Gets OATH token assignment information.
Get-SystoLockOathTokenAssignment [[-Identifier] <String>] [-ResolveUser] [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>] [-IncludeTotalCount]
[-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]
Get-SystoLockOathTokenAssignment [-Filter] <String> [-ResolveUser] [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>] [-IncludeTotalCount]
[-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]
Get-SystoLockOathTokenAssignment [-ResolveUser] -User <Object> [-Address <ServiceAddress>] [-AuthType <NtdsAuthType>]
[-DomainController <String>] [-Timeout <Int32>] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>]
[<CommonParameters>]
The Get-SystoLockOathTokenAssignment cmdlet get OATH token assignment information.
To search for and get more than one object, use the Filter parameters.
For more information about the Filter parameter syntax, type 'Get-Help about_Oath_Tokens_Filter'.
All cmdlets interacting with SystoLOCK service have -Address and -Timeout parameters to adjust their behavior.
You can also set $SystoLockAddress and $SystoLockTimeout PowerShell variables or $SystoLockAddress and $SystoLockTimeout environment variables which let you specify these parameters as defaults.
If no parameters or environment variables are specified, the timeout defaults to 3 seconds and the address is obtained from DNS for current domain and site.
Get-SystoLockOathTokenAssignment -Identifier GAKT000168DE
Gets an OATH token assignment information by the token identifier.
Get-SystoLockOathTokenAssignment -User 'CN=Alice,CN=Users,DC=company,DC=com'
Gets an OATH token assignment by user distinguished name (DN).
Get-SystoLockOathTokenAssignment -User Alice
Gets an OATH token assignment information by user name.
Get-SystoLockOathTokenAssignment -User 'company.com\Alice'
Gets an OATH token assignment information by user SAM account name.
Get-SystoLockOathTokenAssignment -User 'alice@company.com'
Gets an OATH token assignment information by user principal name.
Get-SystoLockOathTokenAssignment -User (Get-ADUser Alice).ObjectGuid
Gets an OATH token assignment information by user global unique identifier (GUID).
Get-SystoLockOathTokenAssignment -User (Get-ADUser Alice).SID
Gets an OATH token assignment information by user security identifier (SID).
Get-SystoLockOathTokenAssignment -User (Get-ADUser -Identity Alice)
Gets an OATH token assignment information by user Active Directory object provided as parameter.
Get-SystoLockOathTokenAssignment -First 5 -Skip 1
Gets an OATH token assignments using paging parameters.
Get-SystoLockOathTokenAssignment -Filter 'Identifier -like GAKT*'
Gets an OATH token assignments a search filter.
Specifies service address (optional).
Accepts an URL, a host name or a Service structure returned by previous Get-SystoLockService call.
Type: ServiceAddress
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies authentication method to use with domain controller (optional).
The acceptable values for this parameter are: Kerberos and Negotiate.
The default method is Kerberos.
Possible values: Kerberos, Negotiate
Type: NtdsAuthType
Parameter Sets: (All)
Aliases:
Accepted values: Kerberos, Negotiate
Required: False
Position: Named
Default value: Kerberos
Accept pipeline input: False
Accept wildcard characters: False
Specifies domain controller name (optional).
Accepts a domain name, a fully qualified domain name or an IP address of the domain controller.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Allows objects to be filtered (default expression: 'Identifier -eq *').
Type: String
Parameter Sets: Filter
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Gets only the specified number of objects.
Enter the number of objects to get.
Type: UInt64
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Token ID or URL.
Type: String
Parameter Sets: Identifier
Aliases:
Required: False
Position: 0
Default value: *
Accept pipeline input: False
Accept wildcard characters: False
Reports the total number of objects in the data set (an integer) followed by the selected objects.
If the cmdlet cannot determine the total count, it displays "Unknown total count." The integer has an Accuracy property that indicates the reliability of the total count value.
The value of Accuracy ranges from 0.0 to 1.0 where 0.0 means that the cmdlet could not count the objects, 1.0 means that the count is exact, and a value between 0.0 and 1.0 indicates an increasingly reliable estimate.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Determines if the cmdlet should resolve user information from Active Directory.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
Ignores the specified number of objects and then gets the remaining objects.
Enter the number of objects to skip.
Type: UInt64
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies timeout (range: 1 - 30 seconds, default: 3 seconds).
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Accepts user name, distinguished name, principal name, SAM account name, GUID, SID or ADUser object.
Type: Object
Parameter Sets: User
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Accepts user name, distinguished name, principal name, SAM account name, GUID, SID or ADUser object.
Contains user-token assignment information.
String Tokens: Array of user's token identifiers
String User: Active Directory user identifier
UserDN: user distinguished name.
Identifier: OATH token uniq identifier.
Class: token class.
Algorithm: OATH token algorithm.
IsActive: If value set to true indicating whether the token is active; otherwise $false.
LastUsed: the date in local time when token has last used.
Drift: numbers of token drift.
HasConstraints: If value set to true indicating whether the token has constrains; otherwise $false.
HasPin: If value set to true indicating whether the token has PIN; otherwise $false.
Token: OATH token object.
User: Active Directory user object.
Accepts a user name, distinguished name, principal name, SAM account name, GUID, SID or ADUser object to associate the user with a token.
Add-SystoLockOathTokenAssignment
Remove-SystoLockOathTokenAssignment