52Merc 0 Posted June 13, 2018 Share Posted June 13, 2018 Hello... Does anybody know how to disable an ActiveDirectory users hard token setting using Powershell? I have a PS script that disables a users account when they leave the company - everything works fine except figuring out the ESET SecAuth application is holding me back from finishing. Quote # Imports module for running commandlets against Active Directory, and inputs user name # into variable. # Enter-PSSession DomainController // Need to run this commandlet from your local # machine first. Echo "You are about to disable a user account. Verify your information!" Read-Host "Press ENTER to continue." Import-module ActiveDirectory $User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change' # Disables named users ActiveDirectory Account. # "Locked Account" does not show but need to right click to enable Disable-ADAccount -Identity $User1 # Adds AD group "Disabled Users" to named user group membership Add-ADGroupMember -Identity 'Disabled Users' -Member $User1 # Set named users primary group to "Disabled Users" Set-ADUser -Identity $User1 -Replace @{PrimaryGroupID="0000"} # Removes groups assigned to named users membership Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object { $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false } # Changes named users password based on Administrators input $newpwd = Read-Host "Enter the new password" -AsSecureString -WhatIf Set-ADAccountPassword $User1 -NewPassword $newpwd –Reset -WhatIf # Moves named user from current OU to "Employee DISABLED\DISABLED" container get-aduser $User1 | move-adobject -targetpath "ou=DISABLED,ou=Employee DISABLED,dc=DOMAINNAME,dc=com" # Much respect due to the onesixooh! Read-Host "Press ENTER to finish" Write-Host " ********************************************************** >>> Get the money. Dolla dolla bill y'all. <<< **********************************************************" Link to comment Share on other sites More sharing options...
ESET Staff VladimirVladimir 14 Posted June 15, 2018 ESET Staff Share Posted June 15, 2018 Hello In ESA 2.7, use RevokeHardTokenFromUser API call (see API documentation for the API usage and the usage of the method). Regards vladimir Link to comment Share on other sites More sharing options...
Recommended Posts