Hardening

1.0.1

Public/Test-HPSAccountPolicy.ps1

                                Function Test-HPSAccountPolicy {

    <#

        .SYNOPSIS

        n/a

        .DESCRIPTION

        n/a

        .PARAMETER Enforce_Password_History

        n/a

        .PARAMETER Maximum_Password_Age

        n/a

        .PARAMETER Minimum_Password_Age

        n/a

        .PARAMETER Minimum_Password_Length

        n/a

        .PARAMETER Password_Must_Meet_Complexity_Requirements

        n/a

        .PARAMETER Store_Passwords_Using_Reversible_Encryption

        n/a

        .PARAMETER Account_Lockout_Duration

        n/a

        .PARAMETER Account_Lockout_Threshold

        n/a

        .PARAMETER Reset_Account_Lockout_Counter_After

        n/a

        .PARAMETER Enforce_User_Logon_Restrictions

        n/a

        .PARAMETER Maximum_Lifetime_For_Service_Ticket

        n/a

        .PARAMETER Maximum_Lifetime_For_User_Ticket

        n/a

        .PARAMETER Maximum_Lifetime_For_User_Ticket_Renewal

        n/a

        .PARAMETER Maximum_Tolerance_For_Computer_Clock_Synchronization

        n/a

        .PARAMETER Preset

        n/a

        .PARAMETER Type

        n/a

        .PARAMETER Cache

        n/a

        .PARAMETER Detail

        n/a

        .EXAMPLE

        Test-HPSAccountPolicy -Preset CIS_Windows_10

        .EXAMPLE

        Test-HPSAccountPolicy -Enforce_Password_History 24

        .EXAMPLE

        Test-HPSAccountPolicy -Enforce_Password_History 42 -Maximum_Password_Age 42

        .EXAMPLE

        Test-HPSAccountPolicy -Preset CIS_Windows_10 -Detail

        .EXAMPLE

        Test-HPSAccountPolicy -Enforce_Password_History 24 -Detail

        .OUTPUTS

        System.Boolean

        .OUTPUTS

        System.Array

        .LINK

        https://hardening.thomas-illiet.fr/Public/Test-HPSAccountPolicy/

        .LINK

        https://github.com/thomas-illiet/Hardening/blob/stable/Hardening/Public/Test-HPSAccountPolicy.ps1

        .NOTES

        - File Name : Test-HPSAccountPolicy.ps1

        - Author    : Thomas ILLIET

    #>

    [CmdletBinding( DefaultParameterSetName = 'Custom', HelpUri = "https://hardening.thomas-illiet.fr/Public/Test-HPSAccountPolicy/" )]

    [OutputType( [System.Boolean] )]

    [OutputType( [System.Array] )]

    Param(

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Enforce_Password_History,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Maximum_Password_Age,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Minimum_Password_Age,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Minimum_Password_Length,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Boolean]

        $Password_Must_Meet_Complexity_Requirements,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Boolean]

        $Store_Passwords_Using_Reversible_Encryption,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Account_Lockout_Duration,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Account_Lockout_Threshold,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Reset_Account_Lockout_Counter_After,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Enforce_User_Logon_Restrictions,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Maximum_Lifetime_For_Service_Ticket,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Maximum_Lifetime_For_User_Ticket,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Maximum_Lifetime_For_User_Ticket_Renewal,

        [Parameter( ParameterSetName = "Custom" )]

        [ValidateNotNullOrEmpty()]

        [System.Int32]

        $Maximum_Tolerance_For_Computer_Clock_Synchronization,

        [Parameter( ParameterSetName = "Preset" )]

        [ValidateNotNullOrEmpty()]

        [System.String]

        $Preset,

        [Parameter()]

        [ValidateSet('Local', 'Gpo')]

        [System.String]

        $Type = 'Local',

        [Parameter()]

        [System.Boolean]

        $Cache = $false,

        [Parameter()]

        [Switch]

        $Detail = $false

    )

    begin {

        Write-Verbose "[$($MyInvocation.MyCommand.Name)] Function started"

    }

    process {

        Write-Verbose "[$($MyInvocation.MyCommand.Name)] ParameterSetName: $($PsCmdlet.ParameterSetName)"

        # Obtain security policy parameters

        $Params= @{

            BoundParameters = $PsBoundParameters

            ParameterSetName = $PsCmdlet.ParameterSetName

            ConfigName = 'AccountPolicy'

        }

        $Parameters = Get-HPSSecurityPolicyParameters @Params

        # Get the current security configuration

        $Configuration = Get-HPSSecurityPolicy -ConfigName 'AccountPolicy' -Type $Type

        # Compare the security policy to obtain the status

        Compare-HPSSecurityPolicy -ReferenceObject $Parameters -DifferenceObject $Configuration -Detail $Detail

    }

    end {

        Write-Verbose "[$($MyInvocation.MyCommand.Name)] Complete"

    }

}