. :)

[rvazarkar]

Do you have a twitter handle I can link to to give credit for this PR?

[jonas2k]

Yep, it's "jonas_2k".