Loading...

PowerShell tool - Quick AD Support (QADS)

2 A+ A-

In this post, I will show you a tool I created, that allows you to display informations about a user or computer from Active Directory quickly from the systray. It will also allows you to do some actions like unlock user account, change password and view group membership for a user.

Why this tool ?
I know that there are many ways to do that, from the PS1 console, from the AD GUI...
I was looking for a solution that allows me to get quickly infos about user or computer.
For instance, mann is this user locked ? Or when will my password expired ?
That's why I created i quick tool that allows you to get several informations.


How to get it ?




Available infos/Actions

User informations
- Is account enabled ?
- Is account locked ?
- Is password expired ?
- Display name
- Logon account name
- Password last change
- Password expiration date
- Last logon date
- User OU
- User department
- User mail
- User office
- Last bad password attempt
- Account created on
- Account changed on
- Can user change password ?
- Password never expires ?

User actions
The user GUI allows you the below actions (in order):
- Unlock a user
- Enable / Disable an user
- Delete an user
- Change user password
- View user groups


Computer informations
- Is computer enabled ?
- Is computer locked ?
- Is computer reachable ?
- Computer name
- Last logon date
- Computer OU
- Computer SID
- DNS hostname
- Canonical name
- Primary group
- Location
- Object category
- Description
- OS version
- OS
- IP
- Account created on
- Account changed on

Computer actions
- Unlock computer
- Enable / Disable computer
- View computer groups


Context
You want to see quickly informations about a specific user or computer, like is this user locked, enabled...
You have an icon on your systray, as below:

A right click on it will offer you different possibilities, as below:
- User Analyze
- Computer Analyze
- About
- Restart the tool
- Exit


Prerequisites

1 / Copy the Quick_AD_Support folder in C:\Programdata
2 / Your computer should be integrated in AD domain.
3 / For now the ActiveDirectory module is required, if you have installed RSAT it should works.
I'll provide a new version without module requirement
4 / For some actions (unlock, enable, change password) you will need to run the tool with an account with enough rights. In the next version I'll add a credentials part.

How to run the tool ?

Run the QADS.ps1 file using powershell .\QADS.ps1
If you run the just just using QADS.ps1 you may have issues as below:

To resolve this, run with powershell .\QADS.ps1, as below:

If you still have issues check if files are not blocked during the download.
To to that do a right-click on files in the Quick_AD_Support folder, ps1 but also files in assembly, resources and QADS_Systray folders.

To unblock all files directly, proceed as below:
C:\ProgramData\Quick_AD_Support Recurse | Unblock-File
You can find a post I did about that here.

If you still have some errors, run the file Run_QADS.ps1
Once it's done no GUI will be displayed, but an icon will be added in your systray, as below:
You may have to click on the arrow as below:
I explained how to display it beside of the hour later in the post.
In order to automatize the process, I recommand you to create a scheduled task that will run the PS1 at logon. 

How to use it ?

1 / Copy the Quick_AD_Support folder in C:\ProgramData
2 / Run the file: QADS.ps1, right click or powershell .\qads.ps1 (not in ISE)
3 / Then the below icon will be displayed

User part

View user informations
If you want to get informations about a specific user, proceed as below:
1 / Do a right click on the icon and select User analyze
2 / The below GUI will be displayed
3 / Type the user name, account or name, see below example
4 / Click on the search button
5 / If the specified user has been found, informations will be displayed as below



If there are multiple account with the same name, the GUI will be displayed as below, just double click on the target account.

Unlock an user account
In case you want to check if a user is locked or not, proceed as below
1 / Type the user name
2 / In the basic infos check the locked status
3 / If the account is locked, use the action part
4 / In the action part, click on the first button. See it below in action:

Change user password
In case you want to change user password, proceed as below
1 / Type the user name
2 / In the action part, click on the violet button below:
3 / A new part will be available to enter the new password, see it in action

4 / Type the new password twice and click on the button.

Enable/Disable an user
1 / Type the user name
2 / If the user account is not enabled, it will be displayed as below, with status in red, and more options part will be opened.
3 / In the action part, click on the Enable button, as below:

View group membership
The tool allow you to view in which group does a specific user belong. To do that proceed as below:
1 / Type the user name
2 / In the action part, click on the view group button 
3 / A new part will display group in which the user belong, as below



Computer part

View computer informations
If you want to get informations about a specific computer, proceed as below:
1 / Do a right click on the icon and select Computer analyze
2 / The below GUI will be displayed
3 / Type the computer name, see below example
4 / Click on the search button
5 / If the specified computer has been found, informations will be displayed as below


Unlock a computer account
In case you want to check if a computer is locked or not, proceed as below
1 / Type the computer name
2 / In the basic infos check the locked status
3 / If the account is locked, use the action part
4 / In the action part, click on the last button, as below

Enable/Disable a computer
1 / Type the computer name
2 / If the computer account is not enabled, it will be displayed as below, with status in red, and more options part will be opened.
3 / In the action part, click on the Enable button, as below

View group membership
The tool allow you to view in which group does a specific computer belong. 
To do that proceed as below:
1 / Type the computer name
2 / In the action part, click on the button below
See below an example
3 / A new part will display group in which the computer belong



Restart the tool
1 / The right click option, Restart the tool, will do as below:
2 / Kill the tool process
3 / Close the tool
4 / Wait 10 seconds
5 / Starts again the ps1 file





Customize the logo

Of course you can if you want customize the tool by adding your own company logo, as below.



Display icon in systray

In order to see it directly beside of the hour for instance proceed as below:
In the search bar type "Notification"
Then choose "Taskbar notification area" as below:
Then choose "Select which icons appear on the taskbar"
Now, check the QADS is enabled, as below



What's next ?

I'm currently working on the below functionnality:
- Send report by mail
- Save infos in XLSX or CSV
- Display all inactive users since x days
- Display all inactive computers since x days
- Display all disable users since x days
- Display all disable computers since x days
- Disable all users that have password expired
- Display all computer depending of OS
- Display all computers on which a user has logged on



systray tool 5811707333390191783

Enregistrer un commentaire

2 commentaires

CHEVALIER Christian a dit…

Super taff!!!!!!

Damien Van Robaeys a dit…

Merci Christian :-)

Accueil item

Award

Sponsors

Learn KQL in one month

You want to support me ?

Mes articles en français

Books in French


Stats