diff --git a/api/tacticalrmm/scripts/community_scripts.json b/api/tacticalrmm/scripts/community_scripts.json index d9c295a3..4ce61fb9 100644 --- a/api/tacticalrmm/scripts/community_scripts.json +++ b/api/tacticalrmm/scripts/community_scripts.json @@ -341,6 +341,15 @@ "shell": "powershell", "category": "TRMM (Win):Active Directory" }, + { + "guid": "3afd07c0-04fd-4b23-b5f2-88205c0744d4", + "filename": "Win_User_Admins_Local_Disable.ps1", + "submittedBy": "https://github.com/dinger1986", + "name": "Local Administrators - Disables all local admins if joined to domain or AzureAD", + "description": "Checks to see if computer is either joined to a AD domain or Azure AD. If it is, it disables all local admin accounts. If not joined to domain/AzureAD, leaves admin accounts in place", + "shell": "powershell", + "category": "TRMM (Win):User Management" + }, { "guid": "71090fc4-faa6-460b-adb0-95d7863544e1", "filename": "Win_Check_Events_for_Bluescreens.ps1", diff --git a/scripts/Win_User_Admins_Local_Disable.ps1 b/scripts/Win_User_Admins_Local_Disable.ps1 new file mode 100644 index 00000000..69229201 --- /dev/null +++ b/scripts/Win_User_Admins_Local_Disable.ps1 @@ -0,0 +1,42 @@ +<# + .SYNOPSIS + Disables all local admins if joined to domain or AzureAD + + .DESCRIPTION + Checks to see if computer is either joined to a AD domain or Azure AD. If it is, it disables all local admin accounts. If not joined to domain/AzureAD, leaves local admin accounts in place + + .OUTPUTS + Results are printed to the console. + + .NOTES + Change Log + 5/12/2021 V1.0 Initial release + + Contributed by: https://github.com/dinger1986 +#> + +$ErrorActionPreference = 'silentlycontinue' + +if (get-localuser | Where-Object Enabled) { + if (dsregcmd /status | Where-Object { $_ -match 'DomainJoined : YES' } | ForEach-Object { $_.Trim() }) { + Write-Output "Removing Local Admins" + get-localuser | Where-Object Enabled | Disable-LocalUser + get-localuser | Select name, Enabled + } + + elseif (dsregcmd /status | Where-Object { $_ -match 'AzureAdJoined : YES' } | ForEach-Object { $_.Trim() }) { + Write-Output "Removing Local Admins" + get-localuser | Where-Object Enabled | Disable-LocalUser + get-localuser | Select name, Enabled + } + + else { + Write-Output "Machine not on Domain so leaving local admins" + get-localuser | Select name, Enabled + } + +} + +else { + Write-Output "No local Users" +} \ No newline at end of file diff --git a/scripts_wip/Alert_MSTeams.ps1 b/scripts_wip/Win_Teams_Alert.ps1 similarity index 100% rename from scripts_wip/Alert_MSTeams.ps1 rename to scripts_wip/Win_Teams_Alert.ps1