Peter Daniš - Powershell skripty

Get-LocalAdmins.ps1 (zpäť na zoznam) Zbieranie informácií o všetkých amdministrátorských účtoch a ich prihlasovacích politikách (lokálne alebo vzdialené prihlasovanie) na zisťovanie servisných účtov.
			$localhost = hostname
$admins = net localgroup administrators | Where-Object {$_ -AND $_ -notmatch "command completed successfully"} | Select-Object -skip 4

$secpolTmpltPath = "C:\temp\secpolTmplt.inf" #inf file to work with

$output = invoke-expression -command "secedit /export /cfg $secpolTmpltPath"

function translate_SID {
    param ($userList)
    $list = @()
    foreach ($user in $userList) {
        if ($user -match "S-1-") {
            $objSID = New-Object System.Security.Principal.SecurityIdentifier($user.substring(1))
            $objUser = $objSID.Translate( [System.Security.Principal.NTAccount])
            $translatedUser = $objUser.Value
            $list += ,$translatedUser
        }
        else {
            $list += ,$user
        }
    }
    return $list
}

[string]$denyLogonLocally = Get-Content $secpolTmpltPath | Where-Object {$_ -match "SeDenyInteractiveLogonRight"} #getting line with deny local logon
[string]$denyLogonRDP = Get-Content $secpolTmpltPath | Where-Object {$_ -match "SeDenyRemoteInteractiveLogonRight"} #getting line with deny RDP logon

$denyLogonLocally = $denyLogonLocally.Replace(" ","")
$denyLogonRDP = $denyLogonRDP.Replace(" ","")

if ($denyLogonLocally.Length -gt 0) {
    $denyLocally = $denyLogonLocally.split("=")
    $denyLocallyUsers = $denyLocally[1].split(",")
}
else {
    $denyLocallyUsers = ""
}

if ($denyLogonRDP.Length -gt 0) {
    $denyRDP = $denyLogonRDP.split("=")
    $denyRDPUsers = $denyRDP[1].split(",")
}
else {
    $denyRDPUsers = ""
}

$translatedLocallyUsers = translate_SID $denyLocallyUsers
$translatedRDPUsers = translate_SID $denyRDPUsers

foreach ($admin in $admins) {
    if ($admin -match "_ACCOUNT_TO_SKIP_1_|_ACCOUNT_TO_SKIP_2_")  {
        continue;
    }
    
    $result = $localhost+";"+$admin
    if ($translatedLocallyUsers -contains $admin) {
        $result += ";yes"
        $localDeny = $true
    }
    else {
        $result += ";no"
        $localDeny = $false
    }
    if ($translatedRDPUsers -contains $admin) {
        $result += ";yes"
        $RDPdeny = $true
    }
    else {
        $result += ";no"
        $RDPdeny = $false
    }
    if ($localDeny -and $RDPdeny) {
        $result += ";yes"
    }
    else {
        $result += ";no"
    }
    $result
}