This is a great thread and thanks for the ideas. One thing I noted is that often the token list is used for comparison to a group objectSID. This being the case, and that arrays are difficult to compare, I rewrote the udfs to produce strings and not arrays. This way you can simply do a single conversion, and compare the HEX strings instead of having to convert all the way to the standard SID format before comparison.

I've included the full script which uses the new "string" routines. This *should* run "As Is":

 Code:
$ADS_NAME_TYPE_NT4 = 3
$ADS_NAME_TYPE_1779 = 1

$rootDSE = GetObject("LDAP://RootDSE")
$DomainContainer = $rootDSE.Get("defaultNamingContext")
$DomainShortName = Split(Split($DomainContainer,",")[0],"=")[1]
$CurrentUser = @USERID
$NameTrans = CreateObject("nametranslate")
$NameTrans.set($ADS_NAME_TYPE_NT4, $DomainShortName + "\" + $CurrentUser)
$DN = $NameTrans.get($ADS_NAME_TYPE_1779)
$oUser = GetObject("LDAP://" + $DN)
$oUser.GetInfo
$arrTG = "tokengroups",""
$oUser.GetInfoEx($arrTG, 0)
$GroupList = $oUser.GetEx("tokengroups")

? "" + (ubound($GroupList)+1) + " entries returned"
?"Listing groups"?
For $i = 0 to ubound($GroupList)
	$hexSID = OctetToHexStr($GroupList[$i])
	$sSID = HexSID2DecString($hexSID)
	$bindSID = "LDAP://<SID=" + $sSID + ">"
	$oObject = GetObject($bindSID)
	if not @ERROR
		$Pad = ""
		if len($sSID) < 47
			for $j = 1 to (47 - len($sSID))
				$Pad = $Pad + " "
			Next
		endif
		$CN = $oObject.Get("cn")
		? $sSID + " " + $Pad + $CN
	endif
Next
?
Exit 0

Function HexSID2DecString($sSID)
	; Convert a Hex string SID to the Decimal String representation
	; S-1-5-21-....
	Dim $i, $j, $arrbytSID[], $lngTemp
	
	ReDim $arrbytSID[(Len($sSID)/2) - 1]
	For $j = 0 To UBound($arrbytSID)
		$arrbytSID[$j] = Val("&" + Substr($sSID, (2 * $j) + 1, 2))
	Next
	
	$HexSID2DecString = "S-" + CStr($arrbytSID[0]) + "-" + CStr($arrbytSID[1]) + "-" + CStr($arrbytSID[8])
	For $i = 12 To UBound($arrbytSID) Step 4
		$lngTemp = CDbl($arrbytSID[$i + 3])
		$lngTemp = $lngTemp * 256 + CDbl($arrbytSID[$i + 2])
		$lngTemp = $lngTemp * 256 + CDbl($arrbytSID[$i + 1])
		$lngTemp = $lngTemp * 256 + CDbl($arrbytSID[$i])
		$HexSID2DecString = $HexSID2DecString + "-" + CStr($lngTemp)
	Next

EndFunction

Function OctetToHexStr($abBytes)
	; Convert the SID byte array to a HEX
	; string representation of the SID
	;
	; Uses ADO.Stream for data type conversion
	; because kiXtart can't handle typed arrays
	
	Dim $oStream,$adTypeBinary,$i

	$adTypeBinary = 1
	$oStream = CreateObject("ADODB.Stream")

	If @ERROR 
		? "error creating stream"
		Exit @ERROR
	EndIf
	$oStream.Type = $adTypeBinary
	$oStream.Open

	$oStream.Write($abBytes)
	$oStream.Position=0
	
	$OctetToHexStr = ""
	For $i = 0 To $oStream.size - 1
		$OctetToHexStr = $OctetToHexStr + Right("0" + CStr(DecToHex(CDbl(Asc($oStream.Read(1))))),2)
	Next

	$oStream=0
EndFunction



Edited by Mart (2014-10-23 04:30 PM)
Edit Reason: Please use code tags when posting code.
_________________________
Tim

Life is pleasant, death is peacful.
It's the transition that's troublesome.
-- Isaac Azimov