PowerShell tool - Quick AD Support (QADS)
https://www.systanddeploy.com/2018/10/powershell-tool-quick-ad-support-qads.html
In this post, I will show you a tool I created, that allows you to display informations about a user or computer from Active Directory quickly from the systray. It will also allows you to do some actions like unlock user account, change password and view group membership for a user.
Why this tool ?
I know that there are many ways to do that, from the PS1 console, from the AD GUI...
I was looking for a solution that allows me to get quickly infos about user or computer.
For instance, mann is this user locked ? Or when will my password expired ?
That's why I created i quick tool that allows you to get several informations.
How to get it ?
Available infos/Actions
- Is account enabled ?
- Is account locked ?
- Is password expired ?
- Display name
- Logon account name
- Password last change
- Password expiration date
- Last logon date
- User OU
- User department
- User mail
- User office
- Last bad password attempt
- Account created on
- Account changed on
- Can user change password ?
- Password never expires ?
- Unlock a user
- Enable / Disable an user
- Delete an user
- Change user password
- View user groups
- Is computer locked ?
- Is computer reachable ?
- Computer name
- Last logon date
- Computer OU
- Computer SID
- DNS hostname
- Canonical name
- Primary group
- Location
- Object category
- Description
- OS version
- OS
- IP
- Account created on
- Account changed on
- Enable / Disable computer
- View computer groups
- Is account locked ?
- Is password expired ?
- Display name
- Logon account name
- Password last change
- Password expiration date
- Last logon date
- User OU
- User department
- User mail
- User office
- Last bad password attempt
- Account created on
- Account changed on
- Can user change password ?
- Password never expires ?
User actions
The user GUI allows you the below actions (in order):- Unlock a user
- Enable / Disable an user
- Delete an user
- Change user password
- View user groups
Computer informations
- Is computer enabled ?- Is computer locked ?
- Is computer reachable ?
- Computer name
- Last logon date
- Computer OU
- Computer SID
- DNS hostname
- Canonical name
- Primary group
- Location
- Object category
- Description
- OS version
- OS
- IP
- Account created on
- Account changed on
Computer actions
- Unlock computer- Enable / Disable computer
- View computer groups
Context
You want to see quickly informations about a specific user or computer, like is this user locked, enabled...
You have an icon on your systray, as below:
A right click on it will offer you different possibilities, as below:
- User Analyze
- Computer Analyze
- About
- Restart the tool
- Exit
Prerequisites
2 / Your computer should be integrated in AD domain.
3 / For now the ActiveDirectory module is required, if you have installed RSAT it should works.
I'll provide a new version without module requirement
4 / For some actions (unlock, enable, change password) you will need to run the tool with an account with enough rights. In the next version I'll add a credentials part.
How to run the tool ?
If you run the just just using QADS.ps1 you may have issues as below:
To resolve this, run with powershell .\QADS.ps1, as below:
If you still have issues check if files are not blocked during the download.
To to that do a right-click on files in the Quick_AD_Support folder, ps1 but also files in assembly, resources and QADS_Systray folders.
To unblock all files directly, proceed as below:
C:\ProgramData\Quick_AD_Support Recurse | Unblock-File
You can find a post I did about that here.
If you still have some errors, run the file Run_QADS.ps1
Once it's done no GUI will be displayed, but an icon will be added in your systray, as below:
You may have to click on the arrow as below:
I explained how to display it beside of the hour later in the post.
In order to automatize the process, I recommand you to create a scheduled task that will run the PS1 at logon.
How to use it ?
2 / Run the file: QADS.ps1, right click or powershell .\qads.ps1 (not in ISE)
3 / Then the below icon will be displayed
User part
View user informations
If you want to get informations about a specific user, proceed as below:
1 / Do a right click on the icon and select User analyze
2 / The below GUI will be displayed
3 / Type the user name, account or name, see below example
4 / Click on the search button
5 / If the specified user has been found, informations will be displayed as below
If there are multiple account with the same name, the GUI will be displayed as below, just double click on the target account.
Unlock an user account
In case you want to check if a user is locked or not, proceed as below
1 / Type the user name
2 / In the basic infos check the locked status
3 / If the account is locked, use the action part
4 / In the action part, click on the first button. See it below in action:
Change user password
In case you want to change user password, proceed as below
1 / Type the user name
2 / In the action part, click on the violet button below:
3 / A new part will be available to enter the new password, see it in action
4 / Type the new password twice and click on the button.
Enable/Disable an user
1 / Type the user name
2 / If the user account is not enabled, it will be displayed as below, with status in red, and more options part will be opened.
3 / In the action part, click on the Enable button, as below:
View group membership
The tool allow you to view in which group does a specific user belong. To do that proceed as below:
1 / Type the user name
2 / In the action part, click on the view group button
3 / A new part will display group in which the user belong, as below
Computer part
View computer informations
If you want to get informations about a specific computer, proceed as below:
1 / Do a right click on the icon and select Computer analyze
2 / The below GUI will be displayed
3 / Type the computer name, see below example
4 / Click on the search button
5 / If the specified computer has been found, informations will be displayed as below
Unlock a computer account
In case you want to check if a computer is locked or not, proceed as below
1 / Type the computer name
2 / In the basic infos check the locked status
3 / If the account is locked, use the action part
4 / In the action part, click on the last button, as below
Enable/Disable a computer
1 / Type the computer name
2 / If the computer account is not enabled, it will be displayed as below, with status in red, and more options part will be opened.
3 / In the action part, click on the Enable button, as below
View group membership
The tool allow you to view in which group does a specific computer belong.
To do that proceed as below:
1 / Type the computer name
2 / In the action part, click on the button below
See below an example
3 / A new part will display group in which the computer belong
Restart the tool
2 / Kill the tool process
3 / Close the tool
4 / Wait 10 seconds
5 / Starts again the ps1 file
Customize the logo
Display icon in systray
In the search bar type "Notification"
Then choose "Taskbar notification area" as below:
Then choose "Select which icons appear on the taskbar"
Now, check the QADS is enabled, as below
What's next ?
- Send report by mail
- Save infos in XLSX or CSV
- Display all inactive users since x days- Save infos in XLSX or CSV
- Display all inactive computers since x days
- Display all disable users since x days
- Display all disable computers since x days
- Disable all users that have password expired
- Display all computer depending of OS
- Display all computers on which a user has logged on
2 commentaires
Super taff!!!!!!
Merci Christian :-)
Enregistrer un commentaire