Linked Group

[S-K-P]

Hello,

The command "Get-PASLinkedAccount.ps1" return all linked accounts, but if we check the API call result, we also have the "LinkedGroup" information.

Example:

{
    "LinkedAccounts": [
        {
            "Name": "LogonAccount",
            "DisplayName": "Logon Account",
            "Descriptor": "",
            "Broken": false,
            "NoAuthorization": false,
            "IsDefaultFromPolicy": false,
            "extraPasswordIndex": 1
        },
        {
            "Name": "ReconcileAccount",
            "DisplayName": "Reconcile Account",
            "Descriptor": "",
            "Broken": false,
            "NoAuthorization": false,
            "IsDefaultFromPolicy": false,
            "extraPasswordIndex": 3
        }
    ],
    "LinkedGroupId": "GroupId",
    "LinkedGroupName": "GroupName",
    "LinkedGroupPolicyName": "GroupPolicyName"
}

Values are null if there is not linked group. Example:

{
    "LinkedAccounts": [],
    "LinkedGroupId": null,
    "LinkedGroupName": null,
    "LinkedGroupPolicyName": null
}

Is it possible to add this to the current command "Get-PASLinkedAccount.ps1" or maybe to create a new one "Get-PASLinkedGroup.ps1" to get only this information?

Or maybe there is already a command and I am not aware.

Thank you very much for your time.

[pspete]

Hi @S-K-P - Get-PASLinkedAccount is actually one of the few "experimental" functions in the module - it i not based on any published documentation.

Can you describe what the LinkedGroup detail provides? Is the data already returned using an existing command like Get-PASAccountGroup?

[S-K-P]

Hello,

The LinkedGroup provide the AccountGroup of the account.

The command "Get-PASAccountGroup" returns all AccountGroups in a specific safe.

The command "Get-PASAccountGroupMember" returns all members of a specific AccountGroup. And the API call returns only the first 100 members.

But like you said this API call is not documented, so do as you feel.

Thank you

[pspete]

Will look into it 👍🏼