James Schlackman jschlackman
jschlackman
/ Enable-SystemVolumeBitLocker.ps1
Last active
August 19, 2021 21:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Enable-SystemVolumeBitLocker.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: August 19 2021 | |
| # Ensures the system drive is BitLocker encrypted with the recovery password backed | |
| # up to Active Directory. | |
| # Should be used in conjunction with GPOs set appropriately in | |
| # Computer Configuration/Administrative Templates/Windows Components/BitLocker Drive Encryption | |
| # https://docs.microsoft.com/en-us/windows/device-security/bitlocker/bitlocker-group-policy-settings |
jschlackman
/ Get-ExpiringPasswords.ps1
Last active
September 28, 2017 16:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Get-ExpiringPasswords.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: Sep 28 2017 | |
| # | |
| # Checks all enables users in a given OU to see if their password is going to expire during | |
| # a given date range. Exports a list of those affected. | |
| # Useful for finding out who to remind about changing their password before long vacations. | |
| # | |
| Import-Module ActiveDirectory |
jschlackman
/ Get-VulnerablePasswords.ps1
Last active
September 28, 2017 16:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Get-VulnerablePasswords.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: Sep 28 2017 | |
| # | |
| # Checks a CSV of breached email addresses (e.g. from https://haveibeenpwned.com/) and checks if there | |
| # is an enabled user in AD with a matching email address and password that is older than the reported date | |
| # of the breach. | |
| # | |
| Import-Module ActiveDirectory |
jschlackman
/ Email-AccountLockout.ps1
Last active
February 16, 2022 20:28
Automatically email the appropriate help desk when a user's AD account is locked out.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Email-AccountLockout.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: June 14 2018 | |
| # | |
| # Automatically emails the appropriate help desk when a user's AD account is locked out. | |
| # Runs on the Domain Controller with the PDC emulator role and triggered by a scheduled task | |
| # attached to event ID 4740 in the Security event log. | |
| param( | |
| [string]$username |
jschlackman
/ Set-ComputerInfoFromAD.ps1
Last active
November 21, 2023 17:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Set-ComputerInfoFromAD.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: Nov 21 2023 | |
| # Gets the description attribute of the current computer object in AD and sets it as the local computer | |
| # description, sets the registered user and organization according to the 'Managed By' attribute of | |
| # the computer account, and optionally adds that user to the local Administrators group. | |
| # Run this as a GPO computer startup script or scheduled task running as SYSTEM | |
| # and it will automatically be run under the correct security context to be able to communicate with |
jschlackman
/ Sync-GSuite2SV-Users.ps1
Last active
October 30, 2017 18:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Sync-GSuite2SV-Users.ps1 | |
| # ----------------------- | |
| # Syncs the list of users currently enrolled in 2-step verification in G Suite with an AD group. | |
| # Reading the user list from G Suite requires a working install of the GAM tool (https://github.com/jay0lee/GAM) | |
| # User account used to run script must have write acess to the folder contianing g | |
| # | |
| # Author: James Schlackman | |
| # | |
| # V1.1 - 2017-10-30 - Write last sync time to group for diagnostics | |
| # V1.0 - 2017-10-11 - First version |
jschlackman
/ Create-BulkRandomPasswords.ps1
Created
November 29, 2017 15:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Create-BulkRandomPasswords.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: Nov 11 2017 | |
| # | |
| # Creates a text file containing a bulk number of passwords made up of a specified length of random | |
| # alphanumerics and special characters. | |
| $PassLength = 16 | |
| $NumPasswords = 253 | |
| $OutputPath = "BulkRandomPasswords.txt" |
jschlackman
/ Email-PasswordChange.ps1
Last active
October 2, 2023 21:43
Automatically emails a user to notify them that their AD password was changed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name: Email-PasswordChange.ps1 | |
| # Author: James Schlackman | |
| # Last Modified: Oct 2 2023 | |
| # | |
| # Automatically emails a user to notify them that their AD password was changed. | |
| # Should be configured to run on any non-RO Domain Controller, triggered by a scheduled task | |
| # attached to the event ID 4724 (admin change) in the Security event log as well as: | |
| # - event ID 4723 (user change) in the Security event log | |
| # - OR events 10014 and 10015 in the AzureADPasswordProtection log (password for the specified user was validated | |
| # as compliant) if Azure AD Password Protection is deployed for on-prem AD |
jschlackman
/ Disable-AutomaticallyDetectSettings.ps1
Last active
September 5, 2018 20:18
— forked from ReubenBond/Disable-AutomaticallyDetectSettings.ps1
Disable 'Automatically detect settings' in Internet Explorer's proxy settings dialog.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Disable 'Automatically detect proxy settings' in Internet Explorer. | |
| # Read connection settings from Internet Explorer. | |
| $regKeyPath = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\" | |
| $conSet = $(Get-ItemProperty $regKeyPath).DefaultConnectionSettings | |
| # Index into DefaultConnectionSettings where the relevant flag resides. | |
| $flagIndex = 8 | |
| # Bit inside the relevant flag which indicates whether or not to enable automatically detect proxy settings. |
jschlackman
/ AADConnect-HideFromDLUsingExtensionAttr.ps1
Last active
September 7, 2018 15:54
For organizations that use Azure AD Connect but have never had on-premises Exchange, check msDS-cloudExtensionAttribute1 attribute for the word "hidden" and use that to set msExchHideFromAddressLists in Azure, since the msExchHideFromAddressLists is not present in AD.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| New-ADSyncRule ` | |
| -Name 'In from AD - Use msDS-cloudExtensionAttribute1 instead of msExchHideFromAddressLists' ` | |
| -Identifier '57244c63-9b0d-45bc-a107-3a35b427037d' ` | |
| -Description 'Check msDS-cloudExtensionAttribute1 attribute for the word "hidden" and use that to set msExchHideFromAddressLists, since the msExchHideFromAddressLists is not present in AD' ` | |
| -Direction 'Inbound' ` | |
| -Precedence 50 ` | |
| -PrecedenceAfter '00000000-0000-0000-0000-000000000000' ` | |
| -PrecedenceBefore '00000000-0000-0000-0000-000000000000' ` | |
| -SourceObjectType 'user' ` | |
| -TargetObjectType 'person' ` |
OlderNewer