aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--AD-powershell-tools/README.md2
-rw-r--r--AD-powershell-tools/ad-bulk-reset.ps127
-rw-r--r--AD-powershell-tools/ad-user-report.ps118
-rw-r--r--AD-powershell-tools/bulk-disable.ps110
-rw-r--r--AD-powershell-tools/bulk-reactivate.ps19
-rw-r--r--AD-powershell-tools/bulk-reset.ps124
-rw-r--r--AD-powershell-tools/test-ad-credentials.ps147
-rw-r--r--discord/README.md10
-rwxr-xr-xdiscord/discord_alert.py48
9 files changed, 167 insertions, 28 deletions
diff --git a/AD-powershell-tools/README.md b/AD-powershell-tools/README.md
index 2b65598..97f35cd 100644
--- a/AD-powershell-tools/README.md
+++ b/AD-powershell-tools/README.md
@@ -1 +1 @@
-Some useful AD scripts I use
+Some AD convenience scripts
diff --git a/AD-powershell-tools/ad-bulk-reset.ps1 b/AD-powershell-tools/ad-bulk-reset.ps1
deleted file mode 100644
index aa16515..0000000
--- a/AD-powershell-tools/ad-bulk-reset.ps1
+++ /dev/null
@@ -1,27 +0,0 @@
-# Usage: ad-bulk-reset.ps1 <user-list-file>
-Import-Module ActiveDirectory
-
-function Gen-Random-Password {
- $str = ""
- for ($i = 0; $i -lt 24 ; $i++) {
- $rand = Get-Random -Minimum 32 -Maximum 127
- $str += [char]$rand
- }
- $newpwd = ConvertTo-SecureString -String [String]$str -AsPlainText -Force
- return $newpwd
-}
-
-# Import users from CSV
-$csv = Get-Content $args[0]
-
-ForEach ($user in $csv) {
- $newPassword = Gen-Random-Password
-
- # Reset user password.
- Set-ADAccountPassword -Identity $user -NewPassword $newPassword -Reset
-
- # Force user to reset password at next logon.
- # Remove this line if not needed for you
- #Set-AdUser -Identity $user -ChangePasswordAtLogon $true
- Write-Host $user"'s password has been reset"
-}
diff --git a/AD-powershell-tools/ad-user-report.ps1 b/AD-powershell-tools/ad-user-report.ps1
new file mode 100644
index 0000000..954a34a
--- /dev/null
+++ b/AD-powershell-tools/ad-user-report.ps1
@@ -0,0 +1,18 @@
+# Simple user report script
+param (
+ [switch]$report
+ )
+
+Import-Module ActiveDirectory
+
+$today=(get-date -Format "yyyy-MM-dd")
+$users = Get-ADUser -filter * | Sort-Object name
+
+if($report) {
+ $fn = "users-$today.csv"
+ $users | export-csv .\$fn
+ [Console]::Error.WriteLine("Saved result list to $fn")
+} else {
+ [Console]::Error.WriteLine("Writing device list to stdout")
+ write-output $users
+}
diff --git a/AD-powershell-tools/bulk-disable.ps1 b/AD-powershell-tools/bulk-disable.ps1
new file mode 100644
index 0000000..e1fd180
--- /dev/null
+++ b/AD-powershell-tools/bulk-disable.ps1
@@ -0,0 +1,10 @@
+# Import users from CSV and disable them
+
+Import-Module ActiveDirectory
+
+$csv = Get-Content $args[0]
+
+ForEach ($user in $csv) {
+ Disable-ADAccount -Identity $user
+ Write-Host $user"'s account has been fully disabled"
+}
diff --git a/AD-powershell-tools/bulk-reactivate.ps1 b/AD-powershell-tools/bulk-reactivate.ps1
new file mode 100644
index 0000000..e287aea
--- /dev/null
+++ b/AD-powershell-tools/bulk-reactivate.ps1
@@ -0,0 +1,9 @@
+Import-Module ActiveDirectory
+
+$csv = Get-Content $args[0]
+
+ForEach ($user in $csv) {
+ Enable-ADAccount -Identity $user
+
+ Write-Host $user"'s account has been re-enabled"
+}
diff --git a/AD-powershell-tools/bulk-reset.ps1 b/AD-powershell-tools/bulk-reset.ps1
new file mode 100644
index 0000000..e66aad6
--- /dev/null
+++ b/AD-powershell-tools/bulk-reset.ps1
@@ -0,0 +1,24 @@
+Import-Module ActiveDirectory
+
+function Gen-Random-Password {
+ $str = ""
+ for ($i = 0; $i -lt 24 ; $i++) {
+ $rand = Get-Random -Minimum 32 -Maximum 127
+ $str += [char]$rand
+ }
+ $newpwd = ConvertTo-SecureString -String [String]$str -AsPlainText -Force
+ return $newpwd
+}
+
+# Import users from CSV
+$csv = Get-Content $args[0]
+
+ForEach ($user in $csv) {
+ $newPassword = Gen-Random-Password
+
+ # Reset user password.
+ Set-ADAccountPassword -Identity $user -NewPassword $newPassword -Reset
+
+ Write-Host $user"'s password has been reset"
+ Write-Host $newPassword
+}
diff --git a/AD-powershell-tools/test-ad-credentials.ps1 b/AD-powershell-tools/test-ad-credentials.ps1
new file mode 100644
index 0000000..bd0ba84
--- /dev/null
+++ b/AD-powershell-tools/test-ad-credentials.ps1
@@ -0,0 +1,47 @@
+# Adapted from: https://itpro-tips.com/test-ad-authentication-with-powershell/
+# The interesting bit about this one is that it doesn't seem to get logged by AD,
+# so you won't end up with false positives from testing creds
+
+function Test-ADAuthentication {
+ Param(
+ [Parameter(Mandatory)]
+ [string]$User,
+ [Parameter(Mandatory)]
+ $Password,
+ [Parameter(Mandatory = $false)]
+ $Server,
+ [Parameter(Mandatory = $false)]
+ [string]$Domain = $env:USERDOMAIN
+ )
+
+ Add-Type -AssemblyName System.DirectoryServices.AccountManagement
+
+ $contextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain
+
+ $argumentList = New-Object -TypeName "System.Collections.ArrayList"
+ $null = $argumentList.Add($contextType)
+ $null = $argumentList.Add($Domain)
+
+ if($null -ne $Server){
+ $argumentList.Add($Server)
+ }
+
+ $principalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext -ArgumentList $argumentList -ErrorAction SilentlyContinue
+
+ if ($null -eq $principalContext) {
+ Write-Warning "$Domain\$User - AD Authentication failed"
+ }
+
+ if ($principalContext.ValidateCredentials($User, $Password)) {
+ Write-Output "$Domain\$User - AD Authentication OK"
+ }
+ else {
+ Write-Warning "$Domain\$User - AD Authentication failed"
+ }
+}
+
+$csv = Import-Csv $args[0]
+ForEach ($userpass in $csv) {
+ Test-ADAuthentication -User $userpass.user -Password $userpass.password
+}
+
diff --git a/discord/README.md b/discord/README.md
new file mode 100644
index 0000000..189bf7d
--- /dev/null
+++ b/discord/README.md
@@ -0,0 +1,10 @@
+Adapted from past discord alerts
+
+Example usage
+```bash
+$ echo "Test Alert!" | python discord_alert.py https://url
+```
+
+https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks
+
+Be sure to keep your discord webhook private!
diff --git a/discord/discord_alert.py b/discord/discord_alert.py
new file mode 100755
index 0000000..fc9542c
--- /dev/null
+++ b/discord/discord_alert.py
@@ -0,0 +1,48 @@
+#!/usr/bin/python3
+# Example usage
+# echo "Test Alert!" | python discord_alert.py https://url
+# https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks
+
+import sys
+import requests
+import argparse
+
+
+def send_update(name, msg, discord_webhook):
+ """ Send a push to discord webhook url"""
+ formatted = f"⚠️ ALERT {name}\n\n{msg}"
+ message = { 'content' : formatted }
+ sys.stderr.write("Sending request.... ")
+ r = requests.post(url=discord_webhook, data=message)
+ sys.stderr.write(f"{r.status_code}\n")
+
+def main():
+ parser = argparse.ArgumentParser()
+ parser.add_argument("-t", "--title", default="")
+ parser.add_argument("url")
+ args = parser.parse_args()
+
+ if not args.url:
+ sys.stderr.write("A webhook url is required\n")
+ sys.stderr.write("Usage:\n\n")
+ sys.stderr.write("python discord_alert.py [-t] <title> <url>\n")
+ sys.exit(1)
+
+ msg = ""
+ line = input()
+ while line:
+ msg += line
+ try:
+ line = input()
+ except EOFError:
+ break
+ send_update(args.title, msg, args.url)
+
+
+if __name__ == '__main__':
+ try:
+ main()
+ except KeyboardInterrupt:
+ sys.stderr.write("User stopped program\n")
+ sys.exit(0)
+