52Merc

ESET Secure Authenticator

Recommended Posts

Hello...

Does anybody know how to disable an ActiveDirectory users hard token setting using Powershell?  I have a PS script that disables a users account when they leave the company - everything works fine except figuring out the ESET SecAuth application is holding me back from finishing. 

Quote

# Imports module for running commandlets against Active Directory, and inputs user name
# into variable.
# Enter-PSSession DomainController // Need to run this commandlet from your local
# machine first.

Echo "You are about to disable a user account. Verify your information!"
Read-Host "Press ENTER to continue."
Import-module ActiveDirectory
$User1 = Read-Host -Prompt 'Enter the username of the employee you wish to change'

# Disables named users ActiveDirectory Account.
# "Locked Account" does not show but need to right click to enable
 Disable-ADAccount -Identity $User1

# Adds AD group "Disabled Users" to named user group membership
 Add-ADGroupMember -Identity 'Disabled Users' -Member $User1

# Set named users primary group to "Disabled Users" 
 Set-ADUser -Identity $User1 -Replace @{PrimaryGroupID="0000"}

# Removes groups assigned to named users membership
 Get-ADUser -Identity $User1 -Properties MemberOf | ForEach-Object {
  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
 }

# Changes named users password based on Administrators input
 $newpwd = Read-Host "Enter the new password" -AsSecureString -WhatIf
 Set-ADAccountPassword $User1 -NewPassword $newpwd Reset -WhatIf

# Moves named user from current OU to "Employee DISABLED\DISABLED" container
 get-aduser $User1 | move-adobject -targetpath
 "ou=DISABLED,ou=Employee DISABLED,dc=DOMAINNAME,dc=com"

# Much respect due to the onesixooh!
 Read-Host "Press ENTER to finish"
 Write-Host "    **********************************************************
       >>>    Get the money.  Dolla dolla bill y'all.   <<<

    **********************************************************"

 

Share this post


Link to post
Share on other sites

Hello


In ESA 2.7, use RevokeHardTokenFromUser API call (see API documentation for the API usage and the usage of the method).

Regards

vladimir

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.