-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlabadmin-rotatepass.ps1
101 lines (80 loc) · 3.35 KB
/
labadmin-rotatepass.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
#Requires -RunAsAdministrator
<#
.SYNOPSIS
Rotate user password according rule
.PARAMETER userName
Username account to rotate
.PARAMETER show
Show schedule job info rotation for userName account
.PARAMETER disable
Disable schedule job rotation for userName account
.PARAMETER enable
Enable schedule job rotation for userName account
.PARAMETER register
Register schedule job rotation for userName account
.PARAMETER unregister
Unregister schedule job rotation for userName account
.NOTES
File Name: labadmin-rotatepass.ps1
Author : Leonardo Marco
#>
Param(
[parameter(Mandatory=$true, Position=0)]
[String]$userName,
[Switch]$show,
[Switch]$disable,
[Switch]$enable,
[Switch]$register,
[Switch]$unregister
)
# CONFIG VARIABLES
$scheduledJobName="labadmin-rotatepass"
function rotatePassword {
$d=(Get-Date).toString("yyyyMMdd")
$f1="q","w","e","r","t","y","u","i","o","p"
$f2="a","s","d","f","g","h","j","k","l","ñ"
$f3="z","x","c","v","b","n","m",",",".","-"
$p=$f1[[System.Int32]::Parse($d[0])-1]+$f1[[System.Int32]::Parse($d[1])-1]+$f1[[System.Int32]::Parse($d[2])-1]+$f1[[System.Int32]::Parse($d[3])-1]+$f2[[System.Int32]::Parse($d[4])-1]+$f2[[System.Int32]::Parse($d[5])-1]+$f3[[System.Int32]::Parse($d[6])-1]+$f3[[System.Int32]::Parse($d[7])-1]
$ss=$p|ConvertTo-SecureString -AsPlainText -Force
Set-LocalUser -Name $userName -Password $ss
}
function show {
Write-Output "Scheduled job $scheduledJobName for user ${userName}:"
$job=Get-ScheduledJob -name $scheduledJobName -ErrorAction SilentlyContinue
if(!$job) { Write-Output "No scheduled job for $scheduledJobName"; exit 1 }
$job
$job | Format-List -Property Id,Command,Enabled
$job.options
}
function disable {
Write-Output "Disabling scheduled job $scheduledJobName for user $userName ..."
$job=Get-ScheduledJob -name $scheduledJobName -ErrorAction SilentlyContinue
if(!$job) { Write-Output "No scheduled job for $scheduledJobName"; exit 1 }
Disable-ScheduledJob $job.Id -ErrorAction Stop
$job
}
function enable {
Write-Output "Enabling scheduled job $scheduledJobName for user $userName ..."
$job=Get-ScheduledJob -name $scheduledJobName -ErrorAction SilentlyContinue
if(!$job) { Write-Output "No scheduled job for $scheduledJobName"; exit 1 }
Enable-ScheduledJob $job.Id -ErrorAction Stop
$job
}
function register {
Write-Output "Registering scheduled job $scheduledJobName for user $userName .."
Unregister-ScheduledJob $scheduledJobName -ErrorAction SilentlyContinue
Register-ScheduledJob -Name $scheduledJobName -FilePath ${PSCommandPath} -ArgumentList @("${userName}") -Trigger (New-JobTrigger -AtStartup) -ScheduledJobOption (New-ScheduledJobOption -RunElevated)
}
function unregister {
Write-Output "Unregistering scheduled job $scheduledJobName for user $userName .."
$job=Get-ScheduledJob -name $scheduledJobName -ErrorAction SilentlyContinue
if(!$job) { Write-Output "No scheduled job for $scheduledJobName"; exit 1 }
Unregister-ScheduledJob $scheduledJobName
}
if($register -OR $unregister -OR $enable -OR $disable -OR $show) { if([Environment]::UserName -ne $userName) { Write-Error "Exec as user: $userName"; exit 1 } }
if($register) { register }
elseif($unregister) { unregister }
elseif($enable) { enable }
elseif($disable) { disable }
elseif($show) { show }
else { rotatePassword }