AlticapRMMTempAdminToolbox

1.21

New-TempAdminUser.ps1

                                function New-TempAdminUser

{

  <#

      .SYNOPSIS

      Create a temporary user $UserName member of administrator group and password is set to $password

      .DESCRIPTION

      If user alreadey exist then change its password

      If AD server then make user a member of domain administrators, otherwise user is member of local administrators groups

      Checks that groups names match the OS language (FR/US)

      .EXAMPLE

      CreateTempAdminUser "TempAdmin" "SomeComplexPa$$w0rd"

  #>

  param ([Parameter(Mandatory=$true)][String] $UserName, [Parameter(Mandatory=$true)][String] $password)

  Write-Event "Create user $username with password '$password'"

  $users = net user

  #######################

  # cree un compte temporaire en local/domain selon les cas

  #######################

  $users2 = net user

  if ($users2 -match $UserName) { $newuser = net user $username $password }

  else { $newuser = net user $username $password /add }

  $newuser2 = net user

  if ($newuser2 -match $username) { } else { $password = $null }

  $newusergroups = net user $username

  if ($Host.Version.Major -gt 4) {

    $AD = $(try { Get-WindowsFeature -name AD-Domain-Services -ErrorAction Ignore } catch{}) -ne $null

    #$AD = Get-WindowsFeature -name AD-Domain-Services -Erroraction silentlycontinue -informationaction silentlycontinue | select *

    if ($ad.Installed -eq "True") { 

      $groups = net group

      if ($groups) {

        if ($groups -match "administrateurs")

        { $addingtolocalgroup = net localgroup "administrateurs" $username /add | out-null }

        elseif ($groups -match "administrators")

        { $addingtolocalgroup = net localgroup "administrators" $username /add | out-null }

        else { Write-EventError "unable to find the local admin group. debug :" ; Write-EventError $groups }

      }

    }

  }    

  $localgroups = net localgroup

  if ($localgroups) {

    if (($localgroups -match "administrateurs") -and !($newusergroups -match "administrateurs"))

    { $addingtolocalgroup = net localgroup "administrateurs" $username /add | out-null }

    elseif (($localgroups -match "administrators") -and !($newusergroups -match "administrators"))

    { $addingtolocalgroup = net localgroup "administrators" $username /add | out-null }

    elseif (($localgroups -match "administrateurs") -and ($newusergroups -match "administrateurs")) {}

    elseif (($localgroups -match "administrators") -and ($newusergroups -match "administrators")) {}

    else  { Write-EventError "unable to find the local admin group. debug :" ; Write-EventError $localgroups }

    $newuser3 = net user $username

    if ($newuser3 -match "administrat") {  } else { Write-EventError "failed to add temp user to local admin group" ; Exit-Event 1 }

  }

}