-
Notifications
You must be signed in to change notification settings - Fork 0
/
Convert-UserAccountControlValues.ps1
66 lines (59 loc) · 3.45 KB
/
Convert-UserAccountControlValues.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
################################################################################################
# Convert-UserAccountControlValues.ps1
#
# AUTHOR: Fabian Müller, Microsoft Deutschland GmbH
# VERSION: 0.1.1
# DATE: 23.11.2012
#
# THIS CODE-SAMPLE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR
# FITNESS FOR A PARTICULAR PURPOSE.
#
# This sample is not supported under any Microsoft standard support program or service.
# The script is provided AS IS without warranty of any kind. Microsoft further disclaims all
# implied warranties including, without limitation, any implied warranties of merchantability
# or of fitness for a particular purpose. The entire risk arising out of the use or performance
# of the sample and documentation remains with you. In no event shall Microsoft, its authors,
# or anyone else involved in the creation, production, or delivery of the script be liable for
# any damages whatsoever (including, without limitation, damages for loss of business profits,
# business interruption, loss of business information, or other pecuniary loss) arising out of
# the use of or inability to use the sample or documentation, even if Microsoft has been advised
# of the possibility of such damages.
################################################################################################
Function Set-UserAccountControlValueTable
{
# see http://support.microsoft.com/kb/305144/en-us
$userAccountControlHashTable = New-Object HashTable
$userAccountControlHashTable.Add("SCRIPT",1)
$userAccountControlHashTable.Add("ACCOUNTDISABLE",2)
$userAccountControlHashTable.Add("HOMEDIR_REQUIRED",8)
$userAccountControlHashTable.Add("LOCKOUT",16)
$userAccountControlHashTable.Add("PASSWD_NOTREQD",32)
$userAccountControlHashTable.Add("ENCRYPTED_TEXT_PWD_ALLOWED",128)
$userAccountControlHashTable.Add("TEMP_DUPLICATE_ACCOUNT",256)
$userAccountControlHashTable.Add("NORMAL_ACCOUNT",512)
$userAccountControlHashTable.Add("INTERDOMAIN_TRUST_ACCOUNT",2048)
$userAccountControlHashTable.Add("WORKSTATION_TRUST_ACCOUNT",4096)
$userAccountControlHashTable.Add("SERVER_TRUST_ACCOUNT",8192)
$userAccountControlHashTable.Add("DONT_EXPIRE_PASSWORD",65536)
$userAccountControlHashTable.Add("MNS_LOGON_ACCOUNT",131072)
$userAccountControlHashTable.Add("SMARTCARD_REQUIRED",262144)
$userAccountControlHashTable.Add("TRUSTED_FOR_DELEGATION",524288)
$userAccountControlHashTable.Add("NOT_DELEGATED",1048576)
$userAccountControlHashTable.Add("USE_DES_KEY_ONLY",2097152)
$userAccountControlHashTable.Add("DONT_REQ_PREAUTH",4194304)
$userAccountControlHashTable.Add("PASSWORD_EXPIRED",8388608)
$userAccountControlHashTable.Add("TRUSTED_TO_AUTH_FOR_DELEGATION",16777216)
$userAccountControlHashTable.Add("PARTIAL_SECRETS_ACCOUNT",67108864)
$userAccountControlHashTable = $userAccountControlHashTable.GetEnumerator() | Sort-Object -Property Value
return $userAccountControlHashTable
}
Function Get-UserAccountControlFlags($userInput)
{
Set-UserAccountControlValueTable | foreach {
$binaryAnd = $_.value -band $userInput
if ($binaryAnd -ne "0") { write $_ }
}
}
$userInputUserAccountControl = Read-Host "Please provide the userAccountControl value: "
Get-UserAccountControlFlags($userInputUserAccountControl)