smb-zel

1. $username = "skan"
2. $haslo = '$kan123..'
3. $nazwa_folderu = "SKAN"
4.  
5. $this_dir = pwd
6. $lokalizacja_folderu = [Environment]::GetFolderPath("Desktop")
7.  
8. If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
9. {
10.   # Relaunch as an elevated process:
11.   Start-Process powershell.exe "-File",('"{0}"' -f $MyInvocation.MyCommand.Path) -Verb RunAs
12.   exit
13. }
14.  
15.  
16. ###
17.  
18. $oc_i = "yellow"
19. $oc_d = "blue"
20. $oc_o = "green"
21.  
22. $computername = "$env:computername"
23. $account = $env:computername + "\" + $username
24. ## interactive password # $Password = Read-Host -AsSecureString
25. $fq_place = "$lokalizacja_folderu\$nazwa_folderu"
26. $Password = "$haslo" | ConvertTo-SecureString -AsPlainText -Force
27.  
28.  
29. function write-text($ForegroundColor) {
30.     $fc = $host.UI.RawUI.ForegroundColor;$host.UI.RawUI.ForegroundColor = $ForegroundColor
31.     if ($args) { Write-Output $args }else { $input | Write-Output }
32.     $host.UI.RawUI.ForegroundColor = $fc
33. }
34.  
35. function 1_user_create {
36.     [CmdletBinding()]
37.     param ( [string]$username, [SecureString]  $Password)
38.     if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
39.     {
40.         Remove-LocalUser -Name $username
41.         write-text $oc_d "User deleted"
42.     }  
43.     New-LocalUser -Name "$username" -Password $Password -FullName "$username"
44.     write-text $oc_d "User created"
45. }
46.  
47.  
48. function 1B_user_repair {
49.     [CmdletBinding()]
50.     param ( [string]$username )
51.     if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
52.     {
53.         set-localuser -name "$username" -password $Password
54.         write-text $oc_d "Change password for user"
55.     }
56.     else  
57.     {
58.         write-text $oc_d "User don't exist!"
59.     }
60. }
61. function 2_user_hide {
62.     [CmdletBinding()]
63.     param ( [string]$username )
64. }
65.  
66. function 3_user_neverexp {
67.     [CmdletBinding()]
68.     param ( [string]$username )
69.     set-localuser -Name $username -PasswordNeverExpires:$TRUE  
70.     set-localuser -Name $username -UserMayChangePassword:$FALSE
71.     write-text $oc_d "User password never expires"
72. }
73.  
74. function 4_directory_create {
75.     [CmdletBinding()]
76.     param ( [string]$fq_place )
77.     New-Item -ItemType Directory -Force -Path "$fq_place"
78.     write-text $oc_d "Directory created"
79. }
80.  
81. function 5_share_create {
82.     [CmdletBinding()]
83.     param ( [string]$nazwa_folderu,
84.             [string]$fq_place,
85.             [string]$account
86.     )
87.  
88.      $ust_udzialu  = @{ 'Name' = $nazwa_folderu;
89.                         'Path' = "$fq_place";
90.                         'FullAccess' = "$account"
91.                     }
92.  
93.     if ( Get-SmbShare -Name "$nazwa_folderu" -ErrorAction SilentlyContinue )
94.     { Remove-SmbShare -Name "$nazwa_folderu" -force }
95.     # New-SmbShare $ust_udzialu
96.     New-SmbShare -Name "$nazwa_folderu" -Path "$fq_place" -FullAccess "$account"
97.     write-text $oc_d "Share created"
98. }
99.  
100. function 6_win_lower_cypher {
101.     $locat2 = 'hklm:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0'
102.     if (Test-Path $locat2) {
103.     $Key = Get-Item -LiteralPath "$locat2"
104.     if ($Key.GetValue("NtlmMinClientSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinClientSec" -PropertyType DWORD -Value '0' }
105.     if ($Key.GetValue("NtlmMinServerSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinServerSec" -PropertyType DWORD -Value '0' }
106.     }
107.     else
108.     { write-text red "there is no $($locat2)" }
109.     write-text $oc_d "lowered minimum cypher"
110. }
111.  
112. function 7_win_net_private {
113.     if ( -not ( "PRIVATE" -like (Get-NetconnectionProfile | select-object NetworkCategory).networkcategory) ) {
114.         Get-NetconnectionProfile | Set-NetconnectionProfile -NetworkCategory Private
115.         write-text $oc_o "network set as private"
116.       }
117.       else { write-text $oc_d "network was already as private" }
118. }
119.  
120. function 8_win_smb1_set {
121.     if ( "Enabled" -eq (Get-WindowsOptionalFeature -online -FeatureName "SMB1protocol-server" | select-object -property state).state ) `
122.     { write-text $oc_d "smb1 is installed" }
123.     else {
124.     Enable-WindowsOptionalFeature -Online -FeatureName "SMB1Protocol" -All;
125.     write-text $oc_o "enabled smb1"
126.     }
127. }
128.  
129. function A_get_user_info {
130.     write-text $oc_d "Username = $username"
131.     write-text $oc_d "haslo = $haslo"
132.     write-text $oc_d "nazwa udzialu = $nazwa_folderu"
133. }
134.  
135. function B_get_interface_info {
136.     get-NetIPInterface `
137.     | where-object { ( $_.addressfamily -like "IPv4" ) -and ( $_.ConnectionState -eq "Connected" ) } `
138.     | select-object ifindex, ifalias, dhcp, connectionstate `
139.     | ForEach-Object `
140.     {
141.     Get-NetIPAddress -interfaceindex $_.ifindex `
142.     | where-object { ( $_.addressfamily -like "ipv4" ) -and ( -not ( $_.IPv4Address -like '127.0.0.1' )) } `
143.     | Select-Object prefixorigin, suffixorigin, type, store, addressstate, ipv4address -outvariable lol `
144.     | Out-Null ;
145.     Get-NetAdapter -interfaceindex $_.ifindex -erroraction ignore | select-object interfacedescription, macaddress -outvariable out | out-null;
146.     $members = @{"Connectionstate" = $_.connectionstate;
147.         "DHCP"                       = $_.dhcp;
148.         "ifalias"                    = $_.ifalias;
149.         "InterfaceDescription"       = $out.interfacedescription;
150.         "macaddress"                 = $out.macaddress;
151.         "hostname"                   = $env:computername
152.     }
153.     if ( $lol.ipv4address ) { write-text red "\\$($lol.ipv4address)\$($scan_smbdir)" }
154.     if ( $lol -ne $null ) {
155.         $lol | add-member -notepropertymembers $members
156.         $lol | Format-table -wrap hostname, ifalias, dhcp, ipv4address, addressstate, connectionstate, macaddress, interfacedescription #-HideTableHeaders
157.     }
158.     }
159.  
160. }
161.  
162. function C_spooler_restart {
163.     Restart-Service -Name Spooler -Force
164. }
165.  
166. function D_spooler_clear {
167.     Stop-Service -Name Spooler -Force
168.     Move-Item -Path "$env:SystemRoot\System32\spool\PRINTERS\*.*" -Destination 'C:\demo\new' -Force
169. }
170.  
171. function E_check_user {
172.     param ( [string] $username, [string]  $password)
173.     if ( i_check_user $username $password ) {write-text "GREEN" "Account creditentials OK"
174.        
175.     }
176.     else {
177.         write-text "RED" "BAD creditentials"
178.     }
179.    
180. }
181.  
182. function i_check_user {
183.     param ( [string] $username, [string]  $password)
184.     $computer = $env:COMPUTERNAME
185.     Add-Type -AssemblyName System.DirectoryServices.AccountManagement
186.     $obj = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('machine',$computer)
187.     $obj.ValidateCredentials($username, $password)
188. }
189.  
190.  
191. # set_user $username
192. # set_share $nazwa_folderu $fq_place $account
193. # set_directory $fq_place
194.  
195. $menu=@"
196.   0  ALL
197.  
198.   1  user: create profile
199.   2  user: hide profile from windows logon
200.   3  user: set password to never expire & user can't change password themselves
201.   4  directory: create on desktop
202.   5  share: create share
203.   6  windows: lower cypher on sharing
204.   7  windows: set network to private
205.   8  windows components: enable smb1 server
206.  
207.   9  repair user
208.  
209.   A  get user info
210.   B  get interface info
211.  
212.   Q  Quit
213.  
214. Select a task by number or Q to quit
215. "@
216.  
217. Function Invoke-Menu {
218.     [cmdletbinding()]
219.     Param(
220.     [Parameter(Position=0,Mandatory=$True,HelpMessage="Enter your menu text")]
221.     [ValidateNotNullOrEmpty()]
222.     [string]$Menu,
223.     [Parameter(Position=1)]
224.     [ValidateNotNullOrEmpty()]
225.     [string]$Title = "My Menu",
226.     [Alias("cls")]
227.     [switch]$ClearScreen
228.     )
229.      
230.     #clear the screen if requested
231.     # if ($ClearScreen) { Clear-Host  }
232.      
233.     #build the menu prompt
234.     $menuPrompt = $title
235.     #add a return
236.     $menuprompt+="`n"
237.     #add an underline
238.     $menuprompt+="-"*$title.Length
239.     #add another return
240.     $menuprompt+="`n"
241.     #add the menu
242.     $menuPrompt+=$menu
243.      
244.     Read-Host -Prompt $menuprompt
245.      
246.     } #end function
247.  
248. Do {
249.     #use a Switch construct to take action depending on what menu choice
250.     #is selected.
251.     Switch (Invoke-Menu -menu $menu -title "My Help Desk Tasks" -clear)
252.     {
253.         "0" {write-text "yellow" "all"
254.             1_user_create $username $Password
255.             2_user_hide $username
256.             3_user_neverexp $username
257.             4_directory_create $fq_place
258.             5_share_create $nazwa_folderu $fq_place $username
259.             6_win_lower_cypher
260.             cd $this_dir
261.             7_win_net_private
262.             8_win_smb1_set
263.             A_get_user_info
264.             B_get_interface_info
265.             }
266.         "1" {write-text "yellow" "user: create profile"
267.             1_user_create $username
268.         }
269.         "2" {write-text "yellow" "user: hide profile from windows logon"
270.             2_user_hide $username
271.         }
272.         "3" {write-text "yellow" "user: set password to never expire & user can't change password themselves"
273.             3_user_neverexp $username
274.         }
275.         "4" {write-text "yellow" "directory: create on desktop"
276.             4_directory_create "$fq_place"
277.         }
278.         "5" {write-text "yellow" "share: create share"
279.             5_share_create "$nazwa_folderu" "$fq_place" "$username"
280.         }
281.         "6" {write-text "yellow"  "windows: lower cypher on sharing"
282.             6_win_lower_cypher
283.         }
284.         "7" {write-text "yellow" "windows: set network to private"
285.             7_win_net_private
286.         }
287.         "8" {write-text "yellow" "windows components: enable smb1 server"
288.             8_win_smb1_set
289.         }
290.         "9" {
291.             write-text "yellow" "repairing user"
292.             3_user_neverexp $username
293.             1B_user_repair $username
294.             2_user_hide $username
295.         }
296.         "A" {
297.             write-text "yellow" "User Info"
298.             A_get_user_info
299.         }
300.         "B" {
301.             write-text "yellow" "Interface"
302.             B_get_interface_info
303.         }
304.         "C" {
305.        
306.         }
307.         "D" {
308.  
309.         }
310.         "E" {
311.             E_check_user $username $haslo
312.         }
313.  
314.         "Q" {write-text "yellow" "Goodbye"
315.         Return
316.         }
317.         Default {
318.             Write-Warning "Invalid Choice. Try again."
319.             sleep -milliseconds 750
320.         }
321.     }
322. } While ($True)