#------------------------------------------------------------------------ # Source File Information (DO NOT MODIFY) # Source ID: 499d8b08-e18a-4339-84bd-a0b09799b4c4 # Source File: ADUserForm.psf #------------------------------------------------------------------------ <# .NOTES -------------------------------------------------------------------------------- Code generated by: SAPIEN Technologies, Inc., PowerShell Studio 2014 v4.1.62 Generated on: 6/18/2014 3:35 PM Generated by: David Organization: SAPIEN Technologies, Inc. -------------------------------------------------------------------------------- .DESCRIPTION GUI script generated by PowerShell Studio 2014 #> #---------------------------------------------- #region Application Functions #---------------------------------------------- function OnApplicationLoad { #TODO: Add custom code to validate application load #TODO: Add Snapins here return $true #return true for success or false for failure } function OnApplicationExit { #TODO: Add custom code clean up on application exit } #endregion Application Functions #---------------------------------------------- # Generated Form Function #---------------------------------------------- function Call-ADUserForm_psf { #---------------------------------------------- #region Import the Assemblies #---------------------------------------------- [void][reflection.assembly]::Load('mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a') [void][reflection.assembly]::Load('System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a') [void][reflection.assembly]::Load('System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089') [void][reflection.assembly]::Load('System.ServiceProcess, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a') #endregion Import Assemblies #---------------------------------------------- #region Generated Form Objects #---------------------------------------------- [System.Windows.Forms.Application]::EnableVisualStyles() $form1 = New-Object 'System.Windows.Forms.Form' $label2 = New-Object 'System.Windows.Forms.Label' $radioDisabled = New-Object 'System.Windows.Forms.RadioButton' $radioEnabled = New-Object 'System.Windows.Forms.RadioButton' $rtbAccountInfo = New-Object 'System.Windows.Forms.RichTextBox' $btnQuit = New-Object 'System.Windows.Forms.Button' $listUsers = New-Object 'System.Windows.Forms.ListBox' $chkForceChange = New-Object 'System.Windows.Forms.CheckBox' $lblNewPassword = New-Object 'System.Windows.Forms.Label' $txtPassword = New-Object 'System.Windows.Forms.TextBox' $btnReset = New-Object 'System.Windows.Forms.Button' $progressBar1 = New-Object 'System.Windows.Forms.ProgressBar' $statusBar1 = New-Object 'System.Windows.Forms.StatusBar' $label1 = New-Object 'System.Windows.Forms.Label' $InitialFormWindowState = New-Object 'System.Windows.Forms.FormWindowState' #endregion Generated Form Objects #---------------------------------------------- # User Generated Script #---------------------------------------------- Function Get-IsEnabled { Param([string]$username=$(Throw "You must specify a user's CN")) # This function will look at the useraccountcontrol flag and # and return $True if the account is enabled New-Variable ADS_UF_ACCOUNTDISABLE 2 -Option constant #define our searcher object $Searcher = New-Object DirectoryServices.DirectorySearcher # find the account $filter="(&(objectCategory=person)(objectClass=user)(cn=$username))" $searcher.filter=$filter #get the user account $result=$searcher.findOne() [ADSI]$user=$result.path $flag=$user.userAccountcontrol.value if ($flag) { if ($flag -band $ADS_UF_ACCOUNTDISABLE) { # Write-Host "account is disabled " write $False } else { # Write-Host "account is enabled" write $True } } else { Write-Warning "Failed to find $username" } } Function EnableDisable-UserAccount { Param([string]$username=$(Throw "You must specify a user's CN")) # This function will look at the useraccountcontrol flag and # determine if the account is enabled or disabled. It will # flip the bits to enable a disabled account or disable an enabled # account. New-Variable ADS_UF_ACCOUNTDISABLE 2 -Option constant #define our searcher object $Searcher = New-Object DirectoryServices.DirectorySearcher # find the account $filter="(&(objectCategory=person)(objectClass=user)(cn=$username))" $searcher.filter=$filter #get the user account $result=$searcher.findOne() [ADSI]$user=$result.path $flag=$user.userAccountcontrol.value if ($flag) { if ($flag -band $ADS_UF_ACCOUNTDISABLE) { # Write-Host "account is disabled and enabling" $user.useraccountcontrol=$flag -bxor $ADS_UF_ACCOUNTDISABLE } else { # Write-Host "account is enabled and disabling" $user.useraccountcontrol=$flag -bor $ADS_UF_ACCOUNTDISABLE } $user.SetInfo() } else { Write-Warning "Failed to find $username" } } Function Change-Userpassword { Param([string]$username=$(Throw "You must specify a user's CN"), [string]$password="P@ssw0rd", [switch]$forceChange ) #define our searcher object $Searcher = New-Object DirectoryServices.DirectorySearcher # find the account $filter="(&(objectCategory=person)(objectClass=user)(cn=$username))" $searcher.filter=$filter #get the user account $result=$searcher.findOne() [ADSI]$user=$result.path #change the password $user.SetPassword($password) #if -forcechange then modify user account to force user to change #password at next logon if ($forceChange) { $user.Put("pwdLastSet",0) $user.SetInfo() } } Function Get-UserAccount { Param ([string]$username="Administrator") #define some functions used in the script #get the age of the password in days #a value of 0 means just set or needs to be set #the value of $LastSet will be a large integer #indicating the number seconds since 1/1/1601 #since the password was set Function Get-UTCAge { #get date time of the last password change Param([int64]$Last=0) if ($Last -eq 0) { write 0 } else { #clock starts counting from 1/1/1601. [datetime]$utc="1/1/1601" #calculate the number of days based on the int64 number $i=$Last/864000000000 #Add the number of days to 1/1/1601 #and write the result to the pipeline write ($utc.AddDays($i)) } } # end Get-UTCAge function Function Get-PwdAge { Param([int64]$LastSet=0) if ($LastSet -eq 0) { write "0" } else { #get the date the password was last changed [datetime]$ChangeDate=Get-UTCAge $LastSet #get the current date and time [datetime]$RightNow=Get-Date #write the difference in days write $RightNow.Subtract($ChangeDate).Days } } #end Get-PwdAge function #main code #define some constants New-Variable ADS_UF_ACCOUNTDISABLE 0x0002 -Option Constant New-Variable ADS_UF_PASSWD_CANT_CHANGE 0x0040 -Option Constant New-Variable ADS_UF_DONT_EXPIRE_PASSWD 0x10000 -Option Constant New-Variable ADS_UF_PASSWD_EXPIRED 0x800000 -Option Constant #define our searcher object $Searcher = New-Object DirectoryServices.DirectorySearcher # find the account $filter="(&(objectCategory=person)(objectClass=user)(cn=$username))" $searcher.filter=$filter #get the user account $searcher.findOne() | ForEach-Object { #get password properties from useraccountcontrol field if ($_.properties.item("useraccountcontrol")[0] -band $ADS_UF_DONT_EXPIRE_PASSWD) { $pwdNeverExpires=$True } else { $pwdNeverExpires=$False } #Password expired should be calculated from a computed UAC value $user=$_.GetDirectoryEntry() $user.psbase.refreshcache("msDS-User-Account-Control-Computed") [int]$computed=$user.psbase.properties.item("msDS-User-Account-Control-Computed").value if ($computed -band $ADS_UF_PASSWD_EXPIRED) { $pwdExpired=$True } else { $pwdExpired=$False } #check if user can change their password if ($_.properties.item("useraccountcontrol")[0] -band $ADS_UF_PASSWD_CANT_CHANGE) { $pwdChangeAllowed=$False } else { $pwdChangeAllowed=$True } #create a custom object for the account and password properties $obj=New-Object PSObject #add properties to the object $obj | Add-Member -MemberType NoteProperty -Name "Name" -Value $_.properties.item("name")[0] $obj | Add-Member -MemberType NoteProperty -Name "DN" -Value $_.properties.item("distinguishedname")[0] $obj | Add-Member -MemberType NoteProperty -Name "Description" -Value $_.properties.item("description")[0] $obj | Add-Member -MemberType NoteProperty -Name "AccountCreated" -Value $_.properties.item("whencreated")[0] $obj | Add-Member -MemberType NoteProperty -Name "AccountModified" -Value $_.properties.item("WhenChanged")[0] $obj | Add-Member -MemberType NoteProperty -Name "LastLogon" -Value (Get-UTCAge $_.properties.item("lastlogon")[0]) $obj | Add-Member -MemberType NoteProperty -Name "PasswordLastChanged" -Value (Get-UTCAge $_.properties.item("pwdlastset")[0]) $obj | Add-Member -MemberType NoteProperty -Name "PasswordAge" -Value (Get-PwdAge $_.properties.item("pwdlastset")[0]) $obj | Add-Member -MemberType NoteProperty -Name "PasswordExpired" -Value $pwdExpired $obj | Add-Member -MemberType NoteProperty -Name "PasswordNeverExpires" -Value $pwdNeverExpires $obj | Add-Member -MemberType NoteProperty -Name "PasswordChangeAllowed" -Value $pwdChangeAllowed #write object to the pipeline write $obj } #end foreach } $GetUser={ $statusBar1.text="Getting account information for {0}" -f $listUsers.SelectedItem $user=Get-UserAccount $listUsers.SelectedItem | Out-String $rtbAccountInfo.Text=$user.Trim() #get enable/disable information if (Get-IsEnabled $listUsers.SelectedItem) { $radioEnabled.checked=$True } else { $radioDisabled.Checked=$True } $statusBar1.Text="Ready" } $ResetPassword={ $password=($txtPassword.Text).Trim() if ($password.length -eq 0) { Write-Warning "Blank passwords are not allowed" Return } $user=$listUsers.Selecteditem $statusBar1.Text="Resetting password for {0}" -f $listUsers.SelectedItem if ($chkForceChange.Checked) { Change-Userpassword -username $user -password $password -forcechange } else { Change-Userpassword -username $user -password $password } #refresh the user account &$GetUser #reset defaults $txtPassword.text="" $chkForceChange.Checked=$True } $Close={ $form1.close() } $Populate={ $statusBar1.text="Getting users" $searcher=New-Object DirectoryServices.DirectorySearcher $searcher.Filter="(&(objectcategory=person)(objectclass=user))" $searcher.pageSize=100 $progressBar1.value=2 $users=$searcher.FindAll() $i=0 if ($users) { $users | foreach { $listUsers.Items.add($_.Properties.cn[0]) $i++ $progressBar1.value=($i/$users.count) * 100 } $statusBar1.text="Ready" $progressBar1.Visible=$False $label1.Visible=$True $listUsers.Visible=$True $lblNewPassword.Visible=$True $chkForceChange.Visible=$True $txtPassword.Visible=$True $btnReset.Visible=$True $btnQuit.Visible=$True $rtbAccountInfo.Visible=$True $radioEnabled.Visible=$True $radioDisabled.Visible=$True #select the first user in the list $listUsers.SelectedIndex=0 } else { #close the form if there are errors getting users $form1.close() } } $ShowTip= { $label2.Visible=$True } $HideTip= { $label2.Visible=$False } $ChangeAccount={ #flip enable/disable status if ($radioEnabled.Checked) { $statusBar1.Text="Disabling {0}" -f $listUsers.SelectedItem } else { $statusBar1.Text="Enabling {0}" -f $listUsers.SelectedItem } EnableDisable-UserAccount $listUsers.SelectedItem #refresh user account information &$GetUser } # --End User Generated Script-- #---------------------------------------------- #region Generated Events #---------------------------------------------- $Form_StateCorrection_Load= { #Correct the initial state of the form to prevent the .Net maximized form issue $form1.WindowState = $InitialFormWindowState } $Form_Cleanup_FormClosed= { #Remove all event handlers from the controls try { $radioDisabled.remove_Click($ChangeAccount) $radioDisabled.remove_MouseEnter($ShowTip) $radioDisabled.remove_MouseLeave($HideTip) $radioEnabled.remove_Click($ChangeAccount) $radioEnabled.remove_MouseEnter($ShowTip) $radioEnabled.remove_MouseLeave($HideTip) $btnQuit.remove_Click($Close) $listUsers.remove_SelectedIndexChanged($GetUser) $btnReset.remove_Click($ResetPassword) $form1.remove_Shown($Populate) $form1.remove_Load($Form_StateCorrection_Load) $form1.remove_FormClosed($Form_Cleanup_FormClosed) } catch [Exception] { } } #endregion Generated Events #---------------------------------------------- #region Generated Form Code #---------------------------------------------- $form1.SuspendLayout() # # form1 # $form1.Controls.Add($label2) $form1.Controls.Add($radioDisabled) $form1.Controls.Add($radioEnabled) $form1.Controls.Add($rtbAccountInfo) $form1.Controls.Add($btnQuit) $form1.Controls.Add($listUsers) $form1.Controls.Add($chkForceChange) $form1.Controls.Add($lblNewPassword) $form1.Controls.Add($txtPassword) $form1.Controls.Add($btnReset) $form1.Controls.Add($progressBar1) $form1.Controls.Add($statusBar1) $form1.Controls.Add($label1) $form1.ClientSize = '575, 266' $form1.FormBorderStyle = 'FixedDialog' $form1.Name = "form1" $form1.Text = "User Account Management" $form1.add_Shown($Populate) # # label2 # $label2.ForeColor = '128, 128, 255' $label2.Location = '382, 182' $label2.Name = "label2" $label2.Size = '167, 47' $label2.TabIndex = 12 $label2.Text = "Enable or disable an account by selecting a button. The change is immediate." $label2.Visible = $False # # radioDisabled # $radioDisabled.Location = '299, 201' $radioDisabled.Name = "radioDisabled" $radioDisabled.Size = '77, 24' $radioDisabled.TabIndex = 11 $radioDisabled.Text = "Disabled" $radioDisabled.UseVisualStyleBackColor = $True $radioDisabled.Visible = $False $radioDisabled.add_Click($ChangeAccount) $radioDisabled.add_MouseEnter($ShowTip) $radioDisabled.add_MouseLeave($HideTip) # # radioEnabled # $radioEnabled.Checked = $True $radioEnabled.Location = '299, 178' $radioEnabled.Name = "radioEnabled" $radioEnabled.Size = '77, 24' $radioEnabled.TabIndex = 10 $radioEnabled.TabStop = $True $radioEnabled.Text = "Enabled" $radioEnabled.UseVisualStyleBackColor = $True $radioEnabled.Visible = $False $radioEnabled.add_Click($ChangeAccount) $radioEnabled.add_MouseEnter($ShowTip) $radioEnabled.add_MouseLeave($HideTip) # # rtbAccountInfo # $rtbAccountInfo.BackColor = 'Control' $rtbAccountInfo.BorderStyle = 'None' $rtbAccountInfo.Font = "Lucida Console, 8.25pt" $rtbAccountInfo.Location = '204, 29' $rtbAccountInfo.Name = "rtbAccountInfo" $rtbAccountInfo.ReadOnly = $True $rtbAccountInfo.Size = '359, 142' $rtbAccountInfo.TabIndex = 9 $rtbAccountInfo.Text = "" $rtbAccountInfo.Visible = $False # # btnQuit # $btnQuit.Location = '104, 203' $btnQuit.Name = "btnQuit" $btnQuit.Size = '75, 23' $btnQuit.TabIndex = 8 $btnQuit.Text = "Quit" $btnQuit.UseVisualStyleBackColor = $True $btnQuit.Visible = $False $btnQuit.add_Click($Close) # # listUsers # $listUsers.FormattingEnabled = $True $listUsers.Location = '13, 29' $listUsers.Name = "listUsers" $listUsers.Size = '166, 121' $listUsers.Sorted = $True $listUsers.TabIndex = 7 $listUsers.Visible = $False $listUsers.add_SelectedIndexChanged($GetUser) # # chkForceChange # $chkForceChange.Checked = $True $chkForceChange.CheckState = 'Checked' $chkForceChange.Location = '188, 177' $chkForceChange.Name = "chkForceChange" $chkForceChange.Size = '104, 24' $chkForceChange.TabIndex = 6 $chkForceChange.Text = "Force Change" $chkForceChange.UseVisualStyleBackColor = $True $chkForceChange.Visible = $False # # lblNewPassword # $lblNewPassword.Location = '13, 148' $lblNewPassword.Name = "lblNewPassword" $lblNewPassword.Size = '100, 23' $lblNewPassword.TabIndex = 5 $lblNewPassword.Text = "New Password" $lblNewPassword.TextAlign = 'BottomLeft' $lblNewPassword.Visible = $False # # txtPassword # $txtPassword.Location = '13, 177' $txtPassword.Name = "txtPassword" $txtPassword.PasswordChar = '*' $txtPassword.Size = '156, 20' $txtPassword.TabIndex = 4 $txtPassword.Visible = $False # # btnReset # $btnReset.Location = '13, 203' $btnReset.Name = "btnReset" $btnReset.Size = '75, 23' $btnReset.TabIndex = 3 $btnReset.Text = "Reset Password" $btnReset.UseVisualStyleBackColor = $True $btnReset.Visible = $False $btnReset.add_Click($ResetPassword) # # progressBar1 # $progressBar1.Location = '104, 244' $progressBar1.Name = "progressBar1" $progressBar1.Size = '431, 23' $progressBar1.Style = 'Continuous' $progressBar1.TabIndex = 2 # # statusBar1 # $statusBar1.Location = '0, 244' $statusBar1.Name = "statusBar1" $statusBar1.Size = '575, 22' $statusBar1.TabIndex = 1 $statusBar1.Text = "Ready" # # label1 # $label1.Location = '13, 13' $label1.Name = "label1" $label1.Size = '100, 23' $label1.TabIndex = 0 $label1.Text = "Select a user" $label1.Visible = $False $form1.ResumeLayout() #endregion Generated Form Code #---------------------------------------------- #Save the initial state of the form $InitialFormWindowState = $form1.WindowState #Init the OnLoad event to correct the initial state of the form $form1.add_Load($Form_StateCorrection_Load) #Clean up the control events $form1.add_FormClosed($Form_Cleanup_FormClosed) #Show the Form return $form1.ShowDialog() } #End Function #Call OnApplicationLoad to initialize if((OnApplicationLoad) -eq $true) { #Call the form Call-ADUserForm_psf | Out-Null #Perform cleanup OnApplicationExit }