This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Enable-SystemVolumeBitLocker.ps1 | |
# Author: James Schlackman | |
# Last Modified: August 19 2021 | |
# Ensures the system drive is BitLocker encrypted with the recovery password backed | |
# up to Active Directory. | |
# Should be used in conjunction with GPOs set appropriately in | |
# Computer Configuration/Administrative Templates/Windows Components/BitLocker Drive Encryption | |
# https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-group-policy-settings |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Get-ExpiringPasswords.ps1 | |
# Author: James Schlackman | |
# Last Modified: Sep 28 2017 | |
# | |
# Checks all enables users in a given OU to see if their password is going to expire during | |
# a given date range. Exports a list of those affected. | |
# Useful for finding out who to remind about changing their password before long vacations. | |
# | |
Import-Module ActiveDirectory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Get-VulnerablePasswords.ps1 | |
# Author: James Schlackman | |
# Last Modified: Sep 28 2017 | |
# | |
# Checks a CSV of breached email addresses (e.g. from https://haveibeenpwned.com/) and checks if there | |
# is an enabled user in AD with a matching email address and password that is older than the reported date | |
# of the breach. | |
# | |
Import-Module ActiveDirectory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Email-AccountLockout.ps1 | |
# Author: James Schlackman | |
# Last Modified: June 14 2018 | |
# | |
# Automatically emails the appropriate help desk when a user's AD account is locked out. | |
# Runs on the Domain Controller with the PDC emulator role and triggered by a scheduled task | |
# attached to event ID 4740 in the Security event log. | |
param( | |
[string]$username |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Set-ComputerInfoFromAD.ps1 | |
# Author: James Schlackman | |
# Last Modified: Nov 21 2023 | |
# Gets the description attribute of the current computer object in AD and sets it as the local computer | |
# description, sets the registered user and organization according to the 'Managed By' attribute of | |
# the computer account, and optionally adds that user to the local Administrators group. | |
# Run this as a GPO computer startup script or scheduled task running as SYSTEM | |
# and it will automatically be run under the correct security context to be able to communicate with |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Sync-GSuite2SV-Users.ps1 | |
# ----------------------- | |
# Syncs the list of users currently enrolled in 2-step verification in G Suite with an AD group. | |
# Reading the user list from G Suite requires a working install of the GAM tool (https://github.com/jay0lee/GAM) | |
# User account used to run script must have write acess to the folder contianing g | |
# | |
# Author: James Schlackman | |
# | |
# V1.1 - 2017-10-30 - Write last sync time to group for diagnostics | |
# V1.0 - 2017-10-11 - First version |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Create-BulkRandomPasswords.ps1 | |
# Author: James Schlackman | |
# Last Modified: Nov 11 2017 | |
# | |
# Creates a text file containing a bulk number of passwords made up of a specified length of random | |
# alphanumerics and special characters. | |
$PassLength = 16 | |
$NumPasswords = 253 | |
$OutputPath = "BulkRandomPasswords.txt" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Name: Email-PasswordChange.ps1 | |
# Author: James Schlackman | |
# Last Modified: Oct 2 2023 | |
# | |
# Automatically emails a user to notify them that their AD password was changed. | |
# Should be configured to run on any non-RO Domain Controller, triggered by a scheduled task | |
# attached to the event ID 4724 (admin change) in the Security event log as well as: | |
# - event ID 4723 (user change) in the Security event log | |
# - OR events 10014 and 10015 in the AzureADPasswordProtection log (password for the specified user was validated | |
# as compliant) if Azure AD Password Protection is deployed for on-prem AD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Disable 'Automatically detect proxy settings' in Internet Explorer. | |
# Read connection settings from Internet Explorer. | |
$regKeyPath = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\" | |
$conSet = $(Get-ItemProperty $regKeyPath).DefaultConnectionSettings | |
# Index into DefaultConnectionSettings where the relevant flag resides. | |
$flagIndex = 8 | |
# Bit inside the relevant flag which indicates whether or not to enable automatically detect proxy settings. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
New-ADSyncRule ` | |
-Name 'In from AD - Use msDS-cloudExtensionAttribute1 instead of msExchHideFromAddressLists' ` | |
-Identifier '57244c63-9b0d-45bc-a107-3a35b427037d' ` | |
-Description 'Check msDS-cloudExtensionAttribute1 attribute for the word "hidden" and use that to set msExchHideFromAddressLists, since the msExchHideFromAddressLists is not present in AD' ` | |
-Direction 'Inbound' ` | |
-Precedence 50 ` | |
-PrecedenceAfter '00000000-0000-0000-0000-000000000000' ` | |
-PrecedenceBefore '00000000-0000-0000-0000-000000000000' ` | |
-SourceObjectType 'user' ` | |
-TargetObjectType 'person' ` |
OlderNewer