Home/ Questions/Q 9012859
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T03:06:33+00:00

I found this code on a site : More userAccountControl Flag Fun (Convert-ToUACFlag.ps1) –

  • 0

I found this code on a site :More userAccountControl Flag Fun (Convert-ToUACFlag.ps1) – http://bsonposh.com/archives/288, for users in active directory.
And I thought I understood it a bit, so I created a function for the other way around based on this article but it seems to work as a counter | (pipe) -> ? (if)
The % is not (very) clear, what it does (I don’t think it is the modulus operator, otherwise I misunderstand the piping)

%= Assignment by modulus operator

echo( 1..($flags.length) | ? {$value -band [math]::Pow(2,$_)} |  %{ $flags[$_] });

and this is the original function, which works fine

function checkUserControl
{
    param
    ([int]$value)
    $flags = @("","ACCOUNTDISABLE","", "HOMEDIR_REQUIRED",
    "LOCKOUT", "PASSWD_NOTREQD","PASSWD_CANT_CHANGE", "ENCRYPTED_TEXT_PWD_ALLOWED",
    "TEMP_DUPLICATE_ACCOUNT", "NORMAL_ACCOUNT", "","INTERDOMAIN_TRUST_ACCOUNT", "WORKSTATION_TRUST_ACCOUNT",
    "SERVER_TRUST_ACCOUNT", "", "", "DONT_EXPIRE_PASSWORD", "MNS_LOGON_ACCOUNT", "SMARTCARD_REQUIRED",
    "TRUSTED_FOR_DELEGATION", "NOT_DELEGATED","USE_DES_KEY_ONLY", "DONT_REQ_PREAUTH",
    "PASSWORD_EXPIRED", "TRUSTED_TO_AUTH_FOR_DELEGATION")

    echo( 1..($flags.length) | ? {$value -band [math]::Pow(2,$_)} |  %{ $flags[$_] });
}

so my own try (several tries)

function checkUserControl2
    {
        param
        ([string]$value)
        $flags = @("","ACCOUNTDISABLE","", "HOMEDIR_REQUIRED",
        "LOCKOUT", "PASSWD_NOTREQD","PASSWD_CANT_CHANGE", "ENCRYPTED_TEXT_PWD_ALLOWED",
        "TEMP_DUPLICATE_ACCOUNT", "NORMAL_ACCOUNT", "","INTERDOMAIN_TRUST_ACCOUNT", "WORKSTATION_TRUST_ACCOUNT",
        "SERVER_TRUST_ACCOUNT", "", "", "DONT_EXPIRE_PASSWORD", "MNS_LOGON_ACCOUNT", "SMARTCARD_REQUIRED",
        "TRUSTED_FOR_DELEGATION", "NOT_DELEGATED","USE_DES_KEY_ONLY", "DONT_REQ_PREAUTH",
        "PASSWORD_EXPIRED", "TRUSTED_TO_AUTH_FOR_DELEGATION")

        #echo( 1..($flags.length) | ? {$value -eq $flags[$_] } )} |  %{$_});
        #echo( 1..($flags.length) | ? {$value -match $flags[$_] } )} |  %{$_});
        #echo( 1..($flags.length) | ? {$value -ieq $flags[$_] } )} |  %{$_});
        #echo( 1..($flags.length) | ? {$value -imatch $flags[$_] } )} |  %{ $_ });
        #echo( 1..($flags.length) | ? {$value -ieq $flags[$_] } )} |  {$_});
        echo( 1..($flags.length) | ? {$value -imatch $flags[$_] } )} |  { $_ });
    }

 echo "DONT_EXPIRE_PASSWORD";
 checkUserControl2("DONT_EXPIRE_PASSWORD");

the error I get an empty pipe is not allowed

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You have a few parantheses wrong in your code too it seems. I would use:

    function test {
param([string]$value)

$flags = @("","ACCOUNTDISABLE","", "HOMEDIR_REQUIRED",
        "LOCKOUT", "PASSWD_NOTREQD","PASSWD_CANT_CHANGE", "ENCRYPTED_TEXT_PWD_ALLOWED",
        "TEMP_DUPLICATE_ACCOUNT", "NORMAL_ACCOUNT", "","INTERDOMAIN_TRUST_ACCOUNT", "WORKSTATION_TRUST_ACCOUNT",
        "SERVER_TRUST_ACCOUNT", "", "", "DONT_EXPIRE_PASSWORD", "MNS_LOGON_ACCOUNT", "SMARTCARD_REQUIRED",
        "TRUSTED_FOR_DELEGATION", "NOT_DELEGATED","USE_DES_KEY_ONLY", "DONT_REQ_PREAUTH",
        "PASSWORD_EXPIRED", "TRUSTED_TO_AUTH_FOR_DELEGATION")

    ## output bit flag-number (disabled atm.)   
    #(1..$flags.length) | ? {$flags[$_] -match $value}

    ## value
    (1..$flags.length) | ? {$flags[$_] -match $value} | % {[Math]::Pow(2,$_)}
}

test "HOMEDIR_REQUIRED"

    Output:

    8
    • 0