Does anybody know how to disable an ActiveDirectory users hard token setting using Powershell? I have a PS script that disables a users account when they leave the company - everything works fine except figuring out the ESET SecAuth application is holding me back from finishing.
Quote
# Imports module for running commandlets against Active Directory, and inputs user name# into variable.# Enter-PSSession DomainController // Need to run this commandlet from your local# machine first.Echo"You are about to disable a user account. Verify your information!"Read-Host"Press ENTER to continue."Import-module ActiveDirectory
$User1 =Read-Host-Prompt'Enter the username of the employee you wish to change'# Disables named users ActiveDirectory Account.# "Locked Account" does not show but need to right click to enableDisable-ADAccount-Identity $User1
# Adds AD group "Disabled Users" to named user group membershipAdd-ADGroupMember-Identity'Disabled Users'-Member $User1
# Set named users primary group to "Disabled Users" Set-ADUser-Identity $User1 -Replace@{PrimaryGroupID="0000"}# Removes groups assigned to named users membershipGet-ADUser-Identity $User1 -PropertiesMemberOf|ForEach-Object{
$_.MemberOf|Remove-ADGroupMember-Members $_.DistinguishedName-Confirm:$false
}# Changes named users password based on Administrators input
$newpwd =Read-Host"Enter the new password"-AsSecureString-WhatIfSet-ADAccountPassword $User1 -NewPassword $newpwd –Reset-WhatIf# Moves named user from current OU to "Employee DISABLED\DISABLED" container
get-aduser $User1 | move-adobject -targetpath
"ou=DISABLED,ou=Employee DISABLED,dc=DOMAINNAME,dc=com"# Much respect due to the onesixooh!Read-Host"Press ENTER to finish"Write-Host" **********************************************************
>>> Get the money. Dolla dolla bill y'all. <<<
**********************************************************"
ESET Secure Authenticator
in ESET Products for Windows Servers
Posted
Hello...
Does anybody know how to disable an ActiveDirectory users hard token setting using Powershell? I have a PS script that disables a users account when they leave the company - everything works fine except figuring out the ESET SecAuth application is holding me back from finishing.