Good afternoon-

I'm trying to search all of the GPOs in my environment for "NT AUTHORITY\Authenticated Users" in any User Rights Assignment section. We need to implement a forest-wide authentication trust and need to know where "Authenticated Users" is used so that we can replace it with "Domain Users" and "Domain Computers." I have a Powershell script that is getting me close, but I can't seem to form the if() block in such a way that it actually works. This seems to be a good base:

[xml]$objGPO = Get-Content "PATHTOXMLFILEHERE"
Write-host $objGPO.GPO.Computer.ExtensionData.Extension.UserRightsAssignment.Member.Name -foregroundcolor green | Where { $_ -like "*NT AUTHORITY\Authenticated Users*"}

When I run this, I get:

       q1:Member                                     q1:Member

(in green) so I believe that it's finding a match. However, if I change the code to something like this:

[xml]$objGPO = Get-Content "PATHTOXMLFILE"
if($objGPO.GPO.Computer.ExtensionData.Extension.UserRightsAssignment.Member.Name | Where { $_ -like "*NT AUTHORITY\Authenticated Users*"}){
	Write-Host "Yes"
} else {
	Write-Host "No"
}

It always returns "No." I'm open to suggestions on other ways to accomplish what I'm looking for.

Thank you!!

Hi Brupnik,

Please make sure you have gotten the expected result by the cmdlet "$objGPO.GPO.Computer.ExtensionData.Extension.UserRightsAssignment.Member.Name".

The result you posted should be the output of "$objGPO.GPO.Computer.ExtensionData.Extension.UserRightsAssignment.Member.Name".

If you want to filter the User Rights Assignment, please try to modify the expression above, and test the result below:

$objGPO.GPO.Computer.ExtensionData.Extension.UserRightsAssignment.somethingmodify|where { $_ -like "*NT AUTHORITY\Authenticated Users*"}

I hope this helps.