Jump to content


This topic is now archived and is closed to further replies.


ESET Secure Authenticator

Recommended Posts


Does anybody know how to disable an ActiveDirectory users hard token setting using Powershell?  I have a PS script that disables a users account when they leave the company - everything works fine except figuring out the ESET SecAuth application is holding me back from finishing. 


# Imports module for running commandlets against Active Directory, and inputs user name
# into variable.
# Enter-PSSession DomainController // Need to run this commandlet from your local
# machine first.

Echo "You are about to disable a user account. Verify your information!"
Read-Host "Press ENTER to continue."
Import-module ActiveDirectory
$User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change'

# Disables named users ActiveDirectory Account.
# "Locked Account" does not show but need to right click to enable
 Disable-ADAccount -Identity $User1

# Adds AD group "Disabled Users" to named user group membership
 Add-ADGroupMember -Identity 'Disabled Users' -Member $User1

# Set named users primary group to "Disabled Users" 
 Set-ADUser -Identity $User1 -Replace @{PrimaryGroupID="0000"}

# Removes groups assigned to named users membership
 Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object {
  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false

# Changes named users password based on Administrators input
 $newpwd = Read-Host "Enter the new password" -AsSecureString -WhatIf
 Set-ADAccountPassword $User1 -NewPassword $newpwd Reset -WhatIf

# Moves named user from current OU to "Employee DISABLED\DISABLED" container
 get-aduser $User1 | move-adobject -targetpath
 "ou=DISABLED,ou=Employee DISABLED,dc=DOMAINNAME,dc=com"

# Much respect due to the onesixooh!
 Read-Host "Press ENTER to finish"
 Write-Host "    **********************************************************
       >>>    Get the money.  Dolla dolla bill y'all.   <<<



Share this post

Link to post
Share on other sites


In ESA 2.7, use RevokeHardTokenFromUser API call (see API documentation for the API usage and the usage of the method).



Share this post

Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...