-
-
Save Kreloc/968205fc52a5f0bbd3717660b710bf25 to your computer and use it in GitHub Desktop.
PowerShell script to find where a user is logged into on the network and disable their NIC.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Disable-NICBasedOnUser | |
| { | |
| <# | |
| .SYNOPSIS | |
| Disables the network adapter on remote computer based on inputted user name and computer filter. | |
| .DESCRIPTION | |
| Disabled the IP enabled network adapters on remote computers. Computers are found using Get-ADComputer and user accounts | |
| are verified against Active Directory. | |
| .PARAMETER UserName | |
| The SamAccountName of the user to find. Could also be any of three others accepted by the Identity Parameter of Get-ADUser. | |
| .PARAMETER ComputerName | |
| The computername or part of the computername to find. Uses Get-ADComputer with a Filter for SamAccountName, has wildcard placed at end as part of the function. | |
| DO NOT Add any wildcard syntax to this parameter, the function adds it at the approriate place. Do not use the parameter and it will search all of the | |
| enabled computers in your domain. | |
| .EXAMPLE | |
| Disabled-NICBasedOnUser -UserName "UserA" -ComputerName "MY-PREF" | |
| Will check to make sure UserA is a user in ActiveDirectory. If user is not, breaks out of the function at that point. If user is in AD, | |
| then searches AD for computers that are enabled and have a name starting with MY-PREF. It then loops thru each computer found, testing if it is online | |
| and then determining if the speicified user is logged onto that computer. It outputs this all into an array of objects. | |
| This array is then piped to the Disable-NetworkAdapter function, which disables all IP enabled adapters on the computers that were found | |
| to have the specified user logged on. | |
| #> | |
| [CmdletBinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$True, | |
| ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)] | |
| [string]$UserName, | |
| [Parameter(Mandatory=$False, | |
| ValueFromPipelinebyPropertyName=$True)] | |
| $ComputerName = "" | |
| ) | |
| Begin | |
| { | |
| #Helper functions | |
| Function Disable-NetworkAdapter | |
| { | |
| <# | |
| .SYNOPSIS | |
| Disables all active network adapters on remote computer. | |
| .DESCRIPTION | |
| Disables all active network adapters on remote computer using two Get-WMIObject calls. | |
| .PARAMETER ComputerName | |
| The name of the computer to disabled network adapters on. | |
| .EXAMPLE | |
| Disable-NetworkAdapter <ComputerName> | |
| Disables active network adapters on the speicifed computer | |
| .EXAMPLE | |
| Get-Content computers.txt | Disable-NetworkAdapter | |
| Disables the active network adapter(s) on each computer in the computer.txt file. | |
| #> | |
| [CmdletBinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$True, | |
| ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)] | |
| [string]$ComputerName | |
| ) | |
| Begin{} | |
| Process | |
| { | |
| Write-Verbose "Getting Network adapters that are enabled on $ComputerName" | |
| $EnabledNetworkAdapters = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "IPEnabled = TRUE" -ComputerName $ComputerName | |
| ForEach($Adapter in $EnabledNetworkAdapters) | |
| { | |
| Write-Verbose "Disabling $($Adapter.Description) on $($ComputerName)" | |
| (Get-WmiObject -Class win32_networkadapter -Filter "Index LIKE $($EnabledNetworkAdapters.Index)" -ComputerName $ComputerName).Disable | |
| } | |
| } | |
| End{} | |
| } | |
| Function Get-ActiveUser | |
| { | |
| <# | |
| .SYNOPSIS | |
| This function gets the activer user on specified computer. | |
| .DESCRIPTION | |
| This function gets the activer user on specified computer as defined by the running explorer process on their system. Potentially may return | |
| more than one user. | |
| .PARAMETER ComputerName | |
| The name of the computer to be used to determine the active user. | |
| .EXAMPLE | |
| Get-ActiveUser -ComputerName "THATPC" | |
| .EXAMPLE | |
| Get-Content computers.txt | Get-ActiveUser | |
| .NOTES | |
| Even though this function accepts computernames from the pipeline, it is best used to only determine one computer at a time, since there is no computername output at this time. | |
| #> | |
| [CmdletBinding()] | |
| param | |
| ( | |
| [Parameter(Mandatory=$False, | |
| ValueFromPipeline=$True, ValueFromPipelinebyPropertyName=$true)][Alias('Name')] | |
| $ComputerName = $env:COMPUTERNAME | |
| ) | |
| PROCESS | |
| { | |
| Write-Verbose "Attempting to get logged on users on $ComputerName" | |
| ($uid = @(Get-WmiObject -class win32_process -ComputerName $ComputerName -filter "ExecutablePath like '%explorer.exe'" -EA "continue" | Foreach-Object {$_.GetOwner().User} | Where-Object {$_ -ne "NETWORK SERVICE" -and $_ -ne "LOCAL SERVICE" -and $_ -ne "SYSTEM"} | Sort-Object -Unique)) | |
| If($uid -like "") | |
| { | |
| Write-Verbose "No users were found logged onto $ComputerName" | |
| Write-Output "No user" | |
| } | |
| } | |
| } | |
| #End Helper Functions | |
| } | |
| Process | |
| { | |
| $Results = @() | |
| $UserCheck = Get-ADUser -Identity $UserName | |
| If($UserCheck -eq $Null) | |
| { | |
| "$UserName was not found. Please verify this is the login id for the account" | |
| break | |
| } | |
| If($ComputerName -notlike "") | |
| { | |
| $Filter = "$ComputerName*" | |
| } | |
| else | |
| { | |
| $Filter = '*' | |
| } | |
| Write-Verbose "Filter is set as $Filter" | |
| $Computers = Get-ADComputer -Filter {Enabled -eq "true" -and SamAccountName -like $Filter} | |
| ForEach($Computer in $Computers.Name) | |
| { | |
| If(Test-Connection -ComputerName $Computer -Count 1 -Quiet) | |
| { | |
| $LoggedOnUsers = Get-ActiveUser -ComputerName $Computer | |
| If($LoggedOnUsers -notmatch "No Users") | |
| { | |
| If($LoggedOnUsers -match $UserName) | |
| { | |
| $props = @{ComputerName = $Computer | |
| UserName = $UserName | |
| LoggedOn = $True | |
| Online = $True | |
| } | |
| $FoundUser = New-Object -TypeName psobject -Property $props | |
| $Results += $FoundUser | |
| } | |
| else | |
| { | |
| $props = @{ComputerName = $Computer | |
| UserName = $LoggedOnUsers | |
| LoggedOn = $False | |
| Online = $True | |
| } | |
| $NotFoundUser = New-Object -TypeName psobject -Property $props | |
| $Results += $NotFoundUser | |
| } | |
| } | |
| else | |
| { | |
| $props = @{ComputerName = $Computer | |
| UserName = "No Users Logged on" | |
| LoggedOn = $False | |
| Online = $True | |
| } | |
| $NoUsers = New-Object -TypeName psobject -Property $props | |
| $Results += $NoUsers | |
| } | |
| } | |
| else | |
| { | |
| $props = @{ComputerName = $Computer | |
| UserName = "Unknown" | |
| LoggedOn = "Unknown" | |
| Online = $False | |
| } | |
| $OfflineComputers = New-Object -TypeName psobject -Property $props | |
| $Results += $OfflineComputers | |
| } | |
| } | |
| $RunDisable = $Results | Where {$_.LoggedOn -eq $True} | Disable-NetworkAdapter -Verbose | |
| $Results | |
| } | |
| End{} | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment