Fixed edgecase for Find-GPOLocation where GPO is linked to OU but delegated to single computers

[byt3bl33d3r]

Heya,

During testing, I've noticed that Find-GPOLocation doesn't deal with the edgecase I mentioned in the title (not exactly sure if this is an edgecase), this is what it looks like in the Group Policy Management console:

The GPO is applied to the Computers OU but it's delegated to only to 2 computers so its affectively applied to only them and not the whole OU.

You can follow the article here for the steps to do this so you can reproduce this in a lab.

This PR adds a -Full switch to Get-GPODelegation so it returns all GPO delegations (and not only the ones with 'Write' permissions to users) and some logic to Find-GPOLocation to call Get-GPODelegation and check for this.

This is the cmdlet's output before the fix:

ObjectName     : dafuq
ObjectDN       : CN=dafuq,OU=Users,OU=Lab,DC=lab,DC=local
ObjectSID      : S-1-5-21-1049426096-2728124650-4150323340-1122
Domain         : 
IsGroup        : False
GPODisplayName : Add dafauq to Local Admins
GPOGuid        : {6CD9F24D-7ECF-42B8-8DBD-DF50001A77EB}
GPOPath        : \\lab.local\SysVol\lab.local\Policies\{6CD9F24D-7ECF-42B8-8DBD-DF50001A77EB}
GPOType        : RestrictedGroups
ContainerName  : OU=Computers,OU=Lab,DC=lab,DC=local
ComputerName   : {WIN7.lab.local, WIN10.lab.local, WIN81.lab.local, WINXP.lab.local...}

As you can see it returned every computer in the OU.

After the fix:

ObjectName     : dafuq
ObjectDN       : CN=dafuq,OU=Users,OU=Lab,DC=lab,DC=local
ObjectSID      : S-1-5-21-1049426096-2728124650-4150323340-1122
Domain         : 
IsGroup        : False
GPODisplayName : Add dafauq to Local Admins
GPOGuid        : {6CD9F24D-7ECF-42B8-8DBD-DF50001A77EB}
GPOPath        : \\lab.local\SysVol\lab.local\Policies\{6CD9F24D-7ECF-42B8-8DBD-DF50001A77EB}
GPOType        : RestrictedGroups
ContainerName  : OU=Computers,OU=Lab,DC=lab,DC=local
ComputerName   : {WIN81.lab.local, WIN7OMFGTHISLON.lab.local}

Let me know how much my code sucks lol

Cheers