Closed jalliot closed 8 years ago
Good idea! Shouldn't be hard to implement, will try to play with it this weekend.
Sent from my iPhone
On Mar 9, 2015, at 5:11 AM, Jordan Alliot notifications@github.com wrote:
Hello,
Excellent piece of work! It is too bad though that the Invoke-MapDomainTrusts cmdlet does not handle forest trusts. The result is not complete then. Do you think it is possible to add the feature?
— Reply to this email directly or view it on GitHub.
Hi,
you can modify it like this:
...
try { # get all the trusts for this domain if($LDAP -or $DomainController) { $Trusts = Get-NetDomainTrust -Domain $Domain -LDAP -DomainController $DomainController -PageSize $PageSize $Trusts_forest = Get-NetForestTrust -PageSize $PageSize } else { $Trusts = Get-NetDomainTrust -Domain $Domain -PageSize $PageSize $Trusts_forest = Get-NetForestTrust -PageSize $PageSize } if ($Trusts) { # enumerate each trust found ForEach ($Trust in $Trusts) { $SourceDomain = $Trust.SourceName $TargetDomain = $Trust.TargetName $TrustType = $Trust.TrustType $TrustDirection = $Trust.TrustDirection # make sure we process the target $Null = $Domains.push($TargetDomain) # build the nicely-parsable custom output object $DomainTrust = New-Object PSObject $DomainTrust | Add-Member Noteproperty 'SourceDomain' "$SourceDomain" $DomainTrust | Add-Member Noteproperty 'TargetDomain' "$TargetDomain" $DomainTrust | Add-Member Noteproperty 'TrustType' "$TrustType" $DomainTrust | Add-Member Noteproperty 'TrustDirection' "$TrustDirection" $DomainTrust } if ($Trusts_forest) { # enumerate each trust found ForEach ($Trust in $Trusts_forest) { $SourceDomain = $Trust.SourceName $TargetDomain = $Trust.TargetName $TrustType = $Trust.TrustType $TrustDirection = $Trust.TrustDirection # make sure we process the target $Null = $Domains.push($TargetDomain) # build the nicely-parsable custom output object $DomainTrust = New-Object PSObject $DomainTrust | Add-Member Noteproperty 'SourceDomain' "$SourceDomain" $DomainTrust | Add-Member Noteproperty 'TargetDomain' "$TargetDomain" $DomainTrust | Add-Member Noteproperty 'TrustType' "$TrustType" $DomainTrust | Add-Member Noteproperty 'TrustDirection' "$TrustDirection" $DomainTrust } } } } catch { Write-Warning "[!] Error: $_" }
...
Apologies that this took so long.
I realized that the -LDAP option for Invoke-MapDomainTrust actually already maps forest trusts. I went ahead and added the non-LDAP recursing mapping here https://github.com/PowerShellEmpire/PowerTools/commit/c0134dd13b722d42b633d70c91fede17bbecb79d , which should now be in master.
Thanks @FloGatt !
Hello,
Excellent piece of work! It is too bad though that the Invoke-MapDomainTrusts cmdlet does not handle forest trusts. The result is not complete then. Do you think it is possible to add the feature?