Upload files to "/"
This commit is contained in:
parent
b8fcca01a5
commit
65a94ebc5b
1
Disable-FastBoot.bat
Normal file
1
Disable-FastBoot.bat
Normal file
@ -0,0 +1 @@
|
|||||||
|
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Power" /v HiberbootEnabled /t REG_DWORD /d "0" /f
|
||||||
2
Disable-Hibernation.bat
Normal file
2
Disable-Hibernation.bat
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power" /v HibernateEnabled /t REG_DWORD /d "0" /f
|
||||||
|
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power" /v HibernateEnabledDefault /t REG_DWORD /d "0" /f
|
||||||
26
Disable-OldComputers.ps1
Normal file
26
Disable-OldComputers.ps1
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# Disables Active directory Computers that have not been logged into for a given amount of days and saves a report to a given file path.
|
||||||
|
|
||||||
|
$threashold = -180 # Negative Integer, the age threshold of accounts that any older will be disabled.
|
||||||
|
$logPath = "C:\Logs" # String, the file path for the log to be saved to. If it does not exist it will be created.
|
||||||
|
|
||||||
|
$date = Get-Date -Format yyyy-MM-dd
|
||||||
|
$age = (Get-Date).AddDays($threashold)
|
||||||
|
|
||||||
|
$DomainCheck = Get-CimInstance -ClassName Win32_OperatingSystem
|
||||||
|
if ($DomainCheck.ProductType -ne "2") { Write-Host "Not a domain controller. Soft exiting." ; exit 0 }
|
||||||
|
|
||||||
|
New-Item -ItemType Directory -Force -Path $logPath
|
||||||
|
|
||||||
|
$OldComputers = Get-ADComputer -Filter * -properties Name,DNSHostName,SamAccountName,Enabled,WhenCreated,LastLogonDate,operatingsystem,isCriticalSystemObject | Select-Object Name,DNSHostName,SamAccountName,Enabled,WhenCreated,LastLogonDate,operatingsystem,isCriticalSystemObject | Where-Object {$_.LastLogonDate -lt $age} | Where-Object { $_.Enabled -eq $True} | Where-Object {$_.operatingsystem -notlike "*server*"} | Where-Object {$_.isCriticalSystemObject -eq $false} | Where-Object { $_.WhenCreated -lt ((Get-Date).AddDays(-14))}
|
||||||
|
|
||||||
|
foreach ($computer in $OldComputers){Set-ADComputer -Identity $computer.SamAccountName -Enabled $false}
|
||||||
|
|
||||||
|
$OldComputers | ConvertTo-html -Property Name, DNSHostName, SamAccountName, WhenCreated, LastLogonDate | Out-File $logPath\$date-OldComputers.html
|
||||||
|
|
||||||
|
if (!$OldComputers) {Write-Host "No Computer Accounts Disabled"; exit 0}
|
||||||
|
else {Write-Host "User Computer found that have not logged on for 180 days have been disabled. Pleased see log on Device to see details: $logPath"
|
||||||
|
if ($Host.Version.Major -gt 4){foreach ($message in $OldComputers){Write-Host $message}}
|
||||||
|
elseif ($Host.Version.Major -lt 5){foreach ($message in $OldComputers){$message}}
|
||||||
|
else {foreach ($message in $OldComputers){Write-Host $message}}
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
30
Disable-OldUsers.ps1
Normal file
30
Disable-OldUsers.ps1
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
# Disables Active directory Users that have not been logged into for a given amount of days and saves a report to a given file path.
|
||||||
|
|
||||||
|
$threashold = -180 # Negative Integer, the age threshold of accounts that any older will be disabled.
|
||||||
|
$logPath = "C:\Logs" # String, the file path for the log to be saved to. If it does not exist it will be created.
|
||||||
|
|
||||||
|
$date = Get-Date -Format yyyy-MM-dd
|
||||||
|
$age = (Get-Date).AddDays($threashold)
|
||||||
|
|
||||||
|
$DomainCheck = Get-CimInstance -ClassName Win32_OperatingSystem
|
||||||
|
if ($DomainCheck.ProductType -ne "2") { Write-Host "Not a domain controller. Soft exiting." ; exit 0 }
|
||||||
|
|
||||||
|
$blacklistU = @(
|
||||||
|
"Administrator"
|
||||||
|
)
|
||||||
|
|
||||||
|
New-Item -ItemType Directory -Force -Path $logPath
|
||||||
|
|
||||||
|
$OldUsers = Get-ADuser -Filter * -properties Name, UserPrincipalName, SamAccountName, Enabled, WhenCreated, LastLogonDate, msDS-LastSuccessfulInteractiveLogonTime | Select-Object Name, UserPrincipalName, SamAccountName, Enabled, WhenCreated, LastLogonDate, msDS-LastSuccessfulInteractiveLogonTime | Where-Object { $_.LastLogonDate -lt $age } | Where-Object { $_.Enabled -eq $True}| Where-Object { $_.UserPrincipalName -ne $null} | Where-Object { $_.Name -notin $blacklistU} | Where-Object { $_.SamAccountName -notin $blacklistU} | Where-Object { $_.WhenCreated -lt ((Get-Date).AddDays(-14))}
|
||||||
|
|
||||||
|
foreach ($user in $OldUsers){Set-ADUser -Identity $user.SamAccountName -Enabled $false}
|
||||||
|
|
||||||
|
$OldUsers | ConvertTo-html -Property Name, UserPrincipalName, SamAccountName, WhenCreated, LastLogonDate | Out-File $logPath\$date-OldUsers.html
|
||||||
|
|
||||||
|
if (!$OldUsers) {Write-Host "No Users Accounts Disabled"; exit 0}
|
||||||
|
else {Write-Host "User accounts found that have not logged on for 180 days have been disabled. Pleased see log on Device to see details: $logPath"
|
||||||
|
if ($Host.Version.Major -gt 4){foreach ($message in $OldUsers){Write-Host $message}}
|
||||||
|
elseif ($Host.Version.Major -lt 5){foreach ($message in $OldUsers){$message}}
|
||||||
|
else {foreach ($message in $OldUsers){Write-Host $message}}
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
4
Enable-ADRecycleBin.ps1
Normal file
4
Enable-ADRecycleBin.ps1
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# Enables the Active Directory Recycle Bin Feature.
|
||||||
|
|
||||||
|
Enable-ADOptionalFeature -Confirm -Identity 'Recycle Bin Feature' -Scope 'ForestOrConfigurationSet' -Target (Get-ADDomain).Forest -Server ((HOSTNAME) + "." + (Get-ADDomain).Forest)
|
||||||
|
Enable-ADOptionalFeature "Recycle Bin Feature" -server ((Get-ADForest -Current LocalComputer).DomainNamingMaster) -Scope ForestOrConfigurationSet -Target (Get-ADForest -Current LocalComputer)
|
||||||
Loading…
x
Reference in New Issue
Block a user