setsmb

1. $username = "skan"
2. $haslo = 'skan123'
3. $nazwa_folderu = "SKAN"
4.  
5. $this_dir = pwd
6. $lokalizacja_folderu = [Environment]::GetFolderPath("Desktop")
7.  
8. If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
9. {
10. # Relaunch as an elevated process:
11. Start-Process powershell.exe "-File",('"{0}"' -f $MyInvocation.MyCommand.Path) -Verb RunAs
12. exit
13. }
14.  
15.  
16. ###
17.  
18. $oc_i = "yellow"
19. $oc_d = "blue"
20. $oc_o = "green"
21.  
22. $computername = "$env:computername"
23. $account = $env:computername + "\" + $username
24. ## interactive password # $Password = Read-Host -AsSecureString
25. $fq_place = "$lokalizacja_folderu\$nazwa_folderu"
26. $Password = "$haslo" | ConvertTo-SecureString -AsPlainText -Force
27.  
28.  
29. function write-text($ForegroundColor) {
30. $fc = $host.UI.RawUI.ForegroundColor;$host.UI.RawUI.ForegroundColor = $ForegroundColor
31. if ($args) { Write-Output $args }else { $input | Write-Output }
32. $host.UI.RawUI.ForegroundColor = $fc
33. }
34.  
35. function 1_user_create {
36. [CmdletBinding()]
37. param ( [string]$username, [SecureString] $Password)
38. if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
39. {
40. Remove-LocalUser -Name $username
41. write-text $oc_d "User deleted"
42. }
43. New-LocalUser -Name "$username" -Password $Password -FullName "$username"
44. write-text $oc_d "User created"
45. }
46.  
47.  
48. function 1B_user_repair {
49. [CmdletBinding()]
50. param ( [string]$username )
51. if ( Get-LocalUser -Name $username -ErrorAction SilentlyContinue )
52. {
53. set-localuser -name "$username" -password $Password
54. write-text $oc_d "Change password for user"
55. }
56. else
57. {
58. write-text $oc_d "User don't exist!"
59. }
60. }
61. function 2_user_hide {
62. [CmdletBinding()]
63. param ( [string]$username )
64. }
65.  
66. function 3_user_neverexp {
67. [CmdletBinding()]
68. param ( [string]$username )
69. set-localuser -Name $username -PasswordNeverExpires:$TRUE
70. set-localuser -Name $username -UserMayChangePassword:$FALSE
71. write-text $oc_d "User password never expires"
72. }
73.  
74. function 4_directory_create {
75. [CmdletBinding()]
76. param ( [string]$fq_place )
77. New-Item -ItemType Directory -Force -Path "$fq_place"
78. write-text $oc_d "Directory created"
79. }
80.  
81. function 5_share_create {
82. [CmdletBinding()]
83. param ( [string]$nazwa_folderu,
84. [string]$fq_place,
85. [string]$account
86. )
87.  
88. $ust_udzialu = @{ 'Name' = $nazwa_folderu;
89. 'Path' = "$fq_place";
90. 'FullAccess' = "$account"
91. }
92.  
93. if ( Get-SmbShare -Name "$nazwa_folderu" -ErrorAction SilentlyContinue )
94. { Remove-SmbShare -Name "$nazwa_folderu" -force }
95. # New-SmbShare $ust_udzialu
96. New-SmbShare -Name "$nazwa_folderu" -Path "$fq_place" -FullAccess "$account"
97. write-text $oc_d "Share created"
98. }
99.  
100. function 6_win_lower_cypher {
101. $locat2 = 'hklm:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0'
102. if (Test-Path $locat2) {
103. $Key = Get-Item -LiteralPath "$locat2"
104. if ($Key.GetValue("NtlmMinClientSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinClientSec" -PropertyType DWORD -Value '0' }
105. if ($Key.GetValue("NtlmMinServerSec", $null) -ne 0) { New-ItemProperty -Path "$locat2" -Name "NtlmMinServerSec" -PropertyType DWORD -Value '0' }
106. }
107. else
108. { write-text red "there is no $($locat2)" }
109. write-text $oc_d "lowered minimum cypher"
110. }
111.  
112. function 7_win_net_private {
113. if ( -not ( "PRIVATE" -like (Get-NetconnectionProfile | select-object NetworkCategory).networkcategory) ) {
114. Get-NetconnectionProfile | Set-NetconnectionProfile -NetworkCategory Private
115. write-text $oc_o "network set as private"
116. }
117. else { write-text $oc_d "network was already as private" }
118. }
119.  
120. function 8_win_smb1_set {
121. if ( "Enabled" -eq (Get-WindowsOptionalFeature -online -FeatureName "SMB1protocol-server" | select-object -property state).state ) `
122. { write-text $oc_d "smb1 is installed" }
123. else {
124. Enable-WindowsOptionalFeature -Online -FeatureName "SMB1Protocol" -All;
125. write-text $oc_o "enabled smb1"
126. }
127. }
128.  
129. function A_get_user_info {
130. write-text $oc_d "Username = $username"
131. write-text $oc_d "haslo = $haslo"
132. write-text $oc_d "nazwa udzialu = $nazwa_folderu"
133. }
134.  
135. function B_get_interface_info {
136. get-NetIPInterface `
137. | where-object { ( $_.addressfamily -like "IPv4" ) -and ( $_.ConnectionState -eq "Connected" ) } `
138. | select-object ifindex, ifalias, dhcp, connectionstate `
139. | ForEach-Object `
140. {
141. Get-NetIPAddress -interfaceindex $_.ifindex `
142. | where-object { ( $_.addressfamily -like "ipv4" ) -and ( -not ( $_.IPv4Address -like '127.0.0.1' )) } `
143. | Select-Object prefixorigin, suffixorigin, type, store, addressstate, ipv4address -outvariable lol `
144. | Out-Null ;
145. Get-NetAdapter -interfaceindex $_.ifindex -erroraction ignore | select-object interfacedescription, macaddress -outvariable out | out-null;
146. $members = @{"Connectionstate" = $_.connectionstate;
147. "DHCP" = $_.dhcp;
148. "ifalias" = $_.ifalias;
149. "InterfaceDescription" = $out.interfacedescription;
150. "macaddress" = $out.macaddress;
151. "hostname" = $env:computername
152. }
153. if ( $lol.ipv4address ) { write-text red "\\$($lol.ipv4address)\$($scan_smbdir)" }
154. if ( $lol -ne $null ) {
155. $lol | add-member -notepropertymembers $members
156. $lol | Format-table -wrap hostname, ifalias, dhcp, ipv4address, addressstate, connectionstate, macaddress, interfacedescription #-HideTableHeaders
157. }
158. }
159.  
160. }
161.  
162. function C_spooler_restart {
163. Restart-Service -Name Spooler -Force
164. }
165.  
166. function D_spooler_clear {
167. Stop-Service -Name Spooler -Force
168. Move-Item -Path "$env:SystemRoot\System32\spool\PRINTERS\*.*" -Destination 'C:\demo\new' -Force
169. }
170.  
171. function E_check_user {
172. param ( [string] $username, [string] $password)
173. if ( i_check_user $username $password ) {write-text "GREEN" "Account creditentials OK"
174.  
175. }
176. else {
177. write-text "RED" "BAD creditentials"
178. }
179.  
180. }
181.  
182. function i_check_user {
183. param ( [string] $username, [string] $password)
184. $computer = $env:COMPUTERNAME
185. Add-Type -AssemblyName System.DirectoryServices.AccountManagement
186. $obj = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('machine',$computer)
187. $obj.ValidateCredentials($username, $password)
188. }
189.  
190.  
191. # set_user $username
192. # set_share $nazwa_folderu $fq_place $account
193. # set_directory $fq_place
194.  
195. $menu=@"
196. 0 ALL
197.  
198. 1 user: create profile
199. 2 user: hide profile from windows logon
200. 3 user: set password to never expire & user can't change password themselves
201. 4 directory: create on desktop
202. 5 share: create share
203. 6 windows: lower cypher on sharing
204. 7 windows: set network to private
205. 8 windows components: enable smb1 server
206.  
207. 9 repair user
208.  
209. A get user info
210. B get interface info
211.  
212. Q Quit
213.  
214. Select a task by number or Q to quit
215. "@
216.  
217. Function Invoke-Menu {
218. [cmdletbinding()]
219. Param(
220. [Parameter(Position=0,Mandatory=$True,HelpMessage="Enter your menu text")]
221. [ValidateNotNullOrEmpty()]
222. [string]$Menu,
223. [Parameter(Position=1)]
224. [ValidateNotNullOrEmpty()]
225. [string]$Title = "My Menu",
226. [Alias("cls")]
227. [switch]$ClearScreen
228. )
229.  
230. #clear the screen if requested
231. # if ($ClearScreen) { Clear-Host }
232.  
233. #build the menu prompt
234. $menuPrompt = $title
235. #add a return
236. $menuprompt+="`n"
237. #add an underline
238. $menuprompt+="-"*$title.Length
239. #add another return
240. $menuprompt+="`n"
241. #add the menu
242. $menuPrompt+=$menu
243.  
244. Read-Host -Prompt $menuprompt
245.  
246. } #end function
247.  
248. Do {
249. #use a Switch construct to take action depending on what menu choice
250. #is selected.
251. Switch (Invoke-Menu -menu $menu -title "My Help Desk Tasks" -clear)
252. {
253. "0" {write-text "yellow" "all"
254. 1_user_create $username $Password
255. 2_user_hide $username
256. 3_user_neverexp $username
257. 4_directory_create $fq_place
258. 5_share_create $nazwa_folderu $fq_place $username
259. 6_win_lower_cypher
260. cd $this_dir
261. 7_win_net_private
262. 8_win_smb1_set
263. A_get_user_info
264. B_get_interface_info
265. }
266. "1" {write-text "yellow" "user: create profile"
267. 1_user_create $username
268. }
269. "2" {write-text "yellow" "user: hide profile from windows logon"
270. 2_user_hide $username
271. }
272. "3" {write-text "yellow" "user: set password to never expire & user can't change password themselves"
273. 3_user_neverexp $username
274. }
275. "4" {write-text "yellow" "directory: create on desktop"
276. 4_directory_create "$fq_place"
277. }
278. "5" {write-text "yellow" "share: create share"
279. 5_share_create "$nazwa_folderu" "$fq_place" "$username"
280. }
281. "6" {write-text "yellow" "windows: lower cypher on sharing"
282. 6_win_lower_cypher
283. }
284. "7" {write-text "yellow" "windows: set network to private"
285. 7_win_net_private
286. }
287. "8" {write-text "yellow" "windows components: enable smb1 server"
288. 8_win_smb1_set
289. }
290. "9" {
291. write-text "yellow" "repairing user"
292. 3_user_neverexp $username
293. 1B_user_repair $username
294. 2_user_hide $username
295. }
296. "A" {
297. write-text "yellow" "User Info"
298. A_get_user_info
299. }
300. "B" {
301. write-text "yellow" "Interface"
302. B_get_interface_info
303. }
304. "C" {
305.  
306. }
307. "D" {
308.  
309. }
310. "E" {
311. E_check_user $username $haslo
312. }
313.  
314. "Q" {write-text "yellow" "Goodbye"
315. Return
316. }
317. Default {
318. Write-Warning "Invalid Choice. Try again."
319. sleep -milliseconds 750
320. }
321. }
322. } While ($True)