$username = "skan"

$nazwa_folderu = "SKAN"

$this_dir = pwd

$lokalizacja_folderu = [Environment]::GetFolderPath("Desktop")

If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))

{

  # Relaunch as an elevated process:

  Start-Process powershell.exe "-File",('"{0}"' -f $MyInvocation.MyCommand.Path) -Verb RunAs

  exit

}

###

$oc_i = "yellow"

$oc_d = "blue"

$oc_o = "green"

$computername = "$env:computername"

$account = $env:computername + "\" + $username

## interactive password # $Password = Read-Host -AsSecureString

$fq_place = "$lokalizacja_folderu\$nazwa_folderu"

$Password = "$haslo" | ConvertTo-SecureString -AsPlainText -Force

function write-text($ForegroundColor) {

    $fc = $host.UI.RawUI.ForegroundColor;$host.UI.RawUI.ForegroundColor = $ForegroundColor

    if ($args) { Write-Output $args }else { $input | Write-Output }

    $host.UI.RawUI.ForegroundColor = $fc

}

function 1_user_create {

    [CmdletBinding()]

    param ( [string]$username, [SecureString]  $Password)

    if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )

    { 

        Remove-LocalUser -Name $username 

        write-text $oc_d "User deleted"

    }   

    New-LocalUser -Name "$username" -Password $Password -FullName "$username"

    write-text $oc_d "User created"

}

function 1B_user_repair {

    [CmdletBinding()]

    param ( [string]$username )

    if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )

    { 

        set-localuser -name "$username" -password $Password 

        write-text $oc_d "Change password for user"

    } 

    else  

    {

        write-text $oc_d "User don't exist!"

    }

}

function 2_user_hide {

    [CmdletBinding()]

    param ( [string]$username )

    set-localuser -Name $username -PasswordNeverExpires:$TRUE  

    write-text $oc_d "User password never expires"

    [CmdletBinding()]

    New-Item -ItemType Directory -Force -Path "$fq_place"

    write-text $oc_d "Directory created"

}

function 5_share_create {

    [CmdletBinding()]

    param ( [string]$nazwa_folderu,

            [string]$fq_place,

            [string]$account

    )

     $ust_udzialu  = @{ 'Name' = $nazwa_folderu;

                        'Path' = "$fq_place";

                        'FullAccess' = "$account"

                    }

    if ( Get-SmbShare -Name "$nazwa_folderu" -ErrorAction SilentlyContinue )

    { Remove-SmbShare -Name "$nazwa_folderu" -force }

    # New-SmbShare $ust_udzialu

    New-SmbShare -Name "$nazwa_folderu" -Path "$fq_place" -FullAccess "$account"

    write-text $oc_d "Share created"

}

function 6_win_lower_cypher {

    $locat2 = 'hklm:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0'

    if (Test-Path $locat2) {

    $Key = Get-Item -LiteralPath "$locat2"

    if ($Key.GetValue("NtlmMinClientSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinClientSec" -PropertyType DWORD -Value '0' }

    if ($Key.GetValue("NtlmMinServerSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinServerSec" -PropertyType DWORD -Value '0' }

    }

    else

    { write-text red "there is no $($locat2)" }

    write-text $oc_d "lowered minimum cypher"

}

function 7_win_net_private {

    if ( -not ( "PRIVATE" -like (Get-NetconnectionProfile | select-object NetworkCategory).networkcategory) ) {

        Get-NetconnectionProfile | Set-NetconnectionProfile -NetworkCategory Private

        write-text $oc_o "network set as private"

      }

      else { write-text $oc_d "network was already as private" }

}

function 8_win_smb1_set {

    if ( "Enabled" -eq (Get-WindowsOptionalFeature -online -FeatureName "SMB1protocol-server" | select-object -property state).state ) `

    { write-text $oc_d "smb1 is installed" }

    else {

    Enable-WindowsOptionalFeature -Online -FeatureName "SMB1Protocol" -All; 

    write-text $oc_o "enabled smb1"

    }

}

function A_get_user_info {

    write-text $oc_d "Username = $username"

    write-text $oc_d "haslo = $haslo"

    write-text $oc_d "nazwa udzialu = $nazwa_folderu"

}

function B_get_interface_info {

    get-NetIPInterface `

    | where-object { ( $_.addressfamily -like "IPv4" ) -and ( $_.ConnectionState -eq "Connected" ) } `

    | select-object ifindex, ifalias, dhcp, connectionstate `

    | ForEach-Object `

    {

    Get-NetIPAddress -interfaceindex $_.ifindex `

    | where-object { ( $_.addressfamily -like "ipv4" ) -and ( -not ( $_.IPv4Address -like '127.0.0.1' )) } `

    | Select-Object prefixorigin, suffixorigin, type, store, addressstate, ipv4address -outvariable lol `

    | Out-Null ;

    Get-NetAdapter -interfaceindex $_.ifindex -erroraction ignore | select-object interfacedescription, macaddress -outvariable out | out-null;

    $members = @{"Connectionstate" = $_.connectionstate;

        "DHCP"                       = $_.dhcp;

        "ifalias"                    = $_.ifalias;

        "InterfaceDescription"       = $out.interfacedescription;

        "macaddress"                 = $out.macaddress;

        "hostname"                   = $env:computername

    }

    if ( $lol.ipv4address ) { write-text red "\\$($lol.ipv4address)\$($scan_smbdir)" }

    if ( $lol -ne $null ) {

        $lol | add-member -notepropertymembers $members

        $lol | Format-table -wrap hostname, ifalias, dhcp, ipv4address, addressstate, connectionstate, macaddress, interfacedescription #-HideTableHeaders

    }

    }

}

function C_spooler_restart {

    Restart-Service -Name Spooler -Force

}

function D_spooler_clear {

    Stop-Service -Name Spooler -Force

    Move-Item -Path "$env:SystemRoot\System32\spool\PRINTERS\*.*" -Destination 'C:\demo\new' -Force

}

function E_check_user {

    param ( [string] $username, [string]  $password)

    if ( i_check_user $username $password ) {write-text "GREEN" "Account creditentials OK"

    }

    else {

        write-text "RED" "BAD creditentials"

    }

}

function i_check_user {

    param ( [string] $username, [string]  $password)

    $computer = $env:COMPUTERNAME

    Add-Type -AssemblyName System.DirectoryServices.AccountManagement

    $obj = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('machine',$computer)

    $obj.ValidateCredentials($username, $password)

}

# set_user $username

# set_share $nazwa_folderu $fq_place $account

# set_directory $fq_place

$menu=@"

   0  ALL

   1  user: create profile

   2  user: hide profile from windows logon

   3  user: set password to never expire & user can't change password themselves

   4  directory: create on desktop

   5  share: create share

   6  windows: lower cypher on sharing

   7  windows: set network to private

   8  windows components: enable smb1 server

   9  repair user

   A  get user info

   B  get interface info

   Q  Quit

Select a task by number or Q to quit

"@

Function Invoke-Menu {

    [cmdletbinding()]

    Param(

    [Parameter(Position=0,Mandatory=$True,HelpMessage="Enter your menu text")]

    [ValidateNotNullOrEmpty()]

    [string]$Menu,

    [Parameter(Position=1)]

    [ValidateNotNullOrEmpty()]

    [string]$Title = "My Menu",

    [Alias("cls")]

    [switch]$ClearScreen

    )

    #clear the screen if requested

    # if ($ClearScreen) { Clear-Host  }

    #build the menu prompt

    $menuPrompt = $title

    #add a return

    $menuprompt+="`n"

    #add an underline

    $menuprompt+="-"*$title.Length

    #add another return

    $menuprompt+="`n"

    #add the menu

    $menuPrompt+=$menu

    Read-Host -Prompt $menuprompt

    } #end function

Do {

    #use a Switch construct to take action depending on what menu choice

    #is selected.

    Switch (Invoke-Menu -menu $menu -title "My Help Desk Tasks" -clear) 

    {

        "0" {write-text "yellow" "all"

            1_user_create $username $Password

            2_user_hide $username

            3_user_neverexp $username

            4_directory_create $fq_place

            5_share_create $nazwa_folderu $fq_place $username

            6_win_lower_cypher

            cd $this_dir

            7_win_net_private

            8_win_smb1_set

            A_get_user_info

            B_get_interface_info

            }

        "1" {write-text "yellow" "user: create profile"

            1_user_create $username

        } 

        "2" {write-text "yellow" "user: hide profile from windows logon"

            2_user_hide $username

        }

        "3" {write-text "yellow" "user: set password to never expire & user can't change password themselves"

            3_user_neverexp $username

        }

        "4" {write-text "yellow" "directory: create on desktop"

            4_directory_create "$fq_place"

        }

        "5" {write-text "yellow" "share: create share"

            5_share_create "$nazwa_folderu" "$fq_place" "$username"

        }

        "6" {write-text "yellow"  "windows: lower cypher on sharing"

            6_win_lower_cypher

        }

        "7" {write-text "yellow" "windows: set network to private"

            7_win_net_private

        }

        "8" {write-text "yellow" "windows components: enable smb1 server"

            8_win_smb1_set

        }

        "9" {

            write-text "yellow" "repairing user"

            3_user_neverexp $username

            1B_user_repair $username

            2_user_hide $username

        }

        "A" { 

            write-text "yellow" "User Info"

            A_get_user_info

        }

        "B" { 

            write-text "yellow" "Interface"

			B_get_interface_info

        }

        "C" {

        }

        "D" {

        }

        "E" {

            E_check_user $username $haslo

        }

        "Q" {write-text "yellow" "Goodbye"

        Return

        }

        Default {

            Write-Warning "Invalid Choice. Try again."

            sleep -milliseconds 750

        }

    }

} While ($True)