RSAT-As-Admin.ps1
|
Param( [Switch]$Console = $false #--[ Set to true to enable local console result display. Defaults to false ]-- ) <#------------------------------------------------------------------------------ File Name : RSAT-As-Admin.ps1 Original Author : Kenneth C. Mazie (kcmjr AT kcmjr.com) : Description : Automatically loads specified Windows RSAT AD Admin tools using the user ID you specify : in the GUI. : Notes : Normal operation is with no command line options. The list of RSAT tools below : should be commented in/out as needed. Tested on Windows 10 1803 only. : Arguments : Command line options for testing: : - "-console $true" will enable local console echo : Warnings : None : Legal : Public Domain. Modify and redistribute freely. No rights reserved. : SCRIPT PROVIDED "AS IS" WITHOUT WARRANTIES OR GUARANTEES OF : ANY KIND. USE AT YOUR OWN RISK. NO TECHNICAL SUPPORT PROVIDED. : That being said, please let me know if you find bugs or improve the script. : Credits : Code snippets and/or ideas came from many sources including but : not limited to the following: n/a : Last Update by : Kenneth C. Mazie Version History : v1.0 - 09-24-18 - Original Change History : v2.0 - 12-10-18 - Complete rewrite : ------------------------------------------------------------------------------#> <#PSScriptInfo .VERSION 2.00 .GUID 75f90821-5799-44ed-af38-bc4e05f9e385 .AUTHOR Kenneth C. Mazie (kcmjr AT kcmjr.com) .DESCRIPTION Automatically loads specified Windows RSAT AD Admin tools using the user ID you specify in the GUI prompt. #> #Requires -Version 5.1 Clear-Host If (!(Get-module ActiveDirectory)){Import-Module ActiveDirectory} $ErrorActionPreference = "silentlycontinue" #--[ For Testing ]------------- #$Script:Console = $true #------------------------------ $Script:Icon = [System.Drawing.SystemIcons]::Information $Script:ReportBody = "" $Script:ScriptName = ($MyInvocation.MyCommand.Name).split(".")[0] $Script:ConfigFile = $PSScriptRoot+'\'+$Script:ScriptName+'.xml' $Script:Validated = $False $DomainName = $env:USERDOMAIN #--[ Pulls local domain as an alternate if the user leaves it out ]------- #--[ Functions ]-------------------------------------------------------------- Function UpdateOutput { $Script:OutputBox.update() $Script:OutputBox.Select($OutputBox.Text.Length, 0) $Script:OutputBox.ScrollToCaret() } Function IsThereText ($TargetBox){ if (($TargetBox.Text.Length -ne 0)){ Return $true }else{ Return $false } } #--[ End of Functions ]--------------------------------------------------------- #--------------------------------[ Prep GUI ]----------------------------------- [void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing") [void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") $Script:ScreenSize = (Get-WmiObject -Class Win32_DesktopMonitor | Select-Object ScreenWidth,ScreenHeight) $Script:Width = $Script:ScreenSize.ScreenWidth $Script:Height = $Script:ScreenSize.ScreenHeight #--[ Define Form ]-------------------------------------------------------------- [int]$Script:FormWidth = 350 [int]$Script:FormHeight = 200 [int]$Script:FormHCenter = ($Script:FormWidth / 2) # 170 Horizontal center point [int]$Script:FormVCenter = ($Script:FormHeight / 2) # 209 Vertical center point [int]$Script:ButtonHeight = 25 [int]$Script:TextHeight = 20 #--[ Create Form ]--------------------------------------------------------------------- $Script:Form = New-Object System.Windows.Forms.Form $Script:Form.size = New-Object System.Drawing.Size($Script:FormWidth,$Script:FormHeight) $Script:Notify = New-Object system.windows.forms.notifyicon $Script:Notify.icon = $Script:Icon #--[ NOTE: Available tooltip icons are = warning, info, error, and none $Script:Notify.visible = $true [int]$Script:FormVTop = 0 [int]$Script:ButtonLeft = 55 [int]$Script:ButtonTop = ($Script:FormHeight - 75) $Script:Form.Text = "$Script:ScriptName v$Script:ScriptVer" $Script:Form.StartPosition = "CenterScreen" $Script:Form.KeyPreview = $true $Script:Form.Add_KeyDown({if ($_.KeyCode -eq "Escape"){$Script:Form.Close();$Stop = $true}}) $Script:ButtonFont = new-object System.Drawing.Font("New Times Roman",9,[System.Drawing.FontStyle]::Bold) #--[ Form Title Label ]----------------------------------------------------------------- $BoxLength = 350 $LineLoc = 5 $Script:FormLabelBox = new-object System.Windows.Forms.Label $Script:FormLabelBox.Font = $Script:ButtonFont $Script:FormLabelBox.Location = new-object System.Drawing.Size(($Script:FormHCenter-($BoxLength/2)-10),$LineLoc) $Script:FormLabelBox.size = new-object System.Drawing.Size($BoxLength,$Script:ButtonHeight) $Script:FormLabelBox.TextAlign = 2 $Script:FormLabelBox.Text = "Windows AD RSAT tools with alternate credentials." #$Script:ScriptName $Script:Form.Controls.Add($Script:FormLabelBox) #--[ User Credential Label ]------------------------------------------------------------- $BoxLength = 200 $LineLoc = 28 $Script:UserCredLabel = New-Object System.Windows.Forms.Label $Script:UserCredLabel.Location = New-Object System.Drawing.Point(($Script:FormHCenter-($BoxLength/2)-10),$LineLoc) $Script:UserCredLabel.Size = New-Object System.Drawing.Size($BoxLength,$Script:TextHeight) $Script:UserCredLabel.ForeColor = "DarkGreen" $Script:UserCredLabel.Font = $Script:ButtonFont $Script:UserCredLabel.Text = "Enter YOUR Credentials Below:" $Script:UserCredLabel.TextAlign = 2 $Script:Form.Controls.Add($Script:UserCredLabel) #--[ User ID Text Input Box ]------------------------------------------------------------- $BoxLength = 140 $LineLoc = 55 $Script:UserIDTextBox = New-Object System.Windows.Forms.TextBox $Script:UserIDTextBox.Location = New-Object System.Drawing.Size(($Script:FormHCenter-158),$LineLoc) $Script:UserIDTextBox.Size = New-Object System.Drawing.Size($BoxLength,$Script:TextHeight) $Script:UserIDTextBox.TabIndex = 2 $Script:UserIDTextBox.ForeColor = "DarkGray" $Script:UserIDTextBox.Text = "Your Domain/UserID" $Script:UserIDTextBox.TextAlign = 2 $Script:UserIDTextBox.Enabled = $True $Script:UserIDTextBox.Add_GotFocus({ if ($Script:UserIDTextBox.Text -eq 'Your Domain/UserID') { $Script:UserIDTextBox.Text = '' $Script:UserIDTextBox.ForeColor = 'Black' } }) $Script:UserIDTextBox.Add_LostFocus({ if ($Script:UserIDTextBox.Text -eq '') { $Script:UserIDTextBox.Text = 'Your Domain/UserID' $Script:UserIDTextBox.ForeColor = 'Darkgray' } }) $Script:Form.Controls.Add($Script:UserIDTextBox) $Script:UserPwdTextBox = New-Object System.Windows.Forms.TextBox $Script:UserPwdTextBox.Location = New-Object System.Drawing.Size((($Script:FormHCenter-3)),$LineLoc) $Script:UserPwdTextBox.Size = New-Object System.Drawing.Size($BoxLength,$Script:TextHeight) $Script:UserPwdTextBox.Text = $Script:DN $Script:UserPwdTextBox.TabIndex = 3 $Script:UserPwdTextBox.ForeColor = "DarkGray" $Script:UserPwdTextBox.Text = "Your Password" $Script:UserPwdTextBox.TextAlign = 2 $Script:UserPwdTextBox.Enabled = $True $Script:UserPwdTextBox.Add_GotFocus({ if ($Script:UserPwdTextBox.Text -eq 'Your Password') { $Script:UserPwdTextBox.Text = '' $Script:UserPwdTextBox.PasswordChar = '*' $Script:UserPwdTextBox.ForeColor = 'Black' } }) $Script:UserPwdTextBox.Add_LostFocus({ if ($Script:UserPwdTextBox.Text -eq '') { $Script:UserPwdTextBox.Text = 'Your Password' $Script:UserPwdTextBox.ForeColor = 'Darkgray' } }) $Script:UserPwdTextBox.add_TextChanged({ If (IsThereText $Script:UserPwdTextBox){ $Script:VerifyButton.Enabled = $True $Script:ButtonSectionLabel.ForeColor = "Green" $Script:VerifyButton.ForeColor = "Green" #$Script:VerifyButton.Font = $True #new-object System.Drawing.Font("New Times Roman",9,[System.Drawing.FontStyle]::Bold) $Script:ButtonSectionLabel.Location = New-Object System.Drawing.Point(($Script:FormHCenter-106),($StatLabelLoc)) $Script:ButtonSectionLabel.Text = "Click VERIFY to inspect the user." }Else{ $Script:VerifyButton.Enabled = $False $Script:VerifyButton.Font.Bold = $False $Script:ButtonSectionLabel.ForeColor = "Red" $Script:ButtonSectionLabel.Text = "Enter a User ID above." $Script:ButtonSectionLabel.Location = New-Object System.Drawing.Point(($Script:FormHCenter-80),($StatLabelLoc)) $Script:ButtonSectionLabel.Size = New-Object System.Drawing.Size(300,$Script:TextHeight) $Script:ProcessButton.Enabled = $False } }) $Script:Form.Controls.Add($Script:UserPwdTextBox) #--[ User ID Label ]---------------------------------------------------------------------- $BoxLength = 141 $LineLoc = 90 $Script:UserIDLabel = New-Object System.Windows.Forms.TextBox $Script:UserIDLabel.Location = New-Object System.Drawing.Size((($Script:FormHCenter-($BoxLength/2))-37),$LineLoc) $Script:UserIDLabel.Size = New-Object System.Drawing.Size(200,$Script:TextHeight) $Script:UserIDLabel.Text = "" $Script:UserIDLabel.Enabled = $False $Script:UserIDLabel.TextAlign = 2 $Script:Form.Controls.Add($Script:UserIDLabel) #--[ VERIFY Button ]------------------------------------------------------------------------- $BoxLength = 100 $LineLoc = 122 $Script:VerifyButton = new-object System.Windows.Forms.Button $Script:VerifyButton.Location = new-object System.Drawing.Size(($Script:FormHCenter-($BoxLength/2)-110),$LineLoc) $Script:VerifyButton.Size = new-object System.Drawing.Size($BoxLength,$Script:ButtonHeight) $Script:VerifyButton.TabIndex = 4 $Script:VerifyButton.Text = "Verify" $Script:VerifyButton.Enabled = $False $Script:VerifyButton.Font = $Script:ButtonFont $Script:VerifyButton.Add_Click({ $ErrorActionPreference = "stop" If ((($Script:UserIDTextBox.Text).Split("\")).count -lt 2 ){ $Script:UserIDTextBox.Text = $env:USERDOMAIN.ToLower()+'\'+$Script:UserIDTextBox.Text } $Script:UserIDLabel.TextAlign = 2 $Script:UserIDLabel.Text = "Checking..." $Password = ConvertTo-SecureString -String $Script:UserPwdTextBox.Text -AsPlainText -Force $Script:SC = New-Object System.Management.Automation.PSCredential($Script:UserIDTextBox.Text,$Password) $Script:VerifyButton.Text = "Verify" $Script:VerifyButton.Enabled = $False Add-Type -AssemblyName System.DirectoryServices.AccountManagement $DomainName = $Script:SC.username.Split("\")[0] $UserName = $Script:SC.username.Split("\")[1] $Password = $Script:SC.GetNetworkCredential().Password $ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain $PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ContextType,$Domain $Result = $PrincipalContext.ValidateCredentials($UserName,$Password) Start-Sleep -sec 3 $UserProperties = Get-Aduser $UserName -Properties * If ($Result){ $Script:UserIDLabel.Text = "Verified. Click Execute." $Script:ProcessButton.ForeColor = "Green" $Script:ProcessButton.Enabled = $True $Script:Validated = $True }Else{ If ($UserProperties.LockedOut){ $Script:UserIDLabel.Text = "Failed. User is Locked Out." }ElseIf (!($UserProperties.Enabled)){ $Script:UserIDLabel.Text = "Failed. User is disabled." }Else{ $Script:UserIDLabel.Text = "Failed. Verify Password" } } $ErrorActionPreference = "silentlycontinue" }) $Script:Form.Controls.Add($Script:VerifyButton) #--[ CLOSE Button ]------------------------------------------------------------------------ $Script:CloseButton = new-object System.Windows.Forms.Button $Script:CloseButton.Location = New-Object System.Drawing.Size(($Script:FormHCenter-($BoxLength/2)-8),$LineLoc) $Script:CloseButton.Size = new-object System.Drawing.Size($BoxLength,$Script:ButtonHeight) $Script:CloseButton.TabIndex = 1 $Script:CloseButton.Text = "Cancel/Close" $Script:CloseButton.Add_Click({$Script:Form.close();$Stop = $true}) $Script:Form.Controls.Add($Script:CloseButton) #--[ EXECUTE Button ]------------------------------------------------------------------------ $Script:ProcessButton = new-object System.Windows.Forms.Button $Script:ProcessButton.Location = new-object System.Drawing.Size(($Script:FormHCenter-($BoxLength/2)+94),$LineLoc) $Script:ProcessButton.Size = new-object System.Drawing.Size($BoxLength,$Script:ButtonHeight) $Script:ProcessButton.Text = "Execute" $Script:ProcessButton.Enabled = $False $Script:ProcessButton.Font = $Script:ButtonFont $Script:ProcessButton.TabIndex = 5 $Script:ProcessButton.Add_Click({ #--[ RSAT Tool Definitions ]------------------------------------------------------------------ $ToolList = @() #--[ Array of separate items to allow easy addition or removal. Comment out lines for tools you don't want loaded ]-- #$ToolList += "dsac.exe" #--[ Active Directory Administrative Center ]-- $ToolList += "dsa.msc" #--[ Active Directory Users and Computers ]-- #$ToolList += "domain.msc" #--[ Active Directory Domains and Trusts ]-- #$ToolList += "dssite.msc" #--[ Active Directory Sites and Services ]-- $ToolList += "gpmc.msc" #--[ Group Policy Management ]-- $ToolList += "dhcpmgmt.msc" #--[ DHCP Manager ]-- $ToolList += "dnsmgmt.msc" #--[ DNS Manager ]-- $ToolList += "dfsmgmt.msc" #--[ DFS Manager ]-- #$ToolList += "vmw.exe" #--[ Volume Activation Tools ]-- #$ToolList += "printmanagement.msc" #--[ Print Management ]-- #$ToolList += "nlbmgr.exe" #--[ Network Load Balancing Manager ]-- #$ToolList += "secpol.msc /s" #--[ Local Security Policy ]-- #$ToolList += "iscsicpl.exe" #--[ iSCSI Initiator ]-- #$ToolList += "fsrm.msc" #--[ File Server Resource Manager ]-- #$ToolList += "Cluadmin.msc" #--[ Failover Cluster Manager ]-- #$ToolList += "ClusterUpdateUI.exe" #--[ Cluster Aware Updating ]-- #$ToolList += "certsrv.msc" #--[ Certification Authority ]-- #$ToolList += "adsiedit.msc" #--[ ADSI Edit ]-- #------------------------------------------------------------------------------------------------- $ToolPath = "c:\windows\system32\" [Environment]::CurrentDirectory = (Get-Location -PSProvider FileSystem).ProviderPath $Result = disable-UEV #--[ Microsoft UE-V (User Experience Virtualization) is a tool that enables users to move from one Windows ]-- #--[ device to another and maintain the same operating system (OS) and applications settings. (i.e roaming) ]-- If ($Result -Like "*successfully*"){ If ($Console){Write-host $Result -Foregroundcolor Green} }Else{ If ($Console){Write-Host "There was an error disabling UE-V" -ForegroundColor Red} } ForEach ($Tool in $ToolList){ #If (!(Get-Process $Tool.Split(".")[0])){ --[ Unfortunately most of these use the MMC which is the process detected ]-- If ($Console){write-host "`n-------------------------------------------------------------------`n"} If ($Tool.Split(" ").count -gt 1){ #--[ Check if there is a space in the tool command meaning some sort of argument ]-- $Arg = $Tool.Split(" ")[1] $Tool = $Tool.Split(" ")[0] If ($Tool.Split('.')[1] -eq "exe"){ $Command = 'Start-Process "'+($ToolPath+$Tool+" "+$Arg)+'" -verb runas -WindowStyle hidden' }Else{ $Command = 'Start-Process mmc.exe -verb runas -argument "'+($ToolPath+$Tool+" "+$Arg)+'" -WindowStyle hidden' } }Else{ If ($Tool.Split('.')[1] -eq "exe"){ $Command = 'Start-Process '+($ToolPath+$Tool)+' -verb runas -WindowStyle hidden' }Else{ $Command = 'Start-Process mmc.exe -verb runas -argument '+($ToolPath+$Tool)+' -WindowStyle hidden' } } If (Test-Path -Path ($ToolPath+$Tool)) { Start-Process powershell.exe -Credential $Script:SC -ArgumentList $Command -WindowStyle Hidden #-NoNewWindow If ($Console){write-host "Tool $Tool is starting..." -ForegroundColor Green} }Else{ If ($Console){write-host "Tool $Tool was not found..." -ForegroundColor Red} } } $Script:Form.Close() }) $Script:Form.Controls.Add($Script:ProcessButton) #--[ Open Form ]-- $Script:Form.topmost = $true $Script:Form.Add_Shown({$Script:Form.Activate()}) [void] $Script:Form.ShowDialog() if($Script:Stop -eq $true){$Script:Form.Close();break;break} |