Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 30

feat: enabled locking for windows admins

Browse source
This commit is contained in:
Jahziel Villasana-Espinoza 2024-05-20 11:45:11 -04:00
parent ef2f26a01a
commit b6ada01aef
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
ee/server/service/embedded_scripts/windows_lock.ps1
View file

@ -1,10 +1,10 @@
# PowerShell script to log off all non-administrative users and disable their accounts
# Log off all non-administrative users
# Log off all users
$loggedOffUsers = @{}
Get-WmiObject -Class Win32_UserProfile | Where-Object { $_.Special -eq $false } | ForEach-Object {
$username = $_.LocalPath.Split('\')[-1]
if ($username -ne "Administrator" -and $username -ne $env:USERNAME -and -not $loggedOffUsers.ContainsKey($username)) {
if ($username -ne $env:USERNAME -and -not $loggedOffUsers.ContainsKey($username)) {
try {
$userSessions = query user | Where-Object { $_ -match "\b$username\b" }
foreach ($session in $userSessions) {
@ -25,8 +25,8 @@ Get-WmiObject -Class Win32_UserProfile | Where-Object { $_.Special -eq $false }
}
}
# Disable all non-administrative local user accounts
Get-LocalUser | Where-Object { $_.Enabled -eq $true -and $_.Name -ne "Administrator" } | ForEach-Object {
# Disable all local user accounts
Get-LocalUser | Where-Object { $_.Enabled -eq $true } | ForEach-Object {
$username = $_.Name
Disable-LocalUser -Name $username
Write-Host "Disabled account for $username"