jnisbet
/
Password_Unlock
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Password_Unlock/UnlockScript.ps1

114 lines
3.8 KiB
PowerShell
Raw Permalink Blame History

Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
Add-Type -AssemblyName "microsoft.visualbasic" -ErrorAction Stop
#Links security groups to their corresponding OU Distinguished Names
$group_linked_ou = [PSCustomObject]@{
SecurityGroup1 = "OU=test,OU=test,OU=test Users,OU=test,OU=test,DC=test,DC=test"
SecurityGroup2 = "OU=test,OU=test,OU=test Users,OU=test,OU=test,DC=test,DC=test"
SecurityGroup3 = "OU=test,OU=test,OU=test Users,OU=test,OU=test,DC=test,DC=test"
}
#List of security groups taken from the object above
$group_keys = $group_linked_ou | ForEach-Object {$_.psobject.properties.name}
#Get current logged in user
$logged_in_user = Get-ADUser -Identity $env:username -Properties MemberOf
#Matches a list of groups against a users group memberships and returns an array of matches
Function filter_group_membership($user, $groups){
$group_list = [System.Collections.ArrayList]@()
foreach ($group in $groups)
{
foreach ($group_membership in $logged_in_user.MemberOf)
{
if($group_membership.Contains($group)){
[Void]$group_list.Add($group)
}
}
}
return $group_list
}
#From a list of OU distinguished names get a list of member users
Function list_ou_members ($ou_dns) {
$member_list = [System.Collections.ArrayList]@()
foreach($ou in $ou_dns) {
$users = Get-ADUser -Filter 'Enabled -eq $true' -SearchBase $ou | Select-Object SamAccountName
foreach($user in $users){
[Void]$member_list.Add($user.SamAccountName)
}
}
return $member_list
}
$unlock_group_membership = filter_group_membership -user $logged_in_user -groups $group_keys
#Get a list of OU distinguished names from the list of security groups the user is a member of (See group_linked_ou comment)
$ou_dn_list = [System.Collections.ArrayList]@()
foreach($group in $unlock_group_membership) {
$linked_ou = ($group_linked_ou).$group
[Void]$ou_dn_list.Add($linked_ou)
}
$users_to_unlock = list_ou_members -ou_dns $ou_dn_list
#GUI creation
$form = New-Object System.Windows.Forms.Form
$form.Text = 'Unlock Account'
$form.Size = New-Object System.Drawing.Size(400,200)
$form.StartPosition = 'CenterScreen'
$label = New-Object System.Windows.Forms.Label
$label.Location = New-Object System.Drawing.Point(55,20)
$label.Size = New-Object System.Drawing.Size(280,20)
$label.Text = 'Please select a staff member to unlock:'
$form.Controls.Add($label)
$listBox = New-Object System.Windows.Forms.ListBox
$listBox.Location = New-Object System.Drawing.Point(55,40)
$listBox.Size = New-Object System.Drawing.Size(260,20)
$listBox.Height = 80
$okButton = New-Object System.Windows.Forms.Button
$okButton.Location = New-Object System.Drawing.Point(145,120)
$okButton.Size = New-Object System.Drawing.Size(75,23)
$okButton.Text = 'OK'
$okButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$form.AcceptButton = $okButton
$form.Controls.Add($okButton)
# For each user create list box item
foreach ($user in $users_to_unlock){
[void] $listBox.Items.Add($user)
}
$form.Controls.Add($listBox)
$form.Topmost = $true
$result = $form.ShowDialog()
#Perform an unlock on the selected user when the OK button is clicked
if ($result -eq [System.Windows.Forms.DialogResult]::OK)
{
$selected_user = $listBox.SelectedItem
Try {
Unlock-ADAccount -Identity $selected_user
$message = "$selected_user unlocked successfully"
$button = "OKOnly"
$icon = "Information"
[microsoft.visualbasic.interaction]::Msgbox($message,"$button,$icon","Account Unlocked") | Out-Null
}
Catch {
$message = "Failed to unlock account for $selected_user"
$button = "OKOnly"
$icon = "Exclamation"
[microsoft.visualbasic.interaction]::Msgbox($message,"$button,$icon","Account Unlock Failed") | Out-Null
}
}
Reference in New Issue View Git Blame Copy Permalink