Exports token information.
Export-SystoLockToken [-File] <String> [[-Filter] <String>] [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>] [<CommonParameters>]
Export-SystoLockToken [-File] <String> [-Identifier] <String[]> [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>] [<CommonParameters>]
Export-SystoLockToken [-File] <String> [-Token] <OathToken[]> [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>] [<CommonParameters>]
Exports token information to an XML file.
If no parameters specified the information about all tokens is saved.
Filtering fields
Algorithm: OTP algorithm identifier (HOTP, TOTP)
Class: Token class (hardware or software)
NotAfter: Usage end date of the token
NotBefore: Usage start date of the token
NumberOfTransactions: Maximum number of times the token can be used
FriendlyName: Token friendly name
Identifier: Token unique identifier
Interval: Time interval value for time-based OTP algorithms, in seconds
Manufacturer: Token manufacturer name
Model: Token model name
ResponseLength: Length of the resulting one-time password
DisableTime: Value indicating when the token was disabled
Drift: Value indicating time drift for time-based tokens
LastTimeUsed: Value indicating token last usage time
LockTime: Value indicating when the token was locked
PerformedTransactions: Value indicating the number of successfully performed transactions
User: Identifier of a user this token is assigned to
IssueNumber: Token issue number
Filtering operators
Present: Represents a 'present' comparison, such as 'answer -eq *'
Absent: Represents a 'absent' comparison, such as 'answer -ne *' or '-not answer -eq *'
Equal (==, -eq): Represents an equality comparison, such as 'answer -eq 42'
LessThanOrEqual (<=, -le): Represents the 'less than or equal' comparison, such as 'answer -le 42'
GraterThanOrEqual (>=, -ge): Represents the 'grater than or equal' comparison, such as 'answer -ge 42'
NotEqual (!=, <>, -ne): Represents an inequality comparison, such as 'answer -ne 42'
LessThan (<, -lt): Represents the 'less than ' comparison, such as 'answer -lt 42'
GraterThan (>, -gt): Represents the 'grater than' comparison, such as 'answer -gt 42'
Approx (~=, -approx): Represents the 'approximately equal to' comparison, such as 'name ~= joe'
BinaryOr (|, -bor): Represents the 'bitwise or' operation, such as 'answer | 42'
BinaryAnd (&, -band): Represents the 'bitwise and' operation, such as 'answer -band 42'
RecursiveMatch (-recursivematch): Represents the recursive match equality operation, such as '1.2.840.113556.1.4.1941' matching rule in NTDS
Like (~, -like): Represents the 'like' equality comparison, which is similar to Equal but supports wildcard comparison with '*'
NotLike (!~, -nlike, -notlike) : Represents the 'not like' inequality comparison, which is similar to NotEqual but supports wildcard comparison with '*'
And (&&, -and) : Represents the 'and' join operator, such as 'answer -le 100 -and answer -ge 50'
Or (||, -or) : Represents the 'or' join operator, such as 'answer -ge 100 -or answer -le 50'
Not (!, -not) : Represents the 'not' negation operator, such as '-not answer -ge 100'
All cmdlets interacting with SystoLock service have -Address and -Timeout parameters to adjust their behavior.
You can also set $systolockaddress and $systolocktimeout PowerShell variables or SLOCKADDRESS and SLOCKTIMEOUT environment variables which let you specify these parameters as defaults.
If no parameters or environment variables are specified, the timeout defaults to 3 seconds and the address is obtained from DNS for current domain and site.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Identifier GAKT000168DE
Export a single token.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Identifier GAKT000168DD, GAKT000168DE, GAKT000168DF
Export a group of tokens.
Export-SystoLockToken -File 'C:\tokens.pskcxml' -Filter 'Identifier -like GAKT*'
Export tokens by a filter.
Export-SystoLockToken -File 'C:\tokens.pskcxml'
Export all tokens.
Service address (optional).
You can pass an URL, a host name or a Service structure returned by previous Get-SystoLockService call.
Type: ServiceAddress
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Authentication method to use with domain controller (optional).
The acceptable values for this parameter are: Kerberos and Negotiate.
The default authentication method is Kerberos.
Possible values: Kerberos, Negotiate
Type: NtdsAuthType
Parameter Sets: (All)
Aliases:
Accepted values: Kerberos, Negotiate
Required: False
Position: Named
Default value: Kerberos
Accept pipeline input: False
Accept wildcard characters: False
Domain controller name (optional).
You can pass a domain name, a fully qualified domain name or an IP address of the domain controller.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
XML file name.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
expression (default: 'Identifier -eq *').
Type: String
Parameter Sets: Filter
Aliases:
Required: False
Position: 1
Default value: Identifier -eq *
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Token identifier or URL.
Type: String[]
Parameter Sets: Identifier
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
Timeout (range: 1 - 30 seconds, default: 3 seconds).
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
OathToken structure.
Type: OathToken[]
Parameter Sets: Token
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
XML file name.
expression (default: 'Identifier -eq *').
Token identifier or URL.
OathToken structure.
If a file already exists no any processing performed.