PowerShell Scriptin’1
&
Old Computer Accounts
Old User Accounts
Old User Accounts
– Jaké počítače a uživatelé se nepřihlásili déle než 60 dní.
– Jak spouštět skripty v PowerShellu
1) Nejdříve je třeba zjistit, jaká je nastavena politika pro spouštění skriptů ps1. Zadejte do PowerShell okna příkaz:
Get-ExecutionPolicy
Jaké jsou politiky:
POWERSHELL EXECUTION POLICIES
——————————————
——————————————
The PowerShell execution policies are:
Restricted
– Default execution policy.
– Permits individual commands, but scripts cannot run.
– Default execution policy.
– Permits individual commands, but scripts cannot run.
AllSigned
– Scripts can run.
– Requires a digital signature from a trusted publisher on all scripts
and configuration files, including scripts that you write on the
local computer.
– Prompts you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
– Scripts can run.
– Requires a digital signature from a trusted publisher on all scripts
and configuration files, including scripts that you write on the
local computer.
– Prompts you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
RemoteSigned
– Scripts can run.
– Requires a digital signature from a trusted publisher on scripts and
configuration files that are downloaded from the Internet (including
e-mail and instant messaging programs).
– Does not require digital signatures on scripts run from the
local computer.
– Does not prompt you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
– Scripts can run.
– Requires a digital signature from a trusted publisher on scripts and
configuration files that are downloaded from the Internet (including
e-mail and instant messaging programs).
– Does not require digital signatures on scripts run from the
local computer.
– Does not prompt you before running scripts from trusted publishers.
– Risks running signed, but malicious, scripts.
Unrestricted
– Unsigned scripts can run.
– Scripts and configuration files that are downloaded from the Internet
(including Microsoft Outlook, Outlook Express and Windows Messenger)
run after warning you that the file originated from the Internet.
– Risks running malicious scripts.
– Unsigned scripts can run.
– Scripts and configuration files that are downloaded from the Internet
(including Microsoft Outlook, Outlook Express and Windows Messenger)
run after warning you that the file originated from the Internet.
– Risks running malicious scripts.
2) Změna politiky – příkaz:
Set-ExecutionPolicy RemoteSigned
3) Spouštění skriptů:
cd D:\Skripty
.\skript.ps1
.\skript.ps1
nebo
& "D:\Skripty\skript.ps1"
_____________________________________________________________
#old comps accounts
$maxOldLogonDays = 60
$adsiSearcher = new-object DirectoryServices.DirectorySearcher("LDAP://rootdse")
$adsiSearcher.filter = "objectCategory=computer"
$adsiSearcher.findall() |
Foreach-Object `
{
"Processing $($_.path)"
$rawLogon = $_.properties.item("lastlogon")
$convertedLogOn = [datetime]::FromFileTime([int64]::Parse($rawLogon))
If( ((get-date) – $convertedLogOn).days -ge $maxOldLogonDays )
{
"$($_.properties.item(‘distinguishedName’))
has not logged on for more than $maxOldLogonDays days"
} #end if
} #end foreach
$adsiSearcher = new-object DirectoryServices.DirectorySearcher("LDAP://rootdse")
$adsiSearcher.filter = "objectCategory=computer"
$adsiSearcher.findall() |
Foreach-Object `
{
"Processing $($_.path)"
$rawLogon = $_.properties.item("lastlogon")
$convertedLogOn = [datetime]::FromFileTime([int64]::Parse($rawLogon))
If( ((get-date) – $convertedLogOn).days -ge $maxOldLogonDays )
{
"$($_.properties.item(‘distinguishedName’))
has not logged on for more than $maxOldLogonDays days"
} #end if
} #end foreach
_____________________________________________________________________________________
#old user accounts
$maxOldLogonDays = 60
$adsiSearcher = new-object DirectoryServices.DirectorySearcher("LDAP://rootdse")
$adsiSearcher.filter = "objectCategory=User"
$adsiSearcher.findall() |
Foreach-Object `
{
"Processing $($_.path)"
$rawLogon = $_.properties.item("lastlogon")
$convertedLogOn = [datetime]::FromFileTime([int64]::Parse($rawLogon))
If( ((get-date) – $convertedLogOn).days -ge $maxOldLogonDays )
{
"$($_.properties.item(‘distinguishedName’))
has not logged on for more than $maxOldLogonDays days"
} #end if
} #end foreach
$adsiSearcher = new-object DirectoryServices.DirectorySearcher("LDAP://rootdse")
$adsiSearcher.filter = "objectCategory=User"
$adsiSearcher.findall() |
Foreach-Object `
{
"Processing $($_.path)"
$rawLogon = $_.properties.item("lastlogon")
$convertedLogOn = [datetime]::FromFileTime([int64]::Parse($rawLogon))
If( ((get-date) – $convertedLogOn).days -ge $maxOldLogonDays )
{
"$($_.properties.item(‘distinguishedName’))
has not logged on for more than $maxOldLogonDays days"
} #end if
} #end foreach