NEW PAGE!! WOOP WOOP! As you can see this page is dedicated to automating certain parts of my job. This’ll be quite a slow process. So sit back, grab a snack and relax.
More Custom, Auto-Loading PowerShell Scripts
Once again, this update is simply a link to a blog post on the topic of the udpate.
Please find the link here!
My Custom, Auto-Loading PowerShell Scripts
[10/05/2017]
Much like the last one I have done the blog so now I am just doing my best to file and sort everything as best as I can.
You can find he information on this by following the link here!
Custom PowerShell Environment For Easier Administration
[02/05/2017]
This page update is very simple, just a link to a blog I posted the other day.
Custom PowerShell Environment and Modules
I wanted to update this section with a blog as this definitely automates some of my job, so this is where it belongs. Enjoy!
Active Directory User Account Password Resetting
[18/04/2017]
I made this one quite comprehensive so it is a little long. What this script is used for is when I get a job that requires 15 people having their Domain user account password reset. I often have to enable and unlock the account as well so I have incorporated that into the script as well.
I also wanted to make the script as safe as possible since I would be using it on a live system. What I mean by that is that it checks to make sure it can find the users before attempting to reset the password and also checks the location as to where it will be outputting the file with the newly created password to.
I ran into a bunch of issues with how AD (Active Directory) and PowerShell handle passwords. I’ll break it down first and then leave a link as to where you can download the entire thing. Before you say it. YES it could be shorter but like I said, I wanted it to be as safe and comprehensive as possible
function getlistofusernames{ Get-AdUser -Filter {enabled -eq $true} | select name, samaccountname | sort name | ogv } Clear-Host do {$doyouwantusernames = Read-Host "Do you want a list of the usernames? Y or N"} while (("y","n") -notcontains $doyouwantusernames) if ($doyouwantusernames -eq "y"){ getlistofusernames }else{}
This is the first function in the script along with the other relevant parts for. It should be contained in the overall function within the script. What this does is it gets information on the users in the Domain. It then asks the user whether they want to see this or not. It is purely for referencing usernames.
$locationtostorepasswords = ("c:\password resets $(get-date -f dd-MM-yyyy)") $testingpath = Test-Path -Path $locationtostorepasswords if (!$testingpath){ $locationtostorepasswords = New-Item -Name ("password resets $(Get-Date -f dd-MM-yyyy)") -ItemType directory -Path c:\ }
This part of the code designates a place as to where the new password information will be output to.
$datetimestampforfile = get-date -Format dd.MM.yyyy [string]$initialpassword = ([char[]](get-random -Input $(47..57 + 65..90 + 97..122) -Count 8)) + (get-random -Minimum 0 -Maximum 10) $passwordwithspacesremoved = $initialpassword.Replace(' ','') $convertedpassword = ConvertTo-SecureString -AsPlainText $passwordwithspacesremoved -Force $usernamestohash = Get-ADUser -Filter {enabled -eq $true} | select name, samaccountname $usernamefromhash = $usernamestohash.samaccountname do{$usernameinput = Read-Host "What USERNAME do you want to reset the password for?"} while ($usernamefromhash -notcontains $usernameinput) Set-ADAccountPassword -Identity $usernameinput -Reset -NewPassword $convertedpassword -PassThru | Enable-ADAccount | Unlock-ADAccount New-Item -Name "$usernameinput.txt" -Path $locationtostorepasswords -ItemType file -Value "$usernameinput $passwordwithspacesremoved" -Force
This is the largest and most complicated part of the script. What this does is :
- Gets a formatted date and time for the file
- Generates a password
- Removes the spaces from the password
- Converts the password to a secure string
- Gets list of all usernames in the Domain
- Asks user for a username to reset the password for
- Checks the user inputted username to validate its existence in the Domain
- Set the new password the the user
- Enables the account
- Unlocks the account
- Creates a new item with the username as the name of the file and the new password as the value.
function resetanotheruser { do {$resetanotheruserquestion = Read-Host "do you want to reset another user? Y or N"} while (("y","n") -notcontains $resetanotheruserquestion) if ($resetanotheruserquestion -eq "y"){ overallresetfunction }else{ exit } } resetanotheruser
Finally, this function simply asks if you wants to reset another user. If yes then it restarts the overallresetfunction and if no then it will exit.
As promised, the entire script can be downloaded from here. Enjoy!