Bloqueio Por Logon Hours Active Directory
Por: Fernando Lopes • 25/2/2022 • Resenha • 318 Palavras (2 Páginas) • 178 Visualizações
##Byte rule
##Each day has 3 blocks and each block has 8 hours and a byte for each hour
##block 1 ------------ block 2 -------------block 3
##1 -> 1 ------------ 9 -> 1 -------------17 -> 1
##2 -> 2 ------------ 10 -> 2 -------------18 -> 2
##3 -> 4 ------------ 11 -> 4 -------------19 -> 4
##4 -> 8 ------------ 12 -> 8 -------------20 -> 8
##5 -> 16 ------------ 13 -> 16 -------------21 -> 16
##6 -> 32 ------------ 14 -> 32 -------------22 -> 32
##7 -> 64 ------------ 15 -> 64 -------------23 -> 64
##8 -> 128 ------------ 16 -> 128 -------------24 -> 128
##To create a logon hour schedule, you must sum those hours in order to estabilish the workhours
##It's also extremely important to notice that logon hours is based by the Domain Controller timezone
##You can check https://www.worldtimebuddy.com/ for hours conversion
Import-Module ActiveDirectory
$BlockUsers = Import-Csv CAMINHO_CSV
[byte[]]$hours =@(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
foreach($User in $BlockUsers){
$Name = $User."Nome Completo do Usuário"
$ADUser = Get-ADUser -Filter "Name -like '*$Name*'"
Write-Host "User: $($ADUser.SamAccountName)"
$Gestor = $User."Nome do Gestor do Usuário"
$ADGestor = Get-ADUser -Filter "Name -like '*$Gestor*'"
Write-Host "Gestor: $($ADGestor.SamAccountName)"
Write-Host "Bloqueando logon-hours"
Set-ADuser $ADUser -Replace @{logonhours = $hours}
Write-Host "Bloqueando usuário"
Disable-ADAccount $ADUser
Write-Host "Disparando e-mail"
$recipients = ""
$from = ""
$subject = ""
$cc = ""
$email = ('
Digite o corpo do e-mail
')
Send-MailMessage -SmtpServer "seu_servidor_smtp" -Subject $subject -From $from -to $recipients -Cc $cc -Body $Email -BodyAsHtml -Encoding UTF8
}
...