garwolin-smb

1. $username = "skan"
2. $haslo = '$Kan123..'
3. $nazwa_folderu = "SKAN"
4.  
5. $this_dir = pwd
6. $lokalizacja_folderu = [Environment]::GetFolderPath("Desktop")
7.  
8. If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
9. {
10.   # Relaunch as an elevated process:
11.   Start-Process powershell.exe "-File",('"{0}"' -f $MyInvocation.MyCommand.Path) -Verb RunAs
12.   exit
13. }
14.  
15.  
16. ###
17.  
18. $oc_i = "yellow"
19. $oc_d = "blue"
20. $oc_o = "green"
21.  
22. $computername = "$env:computername"
23. $account = $env:computername + "\" + $username
24. ## interactive password # $Password = Read-Host -AsSecureString
25. $fq_place = "$lokalizacja_folderu\$nazwa_folderu"
26. $Password = "$haslo" | ConvertTo-SecureString -AsPlainText -Force
27.  
28.  
29. function write-text($ForegroundColor) {
30.     $fc = $host.UI.RawUI.ForegroundColor;$host.UI.RawUI.ForegroundColor = $ForegroundColor
31.     if ($args) { Write-Output $args }else { $input | Write-Output }
32.     $host.UI.RawUI.ForegroundColor = $fc
33. }
34.  
35. function 1_user_create {
36.     [CmdletBinding()]
37.     param ( [string]$username, [SecureString]  $Password)
38.     if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
39.     {
40.         Remove-LocalUser -Name $username
41.         write-text $oc_d "User deleted"
42.     }  
43.     New-LocalUser -Name "$username" -Password $Password -FullName "$username"
44.     write-text $oc_d "User created"
45. }
46.  
47.  
48. function 1B_user_repair {
49.     [CmdletBinding()]
50.     param ( [string]$username )
51.     if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
52.     {
53.         set-localuser -name "$username" -password $Password
54.         write-text $oc_d "Change password for user"
55.     }
56.     else  
57.     {
58.         write-text $oc_d "User don't exist!"
59.     }
60. }
61. function 2_user_hide {
62.     [CmdletBinding()]
63.     param ( [string]$username )
64.     # add check if winlogon exist!
65.     $location = 'hklm:\SOFTWARE\Microsoft\windows nt\currentversion\winlogon'
66.     Set-Location $location
67.     if (Test-Path "$location\SpecialAccount") {
68.         write-text $oc_d 'user was already hidden'
69.     }
70.     else
71.     {
72.         New-Item -Path "$location\SpecialAccount" -Name 'UserList'
73.         New-ItemProperty -Path "$location\SpecialAccount\UserList" -Name "$username" -Value '0' -PropertyType DWORD
74.         write-text $oc_d "user hidden"
75.     }
76.     pop-location
77. }
78.  
79. function 3_user_neverexp {
80.     [CmdletBinding()]
81.     param ( [string]$username )
82.     set-localuser -Name $username -PasswordNeverExpires:$TRUE  
83.     set-localuser -Name $username -UserMayChangePassword:$FALSE
84.     write-text $oc_d "User password never expires"
85. }
86.  
87. function 4_directory_create {
88.     [CmdletBinding()]
89.     param ( [string]$fq_place )
90.     New-Item -ItemType Directory -Force -Path "$fq_place"
91.     write-text $oc_d "Directory created"
92. }
93.  
94. function 5_share_create {
95.     [CmdletBinding()]
96.     param ( [string]$nazwa_folderu,
97.             [string]$fq_place,
98.             [string]$account
99.     )
100.  
101.      $ust_udzialu  = @{ 'Name' = $nazwa_folderu;
102.                         'Path' = "$fq_place";
103.                         'FullAccess' = "$account"
104.                     }
105.  
106.     if ( Get-SmbShare -Name "$nazwa_folderu" -ErrorAction SilentlyContinue )
107.     { Remove-SmbShare -Name "$nazwa_folderu" -force }
108.     # New-SmbShare $ust_udzialu
109.     New-SmbShare -Name "$nazwa_folderu" -Path "$fq_place" -FullAccess "$account"
110.     write-text $oc_d "Share created"
111. }
112.  
113. function 6_win_lower_cypher {
114.     $locat2 = 'hklm:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0'
115.     if (Test-Path $locat2) {
116.     $Key = Get-Item -LiteralPath "$locat2"
117.     if ($Key.GetValue("NtlmMinClientSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinClientSec" -PropertyType DWORD -Value '0' }
118.     if ($Key.GetValue("NtlmMinServerSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinServerSec" -PropertyType DWORD -Value '0' }
119.     }
120.     else
121.     { write-text red "there is no $($locat2)" }
122.     write-text $oc_d "lowered minimum cypher"
123. }
124.  
125. function 7_win_net_private {
126.     if ( -not ( "PRIVATE" -like (Get-NetconnectionProfile | select-object NetworkCategory).networkcategory) ) {
127.         Get-NetconnectionProfile | Set-NetconnectionProfile -NetworkCategory Private
128.         write-text $oc_o "network set as private"
129.       }
130.       else { write-text $oc_d "network was already as private" }
131. }
132.  
133. function 8_win_smb1_set {
134.     if ( "Enabled" -eq (Get-WindowsOptionalFeature -online -FeatureName "SMB1protocol-server" | select-object -property state).state ) `
135.     { write-text $oc_d "smb1 is installed" }
136.     else {
137.     Enable-WindowsOptionalFeature -Online -FeatureName "SMB1Protocol" -All;
138.     write-text $oc_o "enabled smb1"
139.     }
140. }
141.  
142. function A_get_user_info {
143.     write-text $oc_d "Username = $username"
144.     write-text $oc_d "haslo = $haslo"
145.     write-text $oc_d "nazwa udzialu = $nazwa_folderu"
146. }
147.  
148. function B_get_interface_info {
149.     get-NetIPInterface `
150.     | where-object { ( $_.addressfamily -like "IPv4" ) -and ( $_.ConnectionState -eq "Connected" ) } `
151.     | select-object ifindex, ifalias, dhcp, connectionstate `
152.     | ForEach-Object `
153.     {
154.     Get-NetIPAddress -interfaceindex $_.ifindex `
155.     | where-object { ( $_.addressfamily -like "ipv4" ) -and ( -not ( $_.IPv4Address -like '127.0.0.1' )) } `
156.     | Select-Object prefixorigin, suffixorigin, type, store, addressstate, ipv4address -outvariable lol `
157.     | Out-Null ;
158.     Get-NetAdapter -interfaceindex $_.ifindex -erroraction ignore | select-object interfacedescription, macaddress -outvariable out | out-null;
159.     $members = @{"Connectionstate" = $_.connectionstate;
160.         "DHCP"                       = $_.dhcp;
161.         "ifalias"                    = $_.ifalias;
162.         "InterfaceDescription"       = $out.interfacedescription;
163.         "macaddress"                 = $out.macaddress;
164.         "hostname"                   = $env:computername
165.     }
166.     if ( $lol.ipv4address ) { write-text red "\\$($lol.ipv4address)\$($scan_smbdir)" }
167.     if ( $lol -ne $null ) {
168.         $lol | add-member -notepropertymembers $members
169.         $lol | Format-table -wrap hostname, ifalias, dhcp, ipv4address, addressstate, connectionstate, macaddress, interfacedescription #-HideTableHeaders
170.     }
171.     }
172.  
173. }
174.  
175. function C_spooler_restart {
176.     Restart-Service -Name Spooler -Force
177. }
178.  
179. function D_spooler_clear {
180.     Stop-Service -Name Spooler -Force
181.     Move-Item -Path "$env:SystemRoot\System32\spool\PRINTERS\*.*" -Destination 'C:\demo\new' -Force
182. }
183.  
184. function E_check_user {
185.     param ( [string] $username, [string]  $password)
186.     if ( i_check_user $username $password ) {write-text "GREEN" "Account creditentials OK"
187.        
188.     }
189.     else {
190.         write-text "RED" "BAD creditentials"
191.     }
192.    
193. }
194.  
195. function i_check_user {
196.     param ( [string] $username, [string]  $password)
197.     $computer = $env:COMPUTERNAME
198.     Add-Type -AssemblyName System.DirectoryServices.AccountManagement
199.     $obj = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('machine',$computer)
200.     $obj.ValidateCredentials($username, $password)
201. }
202.  
203.  
204. # set_user $username
205. # set_share $nazwa_folderu $fq_place $account
206. # set_directory $fq_place
207.  
208. $menu=@"
209.   0  ALL
210.  
211.   1  user: create profile
212.   2  user: hide profile from windows logon
213.   3  user: set password to never expire & user can't change password themselves
214.   4  directory: create on desktop
215.   5  share: create share
216.   6  windows: lower cypher on sharing
217.   7  windows: set network to private
218.   8  windows components: enable smb1 server
219.  
220.   9  repair user
221.  
222.   A  get user info
223.   B  get interface info
224.  
225.   Q  Quit
226.  
227. Select a task by number or Q to quit
228. "@
229.  
230. Function Invoke-Menu {
231.     [cmdletbinding()]
232.     Param(
233.     [Parameter(Position=0,Mandatory=$True,HelpMessage="Enter your menu text")]
234.     [ValidateNotNullOrEmpty()]
235.     [string]$Menu,
236.     [Parameter(Position=1)]
237.     [ValidateNotNullOrEmpty()]
238.     [string]$Title = "My Menu",
239.     [Alias("cls")]
240.     [switch]$ClearScreen
241.     )
242.      
243.     #clear the screen if requested
244.     # if ($ClearScreen) { Clear-Host  }
245.      
246.     #build the menu prompt
247.     $menuPrompt = $title
248.     #add a return
249.     $menuprompt+="`n"
250.     #add an underline
251.     $menuprompt+="-"*$title.Length
252.     #add another return
253.     $menuprompt+="`n"
254.     #add the menu
255.     $menuPrompt+=$menu
256.      
257.     Read-Host -Prompt $menuprompt
258.      
259.     } #end function
260.  
261. Do {
262.     #use a Switch construct to take action depending on what menu choice
263.     #is selected.
264.     Switch (Invoke-Menu -menu $menu -title "My Help Desk Tasks" -clear)
265.     {
266.         "0" {write-text "yellow" "all"
267.             1_user_create $username $Password
268.             2_user_hide $username
269.             3_user_neverexp $username
270.             4_directory_create $fq_place
271.             5_share_create $nazwa_folderu $fq_place $username
272.             6_win_lower_cypher
273.             cd $this_dir
274.             7_win_net_private
275.             8_win_smb1_set
276.             A_get_user_info
277.             B_get_interface_info
278.             }
279.         "1" {write-text "yellow" "user: create profile"
280.             1_user_create $username
281.         }
282.         "2" {write-text "yellow" "user: hide profile from windows logon"
283.             2_user_hide $username
284.         }
285.         "3" {write-text "yellow" "user: set password to never expire & user can't change password themselves"
286.             3_user_neverexp $username
287.         }
288.         "4" {write-text "yellow" "directory: create on desktop"
289.             4_directory_create "$fq_place"
290.         }
291.         "5" {write-text "yellow" "share: create share"
292.             5_share_create "$nazwa_folderu" "$fq_place" "$username"
293.         }
294.         "6" {write-text "yellow"  "windows: lower cypher on sharing"
295.             6_win_lower_cypher
296.         }
297.         "7" {write-text "yellow" "windows: set network to private"
298.             7_win_net_private
299.         }
300.         "8" {write-text "yellow" "windows components: enable smb1 server"
301.             8_win_smb1_set
302.         }
303.         "9" {
304.             write-text "yellow" "repairing user"
305.             3_user_neverexp $username
306.             1B_user_repair $username
307.             2_user_hide $username
308.         }
309.         "A" {
310.             write-text "yellow" "User Info"
311.             A_get_user_info
312.         }
313.         "B" {
314.             write-text "yellow" "Interface"
315.             B_get_interface_info
316.         }
317.         "C" {
318.        
319.         }
320.         "D" {
321.  
322.         }
323.         "E" {
324.             E_check_user $username $haslo
325.         }
326.  
327.         "Q" {write-text "yellow" "Goodbye"
328.         Return
329.         }
330.         Default {
331.             Write-Warning "Invalid Choice. Try again."
332.             sleep -milliseconds 750
333.         }
334.     }
335. } While ($True)