Kreloc/DangItBobby.ps1

## DangItBobby.ps1
Function Disable-NICBasedOnUser
{
    	<#
		.SYNOPSIS
			Disables the network adapter on remote computer based on inputted user name and computer filter.

		.DESCRIPTION
			Disabled the IP enabled network adapters on remote computers. Computers are found using Get-ADComputer and user accounts
            are verified against Active Directory.

		.PARAMETER UserName
			The SamAccountName of the user to find. Could also be any of three others accepted by the Identity Parameter of Get-ADUser.

        .PARAMETER ComputerName
            The computername or part of the computername to find. Uses Get-ADComputer with a Filter for SamAccountName, has wildcard placed at end as part of the function.
            DO NOT Add any wildcard syntax to this parameter, the function adds it at the approriate place. Do not use the parameter and it will search all of the
            enabled computers in your domain.


		.EXAMPLE
			Disabled-NICBasedOnUser -UserName "UserA" -ComputerName "MY-PREF"

			Will check to make sure UserA is a user in ActiveDirectory. If user is not, breaks out of the function at that point. If user is in AD,
            then searches AD for computers that are enabled and have a name starting with MY-PREF. It then loops thru each computer found, testing if it is online
            and then determining if the speicified user is logged onto that computer. It outputs this all into an array of objects.
            This array is then piped to the Disable-NetworkAdapter function, which disables all IP enabled adapters on the computers that were found
            to have the specified user logged on.

	#>
	[CmdletBinding()]
	param
	(
		[Parameter(Mandatory=$True,
		ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)]
		[string]$UserName,
        [Parameter(Mandatory=$False,
        ValueFromPipelinebyPropertyName=$True)]
        $ComputerName = ""
	)
	Begin
    {
        #Helper functions
        Function Disable-NetworkAdapter
        {
	        <#
		        .SYNOPSIS
			        Disables all active network adapters on remote computer.

		        .DESCRIPTION
			        Disables all active network adapters on remote computer using two Get-WMIObject calls.

		        .PARAMETER ComputerName
			        The name of the computer to disabled network adapters on.


		        .EXAMPLE
			        Disable-NetworkAdapter <ComputerName>

			        Disables active network adapters on the speicifed computer

		        .EXAMPLE
			        Get-Content computers.txt | Disable-NetworkAdapter

			        Disables the active network adapter(s) on each computer in the computer.txt file.

	        #>
	        [CmdletBinding()]
	        param
	        (
		        [Parameter(Mandatory=$True,
		        ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)]
		        [string]$ComputerName
	        )
	        Begin{}
	        Process
	        {
                Write-Verbose "Getting Network adapters that are enabled on $ComputerName"
                $EnabledNetworkAdapters = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled = TRUE" -ComputerName $ComputerName
                ForEach($Adapter in $EnabledNetworkAdapters)
                {
                    Write-Verbose "Disabling $($Adapter.Description) on $($ComputerName)"
                    (Get-WmiObject -Class win32_networkadapter -Filter "Index LIKE $($EnabledNetworkAdapters.Index)" -ComputerName $ComputerName).Disable
                }
	        }
	        End{}
        }
        Function Get-ActiveUser
        {
	        <#
		        .SYNOPSIS
			        This function gets the activer user on specified computer.

		        .DESCRIPTION
			        This function gets the activer user on specified computer as defined by the running explorer process on their system. Potentially may return
                    more than one user.

		        .PARAMETER ComputerName
			        The name of the computer to be used to determine the active user.

		        .EXAMPLE
			        Get-ActiveUser -ComputerName "THATPC"

		        .EXAMPLE
			        Get-Content computers.txt | Get-ActiveUser

		        .NOTES
			        Even though this function accepts computernames from the pipeline, it is best used to only determine one computer at a time, since there is no computername output at this time.
	        #>
	        [CmdletBinding()]
	        param
	        (
		        [Parameter(Mandatory=$False,
		        ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)][Alias('Name')]
		        $ComputerName = $env:COMPUTERNAME
	        )
	        PROCESS
	        {
                Write-Verbose "Attempting to get logged on users on $ComputerName"
		        ($uid = @(Get-WmiObject -class win32_process -ComputerName $ComputerName -filter "ExecutablePath like '%explorer.exe'" -EA "continue" | Foreach-Object {$_.GetOwner().User}  | Where-Object {$_ -ne "NETWORK SERVICE" -and $_ -ne "LOCAL SERVICE" -and $_ -ne "SYSTEM"} | Sort-Object -Unique))
		        If($uid -like "")
		        {
                    Write-Verbose "No users were found logged onto $ComputerName"
			        Write-Output "No user"
		        }
	        }
        }
#End Helper Functions
    }
	Process
	{
        $Results = @()
        $UserCheck = Get-ADUser -Identity $UserName
        If($UserCheck -eq $Null)
        {
            "$UserName was not found. Please verify this is the login id for the account"
            break
        }
        If($ComputerName -notlike "")
        {
            $Filter = "$ComputerName*"
        }
        else
        {
            $Filter = '*'
        }
        Write-Verbose "Filter is set as $Filter"
        $Computers = Get-ADComputer -Filter {Enabled -eq "true" -and SamAccountName -like $Filter}
        ForEach($Computer in $Computers.Name)
        {
            If(Test-Connection -ComputerName $Computer -Count 1 -Quiet)
            {
                $LoggedOnUsers = Get-ActiveUser -ComputerName $Computer
                If($LoggedOnUsers -notmatch "No Users")
                {
                    If($LoggedOnUsers -match $UserName)
                    {
                        $props = @{ComputerName = $Computer
                                   UserName = $UserName
                                   LoggedOn = $True
                                   Online = $True
                                    }
                        $FoundUser = New-Object -TypeName psobject -Property $props
                        $Results += $FoundUser
                    }
                    else
                    {
                        $props = @{ComputerName = $Computer
                                   UserName = $LoggedOnUsers
                                   LoggedOn = $False
                                   Online = $True
                                   }
                        $NotFoundUser = New-Object -TypeName psobject -Property $props
                        $Results += $NotFoundUser
                    }
                }
                else
                {
                    $props = @{ComputerName = $Computer
                               UserName = "No Users Logged on"
                               LoggedOn = $False
                               Online = $True
                    }
                    $NoUsers = New-Object -TypeName psobject -Property $props
                    $Results += $NoUsers
                }
            }
            else
            {
                $props = @{ComputerName = $Computer
                           UserName = "Unknown"
                           LoggedOn = "Unknown"
                           Online = $False
                }
                $OfflineComputers = New-Object -TypeName psobject -Property $props
                $Results += $OfflineComputers
            }
        }
        $RunDisable = $Results | Where {$_.LoggedOn -eq $True} | Disable-NetworkAdapter -Verbose
        $Results
	}
	End{}
}
	Function Disable-NICBasedOnUser
	{
	<#
	.SYNOPSIS
	Disables the network adapter on remote computer based on inputted user name and computer filter.

	.DESCRIPTION
	Disabled the IP enabled network adapters on remote computers. Computers are found using Get-ADComputer and user accounts
	are verified against Active Directory.

	.PARAMETER UserName
	The SamAccountName of the user to find. Could also be any of three others accepted by the Identity Parameter of Get-ADUser.

	.PARAMETER ComputerName
	The computername or part of the computername to find. Uses Get-ADComputer with a Filter for SamAccountName, has wildcard placed at end as part of the function.
	DO NOT Add any wildcard syntax to this parameter, the function adds it at the approriate place. Do not use the parameter and it will search all of the
	enabled computers in your domain.


	.EXAMPLE
	Disabled-NICBasedOnUser -UserName "UserA" -ComputerName "MY-PREF"

	Will check to make sure UserA is a user in ActiveDirectory. If user is not, breaks out of the function at that point. If user is in AD,
	then searches AD for computers that are enabled and have a name starting with MY-PREF. It then loops thru each computer found, testing if it is online
	and then determining if the speicified user is logged onto that computer. It outputs this all into an array of objects.
	This array is then piped to the Disable-NetworkAdapter function, which disables all IP enabled adapters on the computers that were found
	to have the specified user logged on.

	#>
	[CmdletBinding()]
	param
	(
	[Parameter(Mandatory=$True,
	ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)]
	[string]$UserName,
	[Parameter(Mandatory=$False,
	ValueFromPipelinebyPropertyName=$True)]
	$ComputerName = ""
	)
	Begin
	{
	#Helper functions
	Function Disable-NetworkAdapter
	{
	<#
	.SYNOPSIS
	Disables all active network adapters on remote computer.

	.DESCRIPTION
	Disables all active network adapters on remote computer using two Get-WMIObject calls.

	.PARAMETER ComputerName
	The name of the computer to disabled network adapters on.


	.EXAMPLE
	Disable-NetworkAdapter <ComputerName>

	Disables active network adapters on the speicifed computer

	.EXAMPLE
	Get-Content computers.txt \| Disable-NetworkAdapter

	Disables the active network adapter(s) on each computer in the computer.txt file.

	#>
	[CmdletBinding()]
	param
	(
	[Parameter(Mandatory=$True,
	ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)]
	[string]$ComputerName
	)
	Begin{}
	Process
	{
	Write-Verbose "Getting Network adapters that are enabled on $ComputerName"
	$EnabledNetworkAdapters = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled = TRUE" -ComputerName $ComputerName
	ForEach($Adapter in $EnabledNetworkAdapters)
	{
	Write-Verbose "Disabling $($Adapter.Description) on $($ComputerName)"
	(Get-WmiObject -Class win32_networkadapter -Filter "Index LIKE $($EnabledNetworkAdapters.Index)" -ComputerName $ComputerName).Disable
	}
	}
	End{}
	}
	Function Get-ActiveUser
	{
	<#
	.SYNOPSIS
	This function gets the activer user on specified computer.

	.DESCRIPTION
	This function gets the activer user on specified computer as defined by the running explorer process on their system. Potentially may return
	more than one user.

	.PARAMETER ComputerName
	The name of the computer to be used to determine the active user.

	.EXAMPLE
	Get-ActiveUser -ComputerName "THATPC"

	.EXAMPLE
	Get-Content computers.txt \| Get-ActiveUser

	.NOTES
	Even though this function accepts computernames from the pipeline, it is best used to only determine one computer at a time, since there is no computername output at this time.
	#>
	[CmdletBinding()]
	param
	(
	[Parameter(Mandatory=$False,
	ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)][Alias('Name')]
	$ComputerName = $env:COMPUTERNAME
	)
	PROCESS
	{
	Write-Verbose "Attempting to get logged on users on $ComputerName"
	($uid = @(Get-WmiObject -class win32_process -ComputerName $ComputerName -filter "ExecutablePath like '%explorer.exe'" -EA "continue" \| Foreach-Object {$_.GetOwner().User} \| Where-Object {$_ -ne "NETWORK SERVICE" -and $_ -ne "LOCAL SERVICE" -and $_ -ne "SYSTEM"} \| Sort-Object -Unique))
	If($uid -like "")
	{
	Write-Verbose "No users were found logged onto $ComputerName"
	Write-Output "No user"
	}
	}
	}
	#End Helper Functions
	}
	Process
	{
	$Results = @()
	$UserCheck = Get-ADUser -Identity $UserName
	If($UserCheck -eq $Null)
	{
	"$UserName was not found. Please verify this is the login id for the account"
	break
	}
	If($ComputerName -notlike "")
	{
	$Filter = "$ComputerName*"
	}
	else
	{
	$Filter = '*'
	}
	Write-Verbose "Filter is set as $Filter"
	$Computers = Get-ADComputer -Filter {Enabled -eq "true" -and SamAccountName -like $Filter}
	ForEach($Computer in $Computers.Name)
	{
	If(Test-Connection -ComputerName $Computer -Count 1 -Quiet)
	{
	$LoggedOnUsers = Get-ActiveUser -ComputerName $Computer
	If($LoggedOnUsers -notmatch "No Users")
	{
	If($LoggedOnUsers -match $UserName)
	{
	$props = @{ComputerName = $Computer
	UserName = $UserName
	LoggedOn = $True
	Online = $True
	}
	$FoundUser = New-Object -TypeName psobject -Property $props
	$Results += $FoundUser
	}
	else
	{
	$props = @{ComputerName = $Computer
	UserName = $LoggedOnUsers
	LoggedOn = $False
	Online = $True
	}
	$NotFoundUser = New-Object -TypeName psobject -Property $props
	$Results += $NotFoundUser
	}
	}
	else
	{
	$props = @{ComputerName = $Computer
	UserName = "No Users Logged on"
	LoggedOn = $False
	Online = $True
	}
	$NoUsers = New-Object -TypeName psobject -Property $props
	$Results += $NoUsers
	}
	}
	else
	{
	$props = @{ComputerName = $Computer
	UserName = "Unknown"
	LoggedOn = "Unknown"
	Online = $False
	}
	$OfflineComputers = New-Object -TypeName psobject -Property $props
	$Results += $OfflineComputers
	}
	}
	$RunDisable = $Results \| Where {$_.LoggedOn -eq $True} \| Disable-NetworkAdapter -Verbose
	$Results
	}
	End{}
	}