Bundled-Adobe_Admin_User.ps1

1.  
2.  
3. #################################################################################
4. #=====[ Load Functions
5.  
6. #   Gets the user when run administratively
7. Function Get-LoggedInUser {
8.     <#
9.     .SYNOPSIS
10.         This will check the specified machine to see all users who are logged on.
11.         For updated help and examples refer to -Online version.
12.    
13.     .NOTES
14.         Name: Get-LoggedInUser
15.         Author: Paul Contreras
16.         Version: 3.0
17.         DateUpdated: 2021-Sep-21
18.    
19.     .LINK
20.         https://thesysadminchannel.com/get-logged-in-users-using-powershell/ -
21.         For updated help and examples refer to -Online version.
22.    
23.     .PARAMETER ComputerName
24.         Specify a computername to see which users are logged into it.  If no computers are specified, it will default to the local computer.
25.    
26.     .PARAMETER UserName
27.         If the specified username is found logged into a machine, it will display it in the output.
28.    
29.     .EXAMPLE
30.         Get-LoggedInUser -ComputerName Server01
31.         Display all the users that are logged in server01
32.    
33.     .EXAMPLE
34.         Get-LoggedInUser -ComputerName Server01, Server02 -UserName jsmith
35.         Display if the user, jsmith, is logged into server01 and/or server02
36.    
37.    
38.     #>
39.    
40.     [CmdletBinding()]
41.         param(
42.             [Parameter(
43.                 Mandatory = $false,
44.                 ValueFromPipeline = $true,
45.                 ValueFromPipelineByPropertyName = $true,
46.                 Position=0
47.             )]
48.             [string[]] $ComputerName = $env:COMPUTERNAME,
49.  
50.  
51.             [Parameter(
52.                 Mandatory = $false
53.             )]
54.             [Alias("SamAccountName")]
55.             [string]   $UserName
56.         )
57.  
58.     BEGIN {}
59.  
60.     PROCESS {
61.         foreach ($Computer in $ComputerName) {
62.             try {
63.                 $Computer = $Computer.ToUpper()
64.                 $SessionList = quser /Server:$Computer 2>$null
65.                 if ($SessionList) {
66.                     $UserInfo = foreach ($Session in ($SessionList | select -Skip 1)) {
67.                         $Session = $Session.ToString().trim() -replace '\s+', ' ' -replace '>', ''
68.                         if ($Session.Split(' ')[3] -eq 'Active') {
69.                             [PSCustomObject]@{
70.                                 ComputerName = $Computer
71.                                 UserName     = $session.Split(' ')[0]
72.                                 SessionName  = $session.Split(' ')[1]
73.                                 SessionID    = $Session.Split(' ')[2]
74.                                 SessionState = $Session.Split(' ')[3]
75.                                 IdleTime     = $Session.Split(' ')[4]
76.                                 LogonTime    = $session.Split(' ')[5, 6, 7] -as [string] -as [datetime]
77.                             }
78.                         } else {
79.                             [PSCustomObject]@{
80.                                 ComputerName = $Computer
81.                                 UserName     = $session.Split(' ')[0]
82.                                 SessionName  = $null
83.                                 SessionID    = $Session.Split(' ')[1]
84.                                 SessionState = 'Disconnected'
85.                                 IdleTime     = $Session.Split(' ')[3]
86.                                 LogonTime    = $session.Split(' ')[4, 5, 6] -as [string] -as [datetime]
87.                             }
88.                         }
89.                     }
90.  
91.                     if ($PSBoundParameters.ContainsKey('Username')) {
92.                         $UserInfo | Where-Object {$_.UserName -eq $UserName}
93.                       } else {
94.                         $UserInfo | Sort-Object LogonTime
95.                     }
96.                 }
97.             } catch {
98.                 Write-Error $_.Exception.Message
99.  
100.             }
101.         }
102.     }
103.  
104.     END {}
105. }
106.  
107. #   Temporarily halts input from keyboard and mouse for a specific amount of time
108. Function Disable-UserInput($seconds) {
109.     $userInput::BlockInput($true)
110.     Start-Sleep $seconds
111.     $userInput::BlockInput($false)
112. }
113.  
114. #################################################################################
115. #=====[ Define Varibles
116.  
117. #   When this script is run as an admin, it collects the local username of the person logged in
118.     $UN = (Get-LoggedInUser -ComputerName $env:COMPUTERNAME).UserName
119.  
120. #   Get the domain by looking at the admin running the script
121.     $laName =  whoami
122.  
123. ##  Split this into the domain and the username based on the \ character
124.     $dName, $launName = $laName.Split("\")
125.  
126. ## Attach the domain, with the \ character, and then add the logged in user
127.     $UN1 = $dName + "\" + $UN
128.  
129.  
130. #   Store the IEX Command as a variable that will be performing the work to do the following:
131. ##  : Kill all open Adobe products
132. ##  : Clear all credentials within Credential Manager to do with Adobe
133. ##  : Open Edge and force log off the the logged in user and kill MsEdge
134.     $iex = IEX ((New-Object System.Net.WebClient).DownloadString('https://pastebin.com/raw/Yim1Qv0H'))
135.  
136. #################################################################################
137. #=====[ Scheduled Task Creation
138.  
139. #   Create a scheduled task that will run as the team member
140. $action = New-ScheduledTaskAction  -Execute 'powershell.exe' -Argument "$iex"
141. $trigger = New-ScheduledTaskTrigger -AtLogOn
142. $principal = New-ScheduledTaskPrincipal -UserId (Get-CimInstance –ClassName Win32_ComputerSystem | Select-Object -expand UserName)
143. $task = New-ScheduledTask -Action $action -Trigger $trigger -Principal $principal
144. Register-ScheduledTask IEX_Call_Adobe -InputObject $task
145.  
146.  
147. #################################################################################
148. #=====[ Code Execution
149.  
150. #   Create Subexpression Operator required to disable input temporaily
151. $code = @"
152.    [DllImport("user32.dll")]
153.    public static extern bool BlockInput(bool fBlockIt);
154. "@
155. #   Create Variable using the Subexpresion to ignore input
156.     $userInput = Add-Type -MemberDefinition $code -Name UserInput -Namespace UserInput -PassThru
157.  
158. #   Start the Scheduled task, running the IEX Script
159.     Start-ScheduledTask -TaskName IEX_Call_Adobe
160.  
161. #   Disable Input and warn the shell
162.     Write-Host("Disabling all unput for 17 seconds ")  -ForegroundColor Yellow
163.     Disable-UserInput -seconds 18 | Out-Null
164.  
165. #   Remove the Scheduled Task
166.     Start-Sleep -Seconds 10
167.     Unregister-ScheduledTask -TaskName IEX_Call_Adobe -Confirm:$false
168.  
169. exit
170.