CODEWITHSUNDEEP
powershellactive-directory
David
David

Reputation: 107

Disabling ESET Secure Authentication for AD User accounts

Would anybody have an insight on how to disable a user's ESET Secure Authentication setting with a Powershell script?

I have a script that disables a users Active Directory account, resets the password, and moves it to a new OU but now I'm stumped on how to disable the properties related to their ESET information. From the ADUC GUI you can uncheck the box for their hardware token and REVOKE the key, so I would imagine there's a way to do it with a script that I can include in my current script.

# Imports module for running commandlets against Active Directory, and inputs user name
# into variable.
# Enter-PSSession DomainController // Need to run this commandlet from your local
# machine first.

Echo "You are about to disable a user account. Verify your information!"
Read-Host "Press ENTER to continue."
Import-module ActiveDirectory
$User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change'

# Disables named users ActiveDirectory Account.
# "Locked Account" does not show but need to right click to enable
 Disable-ADAccount -Identity $User1

# Adds AD group "Disabled Users" to named user group membership
 Add-ADGroupMember -Identity 'Disabled Users' -Member $User1

# Set named users primary group to "Disabled Users" 
 Set-ADUser -Identity $User1 -Replace @{PrimaryGroupID="0000"}

# Removes groups assigned to named users membership
 Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object {
  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
 }

# Changes named users password based on Administrators input
 $newpwd = Read-Host "Enter the new password" -AsSecureString -WhatIf
 Set-ADAccountPassword $User1 -NewPassword $newpwd –Reset -WhatIf

# Moves named user from current OU to "Employee DISABLED\DISABLED" container
 get-aduser $User1 | move-adobject -targetpath
 "ou=DISABLED,ou=Employee DISABLED,dc=DOMAINNAME,dc=com"

# Much respect due to the onesixooh!
 Read-Host "Press ENTER to finish"
 Write-Host "    **********************************************************
       >>>    Get the money.  Dolla dolla bill y'all.   <<<

    **********************************************************"

Any advice is greatly appreciated.

Upvotes: 0

Views: 235

Answers (1)

postanote
postanote

Reputation: 16106

Try using the Windows Server ADAC (AD Admin Center) to write this code for you, to see if that gets you closer to your end goal.

  • Open ADAC
  • Use the GUI to do the steps you need
  • Open the PowerShell History Viewer
  • Copy and paste into your favorite PoSH Editor (ISE, VSCode, etc...) and tweak as needed.

Upvotes: 1

Related Questions