Exports a SystoLOCK token information.
Export-SystoLockToken [-File] <String> [[-Filter] <String>] [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
Export-SystoLockToken [-File] <String> [-Identifier] <String[]> [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
Export-SystoLockToken [-File] <String> [-Token] <OathToken[]> [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
The Export-SystoLockToken cmdlet saves token information to an XML file.
The information for all tokens is stored if no parameter a is specified.
Filtering fields
Algorithm: OTP algorithm identifier (HOTP, TOTP)
Class: Token class (hardware or software)
NotAfter: Usage end date of the token
NotBefore: Usage start date of the token
NumberOfTransactions: Maximum number of times the token can be used
FriendlyName: Token friendly name
Identifier: Token unique identifier
Interval: Time interval value for time-based OTP algorithms, in seconds
Manufacturer: Token manufacturer name
Model: Token model name
ResponseLength: Length of the resulting one-time password
DisableTime: Value indicating when the token was disabled
Drift: Value indicating time drift for time-based tokens
LastTimeUsed: Value indicating token last usage time
LockTime: Value indicating when the token was locked
PerformedTransactions: Value indicating the number of successfully performed transactions
User: Identifier of a user this token is assigned to
IssueNumber: Token issue number
Filtering operators
Present: Represents a 'present' comparison, such as 'answer -eq *'
Absent: Represents a 'absent' comparison, such as 'answer -ne *' or '-not answer -eq *'
Equal (==, -eq): Represents an equality comparison, such as 'answer -eq 42'
LessThanOrEqual (<=, -le): Represents the 'less than or equal' comparison, such as 'answer -le 42'
GraterThanOrEqual (>=, -ge): Represents the 'grater than or equal' comparison, such as 'answer -ge 42'
NotEqual (!=, <>, -ne): Represents an inequality comparison, such as 'answer -ne 42'
LessThan (<, -lt): Represents the 'less than ' comparison, such as 'answer -lt 42'
GraterThan (>, -gt): Represents the 'grater than' comparison, such as 'answer -gt 42'
Approx (~=, -approx): Represents the 'approximately equal to' comparison, such as 'name ~= joe'
BinaryOr (|, -bor): Represents the 'bitwise or' operation, such as 'answer | 42'
BinaryAnd (&, -band): Represents the 'bitwise and' operation, such as 'answer -band 42'
RecursiveMatch (-recursivematch): Represents the recursive match equality operation, such as '1.2.840.113556.1.4.1941' matching rule in NTDS
Like (~, -like): Represents the 'like' equality comparison, which is similar to Equal but supports wildcard comparison with '*'
NotLike (!~, -nlike, -notlike) : Represents the 'not like' inequality comparison, which is similar to NotEqual but supports wildcard comparison with '*'
And (&&, -and) : Represents the 'and' join operator, such as 'answer -le 100 -and answer -ge 50'
Or (||, -or) : Represents the 'or' join operator, such as 'answer -ge 100 -or answer -le 50'
Not (!, -not) : Represents the 'not' negation operator, such as '-not answer -ge 100'
All cmdlets interacting with SystoLock service have -Address and -Timeout parameters to adjust their behavior.
You can also set $SystoLockAddress and $SystoLockTimeout PowerShell variables or $SystoLockAddress and $SystoLockTimeout environment variables which let you specify these parameters as defaults.
If no parameters or environment variables are specified, the timeout defaults to 3 seconds and the address is obtained from DNS for current domain and site.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Identifier GAKT000168DE
Exports a single token.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Identifier GAKT000168DD, GAKT000168DE, GAKT000168DF
Exports a group of tokens.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Filter 'Interval -gt 30'
Exports tokens by a filter.
Export-SystoLockToken -File 'C:\tokens.pskcxml'
Exports all tokens.
Specifies service address (optional).
Accepts an URL, a host name or a Service structure returned by previous Get-SystoLockService call.
Type: ServiceAddress
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies authentication method to use with domain controller (optional).
The acceptable values for this parameter are: Kerberos and Negotiate.
The default method is Kerberos.
Possible values: Kerberos, Negotiate
Type: NtdsAuthType
Parameter Sets: (All)
Aliases:
Accepted values: Kerberos, Negotiate
Required: False
Position: Named
Default value: Kerberos
Accept pipeline input: False
Accept wildcard characters: False
Specifies domain controller name (optional).
Accepts a domain name, a fully qualified domain name or an IP address of the domain controller.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies XML file name.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Allows objects to be filtered (default expression: 'Identifier -eq *').
Type: String
Parameter Sets: Filter
Aliases:
Required: False
Position: 1
Default value: Identifier -eq *
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Specifies token identifier or URL.
Type: String[]
Parameter Sets: Identifier
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies timeout (range: 1 - 30 seconds, default: 3 seconds).
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies OathToken structure.
Type: OathToken[]
Parameter Sets: Token
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Specifies XML file name.
Allows objects to be filtered (default expression: 'Identifier -eq *').
Specifies token identifier or URL.
Specifies OathToken structure.
If a file already exists, it will not be processed.