icinga-powershell-framework/lib/core/tools/Get-IcingaUserSID.psm1

function Get-IcingaUserSID()
{
    param(
        [string]$User
    );

    if ([string]::IsNullOrEmpty($User)) {
        return $null;
    }

    if ($User -eq 'LocalSystem') {
        $User = 'NT Authority\SYSTEM';
    }

    $UserData = Split-IcingaUserDomain -User $User;

    try {
        $NTUser       = New-Object System.Security.Principal.NTAccount($UserData.Domain, $UserData.User);
        $SecurityData = $NTUser.Translate([System.Security.Principal.SecurityIdentifier]);
    } catch {
        try {
            # Try again but this time with our domain
            $UserData.Domain = (Get-IcingaWindowsInformation -ClassName Win32_ComputerSystem).Domain;
            $NTUser          = New-Object System.Security.Principal.NTAccount($UserData.Domain, $UserData.User);
            $SecurityData    = $NTUser.Translate([System.Security.Principal.SecurityIdentifier]);
        } catch {
            throw $_.Exception;
        }
    }

    if ($null -eq $SecurityData) {
        throw 'Failed to fetch user information from system';
    }

    return $SecurityData.Value;
}
Added Icinga Service and Service permission management 2019-10-17 16:51:12 -04:00			`function Get-IcingaUserSID()`
			`{`
			`param(`
			`[string]$User`
			`);`

Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`if ([string]::IsNullOrEmpty($User)) {`
			`return $null;`
			`}`

Fixes handling for LocalSystem account if set as service user Fixes #51 2020-03-11 08:01:54 -04:00			`if ($User -eq 'LocalSystem') {`
			`$User = 'NT Authority\SYSTEM';`
			`}`

Adds support to add/remove/test Wmi permissions You can now use 'Add-IcingaWmiPermissions' to add permissions for a specific user and namespace and remove them with 'Remove-IcingaWmiPermissions' 2020-11-18 04:45:22 -05:00			`$UserData = Split-IcingaUserDomain -User $User;`
Added Icinga Service and Service permission management 2019-10-17 16:51:12 -04:00
			`try {`
Adds support to add/remove/test Wmi permissions You can now use 'Add-IcingaWmiPermissions' to add permissions for a specific user and namespace and remove them with 'Remove-IcingaWmiPermissions' 2020-11-18 04:45:22 -05:00			`$NTUser = New-Object System.Security.Principal.NTAccount($UserData.Domain, $UserData.User);`
Added Icinga Service and Service permission management 2019-10-17 16:51:12 -04:00			`$SecurityData = $NTUser.Translate([System.Security.Principal.SecurityIdentifier]);`
			`} catch {`
Adds support for JEA profiles 2021-08-06 12:12:27 -04:00			`try {`
			`# Try again but this time with our domain`
			`$UserData.Domain = (Get-IcingaWindowsInformation -ClassName Win32_ComputerSystem).Domain;`
			`$NTUser = New-Object System.Security.Principal.NTAccount($UserData.Domain, $UserData.User);`
			`$SecurityData = $NTUser.Translate([System.Security.Principal.SecurityIdentifier]);`
			`} catch {`
			`throw $_.Exception;`
			`}`
Added Icinga Service and Service permission management 2019-10-17 16:51:12 -04:00			`}`

			`if ($null -eq $SecurityData) {`
			`throw 'Failed to fetch user information from system';`
			`}`

			`return $SecurityData.Value;`
			`}`