Public/Enable-ADSIUser.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
function Enable-ADSIUser
{
<#
 .SYNOPSIS
  Function to Enable a User Account
  
 .DESCRIPTION
  Function to Enable a User Account
  
 .PARAMETER Identity
  Specifies the Identity of the User.
  
  You can provide one of the following properties
   DistinguishedName
   Guid
   Name
   SamAccountName
   Sid
   UserPrincipalName
   
  Those properties come from the following enumeration:
   System.DirectoryServices.AccountManagement.IdentityType
  
 .PARAMETER Credential
  Specifies the alternative credential to use.
  By default it will use the current user windows credentials.
  
 .PARAMETER DomainName
  Specifies the alternative Domain.
  By default it will use the current domain.
  
 .EXAMPLE
  Enable-ADSIUser fxtest02
  
  This will Enable the fxtest02 account
  
 .EXAMPLE
  Enable-ADSIUser fxtest02 -whatif
  
  This will emulate the following action: Enable the fxtest02 account
  
 .EXAMPLE
  Enable-ADSIUser fxtest02 -credential (Get-Credential)
  
  This will enable the fxtest02 account using the credential specified
  
 .EXAMPLE
  Enable-ADSIUser fxtest02 -credential (Get-Credential) -DomainName LazyWinAdmin.local
  
  This will enable the fxtest02 account using the credential specified in the domain LazyWinAdmin.local
  
 .NOTES
  Francois-Xavier.Cat
  LazyWinAdmin.com
  @lazywinadm
  github.com/lazywinadmin
 .LINK
  https://msdn.microsoft.com/en-us/library/System.DirectoryServices.AccountManagement.UserPrincipal(v=vs.110).aspx
#>

    [CmdletBinding(SupportsShouldProcess = $true)]
    PARAM (
        [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true, ValueFromPipeline = $true)]
        $Identity,
        [Alias("RunAs")]
        [System.Management.Automation.PSCredential]
        [System.Management.Automation.Credential()]
        $Credential = [System.Management.Automation.PSCredential]::Empty,
        [String]$DomainName)
    
    BEGIN
    {
        Add-Type -AssemblyName System.DirectoryServices.AccountManagement
        
        # Create Context splatting
        $ContextSplatting = @{ }
        IF ($PSBoundParameters['Credential']) { $ContextSplatting.Credential = $Credential }
        IF ($PSBoundParameters['DomainName']) { $ContextSplatting.DomainName = $DomainName }
        
        $Context = New-ADSIPrincipalContext @ContextSplatting -contexttype Domain
    }
    PROCESS
    {
        TRY
        {
            if ($pscmdlet.ShouldProcess("$Identity", "Enable Account"))
            {
                $Account = Get-ADSIUser -Identity $Identity @ContextSplatting
                $Account.Enabled = $true
                $Account.Save()
            }
        }
        CATCH
        {
            Write-Error $Error[0]
        }
    }
}