Forcing ATCTS Compliance via Automation

Get-ADUser -Filter (‘UserPrincipalName -Like “‘ + $user + ‘*”’)
#Get the list
$Users = Get-Content .\IABadBoys.csv
#Process the list
ForEach ($user in $users)
{
#Get the user’s info from AD
#Example: (‘GivenName -like “‘ + $name + ‘*”’)
$info = Get-ADUser -Filter (‘UserPrincipalName -Like “‘ + $user + ‘*”’) -Properties * | Select-Object EmailAddress
“‘($info)’” >> Email.csv
}
  • Save the *.csv in ‘C:\Users\Public\Documents’
  • Run PowerShell_ISE as your Privileged User
  • ‘cd C:\Users\Public\Documents’
  • Copy/paste the script & run it
#Disable IA Bad Boys given a CSV containing their DoD ID #s
#Run this with care, recommend test driving it on a short list of non-VIPs initially
#Get the list
$Users = Get-Content .\IABadBoys.csv
#Process the list
ForEach ($user in $users)
{
$BadBoy = (Get-ADUser -Filter (‘UserPrincipalName -Like “‘ + $user + ‘*”’) -Properties *).SamAccountName
$ADM = $env:USERNAME
$date = date
Set-ADAccountExpiration -DateTime $date -Identity $BadBoy -Confirm
Set-ADUser -Identity $BadBoy -Description “Expired for IA noncompliance on $date by $ADM”
}
#Disable IA Bad Boys given a CSV containing their DoD ID #s
#Run this with care, recommend test driving it on a short list of non-VIPs initially
#Get the list
$Users = Get-Content .\IABadBoys.csv
#Process the list
ForEach ($user in $users)
{
$BadBoy = (Get-ADUser -Filter (‘UserPrincipalName -Like “‘ + $user + ‘*”’) -Properties *).SamAccountName
Disable-ADAccount -Identity $BadBoy -Confirm
$ADM = $env:USERNAME
$date = date
Set-ADUser -Identity $BadBoy -Description “Expired for IA noncompliance on $date by $ADM”
}

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rich

Rich

15 Followers

I work various IT jobs & like Windows domain security as a hobby. Most of what’s here is my notes from work or the lab.