SecureMFA

1.0.0.8

Get-xOTP-Status.ps1

                                <#

     .SYNOPSIS

        Shows SecureMFA.com OTP Status information.

    .DESCRIPTION

        Shows MFA status information. 

        Dependencies:

            * System which executes a script must have Microsoft Framework 4.6.1 and above installed.

            * SecureMFA_SupportTools.dll file must be present in script directory.  

            * SecureMFA_SupportTools.json configuration file must be present in script directory. 

            Bellow is a sample of valid Json config file with minimal configuration required for script to work:

                {

                "sql_server": "asqlaol1.adatum.labnet",

                "sql_database": "SecureMfaOTP",

                "ui_input_text": "Please enter user's UPN",

                "ui_environment": "MyCompany",

                "data_encryption_passphrase": "d9GhT=7=Ox8-+LaZ"

                }

    .NOTES

        Version:        1.0.0.6

        Author:         SecureMfa.com

        Creation Date:  18/05/2020

        Purpose/Change: Incorporated into module 

    .EXAMPLE

        C:\PS> Get-xOTP-Status

        This command will show total number of OTP accounts with activation status.  

    .EXAMPLE

        C:\PS> Get-xOTP-Status -upn user 

        This command will show OTP account's details for the user.

    .EXAMPLE

        C:\PS> Get-xOTP-Status -lastlogon 

        This command will show last logons count for users by date.     

#>

#>

Function Get-xOTP-Status {

Param

(

    [Parameter(Mandatory=$false,ParameterSetName="Default")]

    [String]$upn = $null,

    [Parameter(Mandatory=$false,ParameterSetName="Default")]

    [Switch]$lastlogons,

    [Parameter(Mandatory=$false,ParameterSetName="Default")]

    [Switch]$failedlogons

)

DynamicParam

{

    # create a dictionary to return, and collection of parameters

    $paramDictionary = New-Object -Type System.Management.Automation.RuntimeDefinedParameterDictionary

    $attributeCollection = New-Object -Type System.Collections.ObjectModel.Collection[System.Attribute]

    # create a new [string] parameter for all parameter sets, and decorate with a [ValidateSet]

    $dynParam = New-Object -Type System.Management.Automation.RuntimeDefinedParameter("Profile", [String], $attributeCollection)

    $attributes = New-Object System.Management.Automation.ParameterAttribute

    $fname = "Profiles.json"

    $paramOptions = New-Object System.Management.Automation.ValidateSetAttribute -ArgumentList (ConvertFrom-Json (Get-Content (join-path $PSScriptRoot $fname) -Raw))

    $attributeCollection.Add($attributes)

    $attributeCollection.Add($paramOptions)

    $paramDictionary.Add("Profile", $dynParam)

    return $paramDictionary

}

Process

{

    #Static Parameters

    $Event_Source = "SecureMFA_SupportTools"

    [Int16]$UserStatus = 0;

    #Checking Dependencies

    #EventLog source dependency

    $ErrMsg = "ResetOTP EventLog source is missing. Please execute following PS command 'New-EventLog -Source SecureMFA_SupportTools -LogName Application' on the system before using the app."

    if (((Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Services\EventLog\Application).pschildname | where { $_ -eq $Event_Source} | measure).Count -eq 0) 

    {write-host $ErrMsg -ForegroundColor red; pause; break}

    #Config file dependency    

    if ( $PSBoundParameters.Keys.Contains("Profile") )

    {

        $configfile = (Join-Path -Path $PSScriptRoot -ChildPath ($PSBoundParameters.Profile + '_SecureMFA_SupportTools.json'))

    }

    else {$configfile = (Join-Path -Path $PSScriptRoot -ChildPath SecureMFA_SupportTools.json)}

    #Test config file path.

    $ErrMsg = "$configfile file is missing. Please copy a file to script directory and try again."

    if (!(Test-Path $configfile)) { write-host $ErrMsg -ForegroundColor red; pause; break }

    #DLL file dependency

    $dllpath = (Join-Path -Path $PSScriptRoot -ChildPath SecureMFA_SupportTools.dll)

    $ErrMsg = "$configfile file is missing. Please copy a file to script directory and try again."

    if (!(Test-Path $dllpath)) { write-host $ErrMsg -ForegroundColor red; pause; break }

    #Read JSON file Configuration

    $json = Get-Content -Raw $configfile | ConvertFrom-Json

    $sqlinstance = $json.sqlserver

    $sqldbname = $json.sqldbname

    $sqlintegratedsecurity = $json.sqlintegratedsecurity

    $sqluseraccount = $json.sqluseraccount

    $sqluserpassword = $json.sqluserpassword

    $input_text = $json.ui_input_text

    $environment = $json.ui_environment

    $encryption_passphrase = $json.data_encryption_passphrase

    $sqlConnectString = "server=" + $sqlinstance + ";initial catalog=" + $sqldbname + ";integrated security=" + $sqlintegratedsecurity + ";User ID=" + $sqluseraccount + ";Password=" + $sqluserpassword;

    #Get user's input if required

    write-host " -- Get OTP Status for $environment --" -ForegroundColor Green

    Try {

        [System.Reflection.Assembly]::LoadFile($dllpath) | Out-Null 

    if ($upn) {

        if ($upn.Length -le 1) {Do { $upn = read-host $input_text} while ($upn -eq "")}

            if ([SecureMFA_SupportTools.OTP]::isUserExist($upn, $sqlConnectString, [ref] $UserStatus)) 

                                                { 

                $CodeList = [SecureMFA_SupportTools.OTP]::GetUserStatus($upn, $sqlConnectString,$env:username,$env:computername)

                $CodeList | %     {

                    switch($_.item3){ 

                       0 {$UserStatusValue = "ACCOUNT: NEVERUSED"} 

                       1 {$UserStatusValue = "ACCOUNT: ENABLED"} 

                       2 {$UserStatusValue = "ACCOUNT: DISABLED"} 

                    }              

                write-host "INDEX:" $_.item1 "`nUPN:" $_.item2 "`n$UserStatusValue`nLASTLOGON:"  $_.item4 "`nLOGONCOUNT:" $_.item5 "`nFAILEDLOGONCOUNT:" $_.item6 "`nDATA" $_.item7 -ForegroundColor Green}              

             } 

            else 

                {

                 write-host "User: [$upn] doesn’t exist in OTP database. "

                }

            }

        elseif ($lastlogons) 

                {

                    $CodeList = [SecureMFA_SupportTools.OTP]::GetLogonStatus($sqlConnectString,$env:username,$env:computername)

                    write-host "Last logons count for users by date"

                    $CodeList | %     { write-host "TOTAL:" $_.item2 " DATE:" $_.item3 -ForegroundColor Green }

                }

        elseif ($failedlogons) 

                {

                    $CodeList = [SecureMFA_SupportTools.OTP]::GetFailedLogonStatus($sqlConnectString,$env:username,$env:computername)

                    write-host "Failed logons count for users by date"

                    $CodeList | %     { write-host "TOTAL:" $_.item2 " DATE:" $_.item3 -ForegroundColor Green }

                }  

        else 

        {

        $CodeList = [SecureMFA_SupportTools.OTP]::GetStatus($upn, $sqlConnectString,$env:username,$env:computername)

        $CodeList | %     {          

            switch($_.item2){

                   0 {$UserStatusValue = "Never logged in users total: "}

                   1 {$UserStatusValue = "Enabled users total: "}

                   2 {$UserStatusValue = "Disabled users total: "}

                   Default    { $UserStatusValue = "Users with invalid status total: " }

            }    

            write-host $UserStatusValue $_.item3 -ForegroundColor Green

        }

        }

    }

    #On error acction 

    catch [System.Exception] { 

            $completed = get-date

            $line = $_.InvocationInfo.ScriptLineNumber

            $msg = $_.Exception.Message 

            Write-Host -ForegroundColor Red "Error: $msg"

            Write-EventLog –LogName Application –Source $Event_Source –EntryType Error –EventID 5559 –Message “$msg Executed by: $env:username Computer: $env:computername Line: $line”                 

            }    

    }

}