# 1 Grab username\password
# 2 Grab all users without admin in the name
# 3 For each user
# a Modify display name to include (admin)
# b Rename AD object to include (admin)
#
#It’s setup to run in a single line because I can
#
$ninja=Get-Credential
; get-aduser -filter
'name -notlike "*Admin*"' -searchbase 'OU=Security - Administrator Accounts,DC=Coolkids,DC=local' -Properties DistinguishedName
| %{set-aduser -credential $ninja
$_ -displayname
($_.name
+ "
(Admin)"); rename-ADObject $_.DistinguishedName
-credential
$ninja -NewName
($_.name
+ "
(Admin)")}
expanded
#get the admin passwords
$ninja=Get-Credential
#
get-aduser -filter 'name -notlike "*Admin*"' -searchbase 'OU=Security - Administrator Accounts,DC=Coolkids,DC=local' -Properties DistinguishedName | %{set-aduser -credential $ninja $_ -displayname ($_.name + " (Admin)"); rename-ADObject $_.DistinguishedName -credential $ninja -NewName ($_.name + " (Admin)")}
#
get-aduser -filter 'name -notlike "*Admin*"' -searchbase 'OU=Security - Administrator Accounts,DC=Coolkids,DC=local' -Properties DistinguishedName | %{set-aduser -credential $ninja $_ -displayname ($_.name + " (Admin)"); rename-ADObject $_.DistinguishedName -credential $ninja -NewName ($_.name + " (Admin)")}
No comments:
Post a Comment