Returns a SystoLOCK token information.
Get-SystoLockToken [[-Identifier] <String[]>] [-Address <ServiceAddress>] [-AuthType <NtdsAuthType>]
[-DomainController <String>] [-Timeout <Int32>] [-ProgressAction <ActionPreference>] [-IncludeTotalCount]
[-Skip <UInt64>] [-First <UInt64>] [<CommonParameters>]
Get-SystoLockToken [[-Filter] <String>] [[-SortBy] <String>] [-Address <ServiceAddress>]
[-AuthType <NtdsAuthType>] [-DomainController <String>] [-Timeout <Int32>]
[-ProgressAction <ActionPreference>] [-IncludeTotalCount] [-Skip <UInt64>] [-First <UInt64>]
[<CommonParameters>]
The Get-SystoLockToken cmdlet returns SystoLOCK token information as OathToken structure.
Accepts multiple ID values to the cmdlet.
If no token identifier are specified the information about all tokens is returned.
Filtering fields
Algorithm: OTP algorithm identifier (HOTP, TOTP)
Class: Token class (hardware or software)
NotAfter: Usage end date of the token
NotBefore: Usage start date of the token
NumberOfTransactions: Maximum number of times the token can be used
FriendlyName: Token friendly name
Identifier: Token unique identifier
Interval: Time interval value for time-based OTP algorithms, in seconds
Manufacturer: Token manufacturer name
Model: Token model name
ResponseLength: Length of the resulting one-time password
DisableTime: Value indicating when the token was disabled
Drift: Value indicating time drift for time-based tokens
LastTimeUsed: Value indicating token last usage time
LockTime: Value indicating when the token was locked
PerformedTransactions: Value indicating the number of successfully performed transactions
User: Identifier of a user this token is assigned to
IssueNumber: Token issue number
Filtering operators
Present: Represents a 'present' comparison, such as 'answer -eq *'
Absent: Represents a 'absent' comparison, such as 'answer -ne *' or '-not answer -eq *'
Equal (==, -eq): Represents an equality comparison, such as 'answer -eq 42'
LessThanOrEqual (<=, -le): Represents the 'less than or equal' comparison, such as 'answer -le 42'
GraterThanOrEqual (>=, -ge): Represents the 'grater than or equal' comparison, such as 'answer -ge 42'
NotEqual (!=, <>, -ne): Represents an inequality comparison, such as 'answer -ne 42'
LessThan (<, -lt): Represents the 'less than ' comparison, such as 'answer -lt 42'
GraterThan (>, -gt): Represents the 'grater than' comparison, such as 'answer -gt 42'
Approx (~=, -approx): Represents the 'approximately equal to' comparison, such as 'name ~= joe'
BinaryOr (|, -bor): Represents the 'bitwise or' operation, such as 'answer | 42'
BinaryAnd (&, -band): Represents the 'bitwise and' operation, such as 'answer -band 42'
RecursiveMatch (-recursivematch): Represents the recursive match equality operation, such as '1.2.840.113556.1.4.1941' matching rule in NTDS
Like (~, -like): Represents the 'like' equality comparison, which is similar to Equal but supports wildcard comparison with '*'
NotLike (!~, -nlike, -notlike) : Represents the 'not like' inequality comparison, which is similar to NotEqual but supports wildcard comparison with '*'
And (&&, -and) : Represents the 'and' join operator, such as 'answer -le 100 -and answer -ge 50'
Or (||, -or) : Represents the 'or' join operator, such as 'answer -ge 100 -or answer -le 50'
Not (!, -not) : Represents the 'not' negation operator, such as '-not answer -ge 100'
Soring fields
You can sort by any filtering field except 'Algorithm', 'Class', and 'User'.
All cmdlets interacting with SystoLock service have -Address and -Timeout parameters to adjust their behavior.
You can also set $SystoLockAddress and $SystoLockTimeout PowerShell variables or $SystoLockAddress and $SystoLockTimeout environment variables which let you specify these parameters as defaults.
If no parameters or environment variables are specified, the timeout defaults to 3 seconds and the address is obtained from DNS for current domain and site.
Get-SystoLockToken -Identifier GAKT000168DE
Retrieves a single token.
Get-SystoLockToken -Identifier GAKT000168DD, GAKT000168DE, GAKT000168DF
Retrieves a group of tokens.
Get-SystoLockToken -Filter 'User -like Al*'
Retrieves a tokens by a filter.
Get-SystoLockToken -Filter 'Interval -gt 30' -SortBy Manufacturer
Retrieves a tokens using filter.
Sorting enabled.
Get-SystoLockToken -Filter 'Interval -gt 30' Manufacturer -Descending
Retrieves tokens using filter.
Descending sorting enabled.
Get-SystoLockToken -First 5 -Skip 1
Retrieves tokens using paging parameters.
Specifies service address (optional).
Accepts an URL, a host name or a Service structure returned by previous Get-SystoLockService call.
Type: ServiceAddress
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies authentication method to use with domain controller (optional).
The acceptable values for this parameter are: Kerberos and Negotiate.
The default method is Kerberos.
Possible values: Kerberos, Negotiate
Type: NtdsAuthType
Parameter Sets: (All)
Aliases:
Accepted values: Kerberos, Negotiate
Required: False
Position: Named
Default value: Kerberos
Accept pipeline input: False
Accept wildcard characters: False
Specifies domain controller name (optional).
Accepts a domain name, a fully qualified domain name or an IP address of the domain controller.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Allows objects to be filtered (default expression: 'Identifier -eq *').
Type: String
Parameter Sets: Filter
Aliases:
Required: False
Position: 0
Default value: Identifier -eq *
Accept pipeline input: False
Accept wildcard characters: False
Specifies token identifier or URL.
Type: String[]
Parameter Sets: Identifier
Aliases:
Required: False
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies field to sort by (optional).
Type: String
Parameter Sets: Filter
Aliases:
Required: False
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False
Specifies timeout (range: 1 - 30 seconds, default: 3 seconds).
Type: Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Reports the total number of objects in the data set (an integer) followed by the selected objects.
If the cmdlet cannot determine the total count, it displays "Unknown total count." The integer has an Accuracy property that indicates the reliability of the total count value.
The value of Accuracy ranges from 0.0 to 1.0 where 0.0 means that the cmdlet could not count the objects, 1.0 means that the count is exact, and a value between 0.0 and 1.0 indicates an increasingly reliable estimate.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Ignores the specified number of objects and then gets the remaining objects.
Enter the number of objects to skip.
Type: UInt64
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Gets only the specified number of objects.
Enter the number of objects to get.
Type: UInt64
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Specifies token identifier or URL.
Specifies field to sort by (optional).
Descending sort order (no parameter: ascending sort order).
Dynamic parameter, used only if a sorting field specified.
Represents OTP token information.
OathAlgorithmIdentifier Algorithm: OTP algorithm identifier ()
OathTokenClass Class: Token class ()
OathTokenConstraints Constraints: OTP token constraints if any applied
DateTime?
NotAfter: Usage end date of the token
DateTime?
NotBefore: Usage start date of the token
Int64?
NumberOfTransactions: Maximum number of times the token can be used
String FriendlyName: Token friendly name
String Identifier: Token unique identifier
TimeSpan?
Interval: Time interval value for time-based OTP algorithms in seconds
String Manufacturer: Token manufacturer name
String Model: Token model name
Int32 ResponseLength: Length of a one-time password
OathTokenRuntimeContext RuntimeContext: OTP token runtime context
DateTime?
DisableTime: Value indicating whether and when the token was disabled
Int32?
Drift: Value indicating token drift for time-based OTP algorithms
DateTime[] Failures: Time of last failed authentication
DateTime?
LastTimeUsed: Value indicating the token was last time used
DateTime?
LockTime: Value indicating whether and when the token was locked
Int64 PerformedTransactions: Value indicating the number of successfully performed transactions
String User: Identifier of a user this token is assigned to
Byte[] Secret: Token secret value
String IssueNumber: Token issue number
If no sort field is specified for a filter operation, the default sort order is 'Identifier'.
If you are performing sorting on a nullable field, e.g.
'Intreval', only non-null values of the fileld are included into the result set.