Get-SecureMFA_WIN_OTP_Configuration.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#Requires -RunAsAdministrator
#Requires -Version 5.0

<#
     .SYNOPSIS
        Shows SecureMFA WIN OTP Provider configuration.
    .DESCRIPTION
        Shows SecureMFA WIN OTP Provider configuration from system registry.
 
    .NOTES
        Version: 2.0.0.1
        Author: SecureMfa.com
        Creation Date: 21/09/2020
        Purpose/Change: Release
   
    .EXAMPLE
        C:\PS> Get-SecureMFA_WIN_OTP_Configuration
 
        This command shows provider configuration values from parameters from system registry.
    
#>


#Check if windows events source for application log exist, if not create one.
if ([System.Diagnostics.EventLog]::SourceExists("SecureMFA WIN OTP") -eq $False) {New-EventLog -LogName "Application" -Source "SecureMFA WIN OTP" ; Write-Host "SecureMFA WIN OTP Log Source Created."}

Function Get-SecureMFA_WIN_OTP_Configuration {
Param
(
    [Parameter(Mandatory=$false)][Switch]$ResetOfflineProfiles
)
     
    try
    {
        $Error.Clear()        
         
         #Validate uninsatall action
            if ($ResetOfflineProfiles) {
            $message  = "Please confirm if you want to delete local SecureMFA WIN OTP Offline user profiles? Please note that offline OTP logins will not work until account is synchronised again."            
            $question = 'Please confirm?'
            $choices = New-Object Collections.ObjectModel.Collection[Management.Automation.Host.ChoiceDescription]
            $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&Yes'))
            $choices.Add((New-Object Management.Automation.Host.ChoiceDescription -ArgumentList '&No'))
            $decision_Validation = $Host.UI.PromptForChoice($message, $question, $choices, 0)
            if ($decision_Validation -eq 1 ) {Write-Host "Local OTP profiles reset has been cancelled, exiting!" -ForegroundColor Yellow ; break}
            
            # Remove WIN OTP Authentication Provider user profiles data
            write-host "Removing WIN OTP Authentication Provider user profiles data." -ForegroundColor Yellow
            if((Test-Path -LiteralPath "HKLM:\SOFTWARE\SecureMFA") -eq $true) { $keyPath = 'HKLM:\SOFTWARE\SecureMFA'; Remove-ItemProperty -Path $keyPath -Name win_totp_user* -Force; };
             
            }

            else
            {
                if (!(Test-Path "HKLM:\SOFTWARE\SecureMFA" -Type Container) ) { throw "SecureMFA WIN OTP Provider does not exist on the system." ; break}
            
                # Complete
                write-host "List of SecureMFA WIN OTP Provider settings." -ForegroundColor Cyan

                #Get <appSettings> values
                Get-ItemProperty -Path "HKLM:\SOFTWARE\SecureMFA" -Name win_*  
            }
        
    }
    catch
    {
        Write-Host "$($MyInvocation.InvocationName): $_" -ForegroundColor red
    }    


}