{"id":16791,"date":"2010-10-17T00:01:00","date_gmt":"2010-10-17T00:01:00","guid":{"rendered":"https:\/\/blogs.technet.microsoft.com\/heyscriptingguy\/2010\/10\/17\/create-exact-copies-of-active-directory-security-groups-in-a-new-forest\/"},"modified":"2010-10-17T00:01:00","modified_gmt":"2010-10-17T00:01:00","slug":"create-exact-copies-of-active-directory-security-groups-in-a-new-forest","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/scripting\/create-exact-copies-of-active-directory-security-groups-in-a-new-forest\/","title":{"rendered":"Create Exact Copies of Active Directory Security Groups in a New Forest"},"content":{"rendered":"

 <\/p>\n

Summary<\/span><\/span><\/strong>: Guest Blogger Oliver Lipkau shows us how to create exact copies of Active Directory security groups in a new forest.<\/span><\/span><\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

Microsoft Scripting Guy Ed Wilson here. We have a guest blogger today: Oliver Lipkau. Here is Oliver’s scripting biography. <\/span><\/span><\/span><\/p>\n

I have been scripting for more than 10 years. I started with batch at the age of 13 by modifying the school’s computer. Today, my main scripting language is Windows PowerShell. It allows me to automate the majority of my routine management of servers and clients. My specializations are ADSI and WMI. I also code in vbs, ahk, html, js, batch, php, and asp. But Windows PowerShell is my favorite. My blog is <\/span><\/span>http:\/\/oliver.lipkau.net\/blog<\/span><\/a><\/span>. <\/span><\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

Do you know the kinds of tasks that look simple but turn out to be much trickier than you thought? Recently I was confronted with such a task. I was asked to write a script that would create exact copies of Active Directory security groups in a new forest.<\/span><\/span><\/span><\/p>\n

My first thought was that it would take me all of five minutes to finish the script. Because I had already written functions to query Active Directory for groups and users, as well as for manipulating group membership. <\/span><\/span><\/span>How wrong I was! As it turns out, adding a user to a domain local security group in a trusted forest is not as easy as I had thought.<\/span><\/span><\/span><\/p>\n

The first step<\/span><\/span><\/span>—<\/span><\/span>finding all the groups I need to re-create<\/span><\/span>—<\/span><\/span><\/span>is easy. To do this I query Active Directory like this:<\/span><\/span><\/span><\/span><\/p>\n

\n
$name<\/span> <\/span>=<\/span> “Test_Group” <\/p>\n

<\/span>$root<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectoryEntry(<\/span>“LDAP:\/\/RootDSE”<\/span>)<\/span>
<\/span>$searcher<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectorySearcher<\/span> <\/p>\n

<\/span>$searcher<\/span>.filter<\/span> <\/span>=<\/span> “(&(objectcategory=group)(|(sAMAccountName=$Name)(cn=$Name)(name=$Name)))” <\/p>\n

<\/span>$searcher<\/span>.FindAll()<\/span> <\/span>|<\/span> <\/span>Foreach-Object<\/span> <\/span>{<\/span>$_<\/span>.GetDirectoryEntry()}<\/span> <\/div>\n<\/blockquote>\n

Because this is something I might use more than once, why not make a nice function that can be used again? Also, being able to choose the search<\/strong> root might be a good idea because I will be working in two different domains (and forests). With this in mind, I refactored the above code into this function:<\/span><\/span><\/span><\/p>\n

\n
function<\/span> <\/span>Get-Group<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[string]<\/span>$name<\/span> <\/span>=<\/span> “*”<\/span>,<\/span>
        <\/span>[string]<\/span>$SearchRoot<\/span>
    <\/span>)<\/span> <\/p>\n

    <\/span>$root<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectoryEntry(<\/span>“LDAP:\/\/RootDSE”<\/span>)<\/span>
    <\/span>$searcher<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectorySearcher<\/span>
    
    <\/span>if<\/span> <\/span>(!(<\/span>$SearchRoot<\/span>))<\/span>
        <\/span>{<\/span>$SearchRoot<\/span>=<\/span>$root<\/span>.defaultNamingContext}<\/span>
    <\/span>$searcher<\/span>.SearchRoot<\/span> <\/span>=<\/span> “LDAP:\/\/$SearchRoot” <\/p>\n

    <\/span>$searcher<\/span>.filter<\/span> <\/span>=<\/span> “(&(objectcategory=group)(|(sAMAccountName=$Name)(cn=$Name)(name=$Name)))” <\/p>\n

    <\/span>$searcher<\/span>.FindAll()<\/span> <\/span>|<\/span> <\/span>Foreach-Object<\/span> <\/span>{<\/span>$_<\/span>.GetDirectoryEntry()}<\/span>
<\/span>}<\/span>
<\/span>Get-Group<\/span> “Test_Group”<\/span> <\/div>\n<\/blockquote>\n

\"Image<\/a><\/div>\n
 <\/div>\n

There we go! Now I need to create the equivalent group in the new forest. To do this I will use this function:<\/span><\/span><\/span><\/p>\n

\n
Function<\/span> <\/span>New-Group<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[string]<\/span>$Name<\/span>,<\/span>
        
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[string]<\/span>$ParentContainer<\/span>,<\/span>
        
        <\/span>[ValidateSet(<\/span>“Universal”<\/span>,<\/span>“Global”<\/span>,<\/span>“DomainLocal”<\/span>)]<\/span>
        <\/span>[string]<\/span>$GroupScope<\/span> <\/span>=<\/span> “Global”<\/span>,<\/span>
        
        <\/span>[ValidateSet(<\/span>“Security”<\/span>,<\/span>“Distribution”<\/span>)]<\/span>
        <\/span>[string]<\/span>$GroupType<\/span> <\/span>=<\/span> “Security”<\/span>,<\/span>
        
        <\/span>[string]<\/span>$Description<\/span> 
    <\/span>)<\/span>  <\/p>\n

    <\/span>switch<\/span> <\/span>(<\/span>$GroupScope<\/span>)<\/span>
    <\/span>{<\/span>
        “Global”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>2<\/span>}<\/span>
        “DomainLocal”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>4<\/span>}<\/span>
        “Universal”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>8<\/span>}<\/span>
    <\/span>}<\/span> <\/p>\n

    <\/span>#<\/span> <\/span>modify<\/span> <\/span>group<\/span> <\/span>type<\/span> <\/span>attribute<\/span> <\/span>if<\/span> <\/span>the<\/span> <\/span>group<\/span> <\/span>is<\/span> <\/span>security<\/span> <\/span>enabled<\/span>
    <\/span>if<\/span> <\/span>(<\/span>$GroupType<\/span> <\/span>-eq<\/span> ‘Security’<\/span>)<\/span>
        <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>$GroupTypeAttr<\/span> <\/span>-bor<\/span> <\/span>0x80000000}<\/span> <\/p>\n

    <\/span>$Parent<\/span> <\/span>=<\/span> <\/span>[adsi]<\/span>“LDAP:\/\/$ParentContainer”
    <\/span>$group<\/span> <\/span>=<\/span> <\/span>$Parent<\/span>.Create(<\/span>“group”<\/span>,<\/span>“CN=$Name”<\/span>)<\/span>
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“sAMAccountname”<\/span>,<\/span>$Name<\/span>)<\/span>
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“grouptype”<\/span>,<\/span>$GroupTypeAttr<\/span>)<\/span>
    
    <\/span>if<\/span> <\/span>(<\/span>$Description<\/span>)<\/span>
        <\/span>{<\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“description”<\/span>,<\/span>$Description<\/span>)}<\/span> 
    
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.SetInfo()<\/span>   
<\/span>}<\/span> <\/div>\n<\/blockquote>\n

Combining this function with the Get-Group<\/strong>, I can easily create the new group:<\/span><\/span><\/span><\/p>\n

\n
Get-Group<\/span> “Test_Group” <\/span>-SearchRoot<\/span> “ou=MyTest,dc=om,dc=net” <\/span>|<\/span>%<\/span> <\/span>{<\/span> <\/span>New-Group<\/span> <\/span>-Name<\/span> <\/span>$_<\/span>.cn<\/span> <\/span>-ParentContainer<\/span> “ou=MyTest,dc=tww832,dc=omtest1,dc=net” <\/span>-GroupScope<\/span> <\/span>DomainLocal<\/span> <\/span>-GroupType<\/span> <\/span>Security<\/span> <\/span>-Description<\/span> <\/span>$_<\/span>.description}<\/span> <\/div>\n<\/blockquote>\n

To make my life easier in the next steps, I will save this new group in a variable:<\/span><\/span><\/span><\/p>\n

\n
$newGroup<\/span> <\/span>=<\/span> <\/span>Get-Group<\/span> “Test_Group” <\/span>-SearchRoot<\/span> “ou=MyTest,dc=tww832,dc=omtest1,dc=net”<\/span> <\/div>\n<\/blockquote>\n

The next step will be to enumerate all the members in the original group. The members of a group are listed in the member<\/strong> property of the LDAP<\/strong> object. Knowing this means that I can show the list of members with this line:<\/span><\/span><\/span><\/p>\n

\n
(Get-Group<\/span> “Test_Group” <\/span>-SearchRoot<\/span> “ou=MyTest,dc=om,dc=net”<\/span>).member<\/span> <\/div>\n<\/blockquote>\n

<\/p>\n

\"Image<\/a><\/span><\/span><\/p>\n

<\/span><\/p>\n

The last thing I need to figure out is how to add the users in this list to the new group. Normally, the easiest way to add a user to a group is in this manner:<\/span><\/span><\/span><\/p>\n

\n
$user<\/span> <\/span>=<\/span> <\/span>[adsi]<\/span>“LDAP:\/\/cn=Oliver,ou=MyTest,dc=om,dc=net”
<\/span>$group<\/span> <\/span>=<\/span> <\/span>$newgroup<\/span>
<\/span>$Group<\/span>.add(<\/span>$user<\/span>.Path)<\/span> <\/div>\n<\/blockquote>\n

However, this will not work in this case because users from trusted domains are represented as ForeignSecurityPrincipals<\/strong> (FSPs). FSP objects only contain the user’s SID and are converted to a user<\/strong> object in the domain where the object resides. Executing the code above returns this error message:<\/span><\/span><\/span><\/p>\n

\"Image<\/a><\/span><\/p>\n

<\/span>One way to work around this problem is to add the users to the new group by their SID. To do this I will first have to get the object’s SID. I do this by using another function:<\/span><\/span><\/span><\/p>\n

\n
function<\/span> <\/span>Get-ObjectSID<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[adsi]<\/span>$object<\/span>
    <\/span>)<\/span> <\/p>\n

    <\/span>$objectSid<\/span> <\/span>=<\/span> <\/span>[byte[]]<\/span>$Object<\/span>.objectSid.value<\/span>
    <\/span>$sid<\/span> <\/span>=<\/span> <\/span>new-object<\/span> <\/span>System.Security.Principal.SecurityIdentifier<\/span> <\/span>$objectSid<\/span>,<\/span>0<\/span>
    <\/span>$sid<\/span>.value<\/span>
<\/span>}<\/span> <\/div>\n<\/blockquote>\n

When I have the SID, I can add the object to the new group. I must be careful because the syntax is slightly different when referencing the object by its SID:<\/span><\/span><\/span><\/p>\n

\n
$Group<\/span>.add(<\/span>“LDAP:\/\/<SID=$SID>”<\/span>)<\/span> <\/div>\n<\/blockquote>\n

So the line in the script to add the users looks like this:<\/span><\/span><\/span><\/p>\n

\n
(Get-Group<\/span> “Test_Group” <\/span>-SearchRoot<\/span> “ou=MyTest,dc=om,dc=net”<\/span>).member<\/span> <\/span>|<\/span> <\/span>Foreach-Object<\/span> <\/span>{<\/span>$SID<\/span> <\/span>=<\/span> <\/span>Get-ObjectSID<\/span> <\/span>([adsi]<\/span>“LDAP:\/\/$_”<\/span>)<\/span>;<\/span>$newGroup<\/span>.add(<\/span>“LDAP:\/\/<SID=$SID>”<\/span>)}<\/span> <\/div>\n<\/blockquote>\n

After running the script, we can take a look at both groups and see that both have the same members.<\/span><\/span><\/span><\/p>\n

\"Image<\/a><\/span><\/span><\/span><\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

\"Image<\/a><\/span><\/span><\/span><\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

\"Image<\/a><\/span><\/span><\/span><\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

The only thing left to do is to pull together all of these steps and allow the script to process multiple groups at once. This is shown here:<\/span><\/span><\/span><\/p>\n

\n
function<\/span> <\/span>Get-Group<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[string]<\/span>$name<\/span> <\/span>=<\/span> “*”<\/span>,<\/span>
        <\/span>[string]<\/span>$SearchRoot<\/span>
    <\/span>)<\/span> <\/p>\n

    <\/span>$root<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectoryEntry(<\/span>“LDAP:\/\/RootDSE”<\/span>)<\/span>
    <\/span>$searcher<\/span> <\/span>=<\/span> <\/span>New-Object<\/span> <\/span>System.DirectoryServices.DirectorySearcher<\/span>
    
    <\/span>if<\/span> <\/span>(!(<\/span>$SearchRoot<\/span>))<\/span>
        <\/span>{<\/span>$SearchRoot<\/span>=<\/span>$root<\/span>.defaultNamingContext}<\/span>
    <\/span>$searcher<\/span>.SearchRoot<\/span> <\/span>=<\/span> “LDAP:\/\/$SearchRoot” <\/p>\n

    <\/span>$searcher<\/span>.filter<\/span> <\/span>=<\/span> “(&(objectcategory=group)(|(sAMAccountName=$Name)(cn=$Name)(name=$Name)))” <\/p>\n

    <\/span>$searcher<\/span>.FindAll()<\/span> <\/span>|<\/span> <\/span>Foreach-Object<\/span> <\/span>{<\/span>$_<\/span>.GetDirectoryEntry()}<\/span>
<\/span>}<\/span> <\/p>\n

<\/span>Function<\/span> <\/span>New-Group<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[string]<\/span>$Name<\/span>,<\/span>
        
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[string]<\/span>$ParentContainer<\/span>,<\/span>
        
        <\/span>[ValidateSet(<\/span>“Universal”<\/span>,<\/span>“Global”<\/span>,<\/span>“DomainLocal”<\/span>)]<\/span>
        <\/span>[string]<\/span>$GroupScope<\/span> <\/span>=<\/span> “Global”<\/span>,<\/span>
        
        <\/span>[ValidateSet(<\/span>“Security”<\/span>,<\/span>“Distribution”<\/span>)]<\/span>
        <\/span>[string]<\/span>$GroupType<\/span> <\/span>=<\/span> “Security”<\/span>,<\/span>
        
        <\/span>[string]<\/span>$Description<\/span>
    <\/span>)<\/span>  <\/p>\n

    <\/span>switch<\/span> <\/span>(<\/span>$GroupScope<\/span>)<\/span>
    <\/span>{<\/span>
        “Global”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>2<\/span>}<\/span>
        “DomainLocal”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>4<\/span>}<\/span>
        “Universal”
            <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>8<\/span>}<\/span>
    <\/span>}<\/span> <\/p>\n

    <\/span>#<\/span> <\/span>modify<\/span> <\/span>group<\/span> <\/span>type<\/span> <\/span>attribute<\/span> <\/span>if<\/span> <\/span>the<\/span> <\/span>group<\/span> <\/span>is<\/span> <\/span>security<\/span> <\/span>enabled<\/span>
    <\/span>if<\/span> <\/span>(<\/span>$GroupType<\/span> <\/span>-eq<\/span> ‘Security’<\/span>)<\/span>
        <\/span>{<\/span>$GroupTypeAttr<\/span> <\/span>=<\/span> <\/span>$GroupTypeAttr<\/span> <\/span>-bor<\/span> <\/span>0x80000000}<\/span> <\/p>\n

    <\/span>$Parent<\/span> <\/span>=<\/span> <\/span>[adsi]<\/span>“LDAP:\/\/$ParentContainer”
    <\/span>$group<\/span> <\/span>=<\/span> <\/span>$Parent<\/span>.Create(<\/span>“group”<\/span>,<\/span>“CN=$Name”<\/span>)<\/span>
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“sAMAccountname”<\/span>,<\/span>$Name<\/span>)<\/span>
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“grouptype”<\/span>,<\/span>$GroupTypeAttr<\/span>)<\/span>
    
    <\/span>if<\/span> <\/span>(<\/span>$Description<\/span>)<\/span>
        <\/span>{<\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.put(<\/span>“description”<\/span>,<\/span>$Description<\/span>)}<\/span> 
    
    <\/span>$null<\/span> <\/span>=<\/span> <\/span>$group<\/span>.SetInfo()<\/span>   
<\/span>}<\/span> <\/p>\n

<\/span>function<\/span> <\/span>Get-ObjectSID<\/span>
<\/span>{<\/span>
    <\/span>param(<\/span>
        <\/span>[Parameter(mandatory<\/span>=<\/span>$true<\/span>)]<\/span>
        <\/span>[adsi]<\/span>$object<\/span>
    <\/span>)<\/span> <\/p>\n

    <\/span>$objectSid<\/span> <\/span>=<\/span> <\/span>[byte[]]<\/span>$Object<\/span>.objectSid.value<\/span>
    <\/span>$sid<\/span> <\/span>=<\/span> <\/span>new-object<\/span> <\/span>System.Security.Principal.SecurityIdentifier<\/span> <\/span>$objectSid<\/span>,<\/span>0<\/span>
    <\/span>$sid<\/span>.value<\/span>
<\/span>}<\/span> <\/p>\n

<\/span>$sourceOU<\/span> <\/span>=<\/span> “ou=groups,dc=olddomain,dc=oldforest,dc=com”
<\/span>$destinationOU<\/span> <\/span>=<\/span> “ou=groups,dc=newdomain,dc=newforest,dc=com” <\/p>\n

<\/span>foreach<\/span> <\/span>(<\/span>$group<\/span> <\/span>in<\/span> <\/span>Get-Group<\/span> <\/span>*<\/span> <\/span>-SearchRoot<\/span> <\/span>$sourceOU<\/span>)<\/span>
<\/span>{<\/span>
    “Processing: `t” <\/span>+<\/span> <\/span>$group<\/span>.cn<\/span> 
    <\/span>New-Group<\/span> <\/span>-Name<\/span> <\/span>$group<\/span>.cn<\/span> <\/span>-ParentContainer<\/span> <\/span>$destinationOU<\/span> <\/span>`<\/span>
    <\/span>-GroupScope<\/span> <\/span>DomainLocal<\/span> <\/span>-GroupType<\/span> <\/span>Security<\/span> <\/span>-Description<\/span> <\/span>$group<\/span>.description<\/span>
        
    <\/span>$newGroup<\/span> <\/span>=<\/span> <\/span>Get-Group<\/span> <\/span>$group<\/span>.cn<\/span> <\/span>-SearchRoot<\/span> “ou=groups,dc=newdomain,dc=newforest,dc=com” <\/p>\n

    <\/span>foreach<\/span> <\/span>(<\/span>$member<\/span> <\/span>in<\/span> <\/span>$group<\/span>.member)<\/span>
    <\/span>{<\/span>
        <\/span>$SID<\/span> <\/span>=<\/span> <\/span>Get-ObjectSID<\/span> <\/span>([adsi]<\/span>LDAP:\/\/$member<\/a><\/span>)<\/span>
        <\/span>$newGroup<\/span>.add(<\/span>“LDAP:\/\/<SID=$SID>”<\/span>)<\/span>
    <\/span>}<\/span>
<\/span>}<\/span> <\/div>\n<\/blockquote>\n

 <\/em>That is all for today. Many thanks to Oliver for sharing his script and knowledge. I hope you enjoyed it as much as I did. Tomorrow we will start a week of Splatting with James Brundage. <\/span><\/span><\/span><\/p>\n

We invite you to follow us on <\/span><\/span>Twitter<\/span><\/a> and <\/span>Facebook<\/span><\/a>. If you have any questions, send email to us at <\/span>scripter@microsoft.com<\/span><\/a>, or post your questions on the <\/span>Official Scripting Guys Forum<\/span><\/a><\/span>. See you tomorrow. Until then, peace.<\/span><\/span><\/p>\n

 <\/span><\/span><\/span><\/p>\n

Ed Wilson and Craig Liebendorfer, Scripting Guys<\/span><\/span><\/span><\/strong><\/p>\n

 <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

  Summary: Guest Blogger Oliver Lipkau shows us how to create exact copies of Active Directory security groups in a new forest.   Microsoft Scripting Guy Ed Wilson here. We have a guest blogger today: Oliver Lipkau. Here is Oliver’s scripting biography. I have been scripting for more than 10 years. I started with batch […]<\/p>\n","protected":false},"author":595,"featured_media":87096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[7,56,190,3,20,61,45],"class_list":["post-16791","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scripting","tag-active-directory","tag-guest-blogger","tag-oliver-lipkau","tag-scripting-guy","tag-user-accounts","tag-weekend-scripter","tag-windows-powershell"],"acf":[],"blog_post_summary":"

  Summary: Guest Blogger Oliver Lipkau shows us how to create exact copies of Active Directory security groups in a new forest.   Microsoft Scripting Guy Ed Wilson here. We have a guest blogger today: Oliver Lipkau. Here is Oliver’s scripting biography. I have been scripting for more than 10 years. I started with batch […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/16791","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/users\/595"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/comments?post=16791"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/16791\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media\/87096"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media?parent=16791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/categories?post=16791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/tags?post=16791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}