cmaggiulli · June 17, 2024 01:49
diff --git a/clone.ps1 b/clone.ps1
 # Get the name of the current script file and create a log file with the same name but with .log extension
 $scriptName = [System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Name)
 $logFile = "$scriptName.log"
 $dateFormat = "yyyy-MM-dd HH:mm:ss"

 # Function to write log entries with timestamp to both log file and stdout
 function Write-Log {
    param (
        [string]$message
    )
    $timestamp = (Get-Date).ToString($dateFormat) + " " + (Get-TimeZone).Id
    $logMessage = $timestamp + " - " + $message
    Add-Content -Path $logFile -Value $logMessage
    Write-Output $logMessage
 }

 # Function to get all local users
 function Get-AllLocalUsers {
    $users = Get-LocalUser
    return $users
 }

 # Function to get local users matching the search string
 function Get-LocalUsers {
    param (
        [string]$searchString
    )
    $users = Get-LocalUser | Where-Object { $_.Name -like "*$searchString*" }
    return $users
 }

 # Function to get an exact local user match
 function Get-ExactLocalUser {
    param (
        [string]$searchString
    )
    $user = Get-LocalUser | Where-Object { $_.Name -ieq $searchString }
    return $user
 }

 # Function to clone a user
 function Clone-User {
    param (
        [string]$username
    )
    $user = Get-LocalUser -Name $username
    $newUsername = $username + "_new"
    New-LocalUser -Name $newUsername -Description $user.Description -FullName $user.FullName -PasswordNeverExpires $user.PasswordNeverExpires -UserMayNotChangePassword $user.UserMayNotChangePassword
    Add-LocalGroupMember -Group "Users" -Member $newUsername
    return $newUsername
 }

 # Function to remove admin access from a user
 function Remove-AdminAccess {
    param (
        [string]$username
    )
    Remove-LocalGroupMember -Group "Administrators" -Member $username
 }

 Write-Log "Script is being run by user: $([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)"

 # Log and print all users in the system with their administrator status
 $allUsers = Get-AllLocalUsers
 $userInfo = $allUsers | ForEach-Object {
    "$($_.Name): $isAdmin"
 } 
 $userInfoString = $userInfo -join "`n"
 Write-Log "Here are all users in the system:`n$userInfoString `n"

 # Prompt user for search string
 $searchString = Read-Host "Enter username of user to revoke local admin permissions"

 $skippedCount = 0

 try {
    Write-Log "Starting user clone process"

    # First, check for an exact match (case-insensitive)
    $exactUser = Get-ExactLocalUser -searchString $searchString

    if ($exactUser) {
        # Use only the exact match if found
        $users = @($exactUser)
        Write-Log "Exact match found: $($exactUser.Name)"
    } else {
        # If no exact match, find partial matches
        $users = Get-LocalUsers -searchString $searchString

        # Log and print all users found
        if ($users.Count -eq 0) {
            Write-Log "No users found matching the search string"
        } else {
            Write-Log "Partial matches found:"
            foreach ($user in $users) {
                Write-Log "$($user.Name)"
            }
        }
    }

    foreach ($user in $users) {
        $confirmation = Read-Host "User $($user.Name) was found. Type 'yes' to confirm or 'skip' to skip this user"

        if ($confirmation -eq 'skip') {
            $skippedCount++
            Write-Log "User $($user.Name) was skipped."
            continue
        } elseif ($confirmation -ne 'yes') {
            Write-Log "Invalid input for user $($user.Name). Assuming skip."
            $skippedCount++
            continue
        }

        try {
            $newUser = Clone-User -username $user.Name
            Remove-AdminAccess -username $user.Name
            Write-Log "Cloned user $($user.Name) to $newUser and removed admin access from $($user.Name)"
        } catch {
            Write-Log "Failed to clone or update user $($user.Name): $_"
        }
    }

    if ($users.Count -ne 0 -and $skippedCount -eq $users.Count) {
        Write-Log "All users were skipped. No cloning operations were performed."
    } elseif ($users.Count -ne 0 -and $skippedCount -ne $users.Count) {
        Write-Log "User clone process completed successfully for confirmed users."
    }

 } catch {
    Write-Log "Failed to complete the process: $_"
 }

 # Keep the PowerShell window open
 Read-Host -Prompt "Program Completed.  Press Any Key to Exit"
	# Get the name of the current script file and create a log file with the same name but with .log extension
	$scriptName = [System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Name)
	$logFile = "$scriptName.log"
	$dateFormat = "yyyy-MM-dd HH:mm:ss"

	# Function to write log entries with timestamp to both log file and stdout
	function Write-Log {
	param (
	[string]$message
	)
	$timestamp = (Get-Date).ToString($dateFormat) + " " + (Get-TimeZone).Id
	$logMessage = $timestamp + " - " + $message
	Add-Content -Path $logFile -Value $logMessage
	Write-Output $logMessage
	}

	# Function to get all local users
	function Get-AllLocalUsers {
	$users = Get-LocalUser
	return $users
	}

	# Function to get local users matching the search string
	function Get-LocalUsers {
	param (
	[string]$searchString
	)
	$users = Get-LocalUser \| Where-Object { $_.Name -like "$searchString" }
	return $users
	}

	# Function to get an exact local user match
	function Get-ExactLocalUser {
	param (
	[string]$searchString
	)
	$user = Get-LocalUser \| Where-Object { $_.Name -ieq $searchString }
	return $user
	}

	# Function to clone a user
	function Clone-User {
	param (
	[string]$username
	)
	$user = Get-LocalUser -Name $username
	$newUsername = $username + "_new"
	New-LocalUser -Name $newUsername -Description $user.Description -FullName $user.FullName -PasswordNeverExpires $user.PasswordNeverExpires -UserMayNotChangePassword $user.UserMayNotChangePassword
	Add-LocalGroupMember -Group "Users" -Member $newUsername
	return $newUsername
	}

	# Function to remove admin access from a user
	function Remove-AdminAccess {
	param (
	[string]$username
	)
	Remove-LocalGroupMember -Group "Administrators" -Member $username
	}

	Write-Log "Script is being run by user: $([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)"

	# Log and print all users in the system with their administrator status
	$allUsers = Get-AllLocalUsers
	$userInfo = $allUsers \| ForEach-Object {
	"$($_.Name): $isAdmin"
	}
	$userInfoString = $userInfo -join "`n"
	Write-Log "Here are all users in the system:`n$userInfoString `n"

	# Prompt user for search string
	$searchString = Read-Host "Enter username of user to revoke local admin permissions"

	$skippedCount = 0

	try {
	Write-Log "Starting user clone process"

	# First, check for an exact match (case-insensitive)
	$exactUser = Get-ExactLocalUser -searchString $searchString

	if ($exactUser) {
	# Use only the exact match if found
	$users = @($exactUser)
	Write-Log "Exact match found: $($exactUser.Name)"
	} else {
	# If no exact match, find partial matches
	$users = Get-LocalUsers -searchString $searchString

	# Log and print all users found
	if ($users.Count -eq 0) {
	Write-Log "No users found matching the search string"
	} else {
	Write-Log "Partial matches found:"
	foreach ($user in $users) {
	Write-Log "$($user.Name)"
	}
	}
	}

	foreach ($user in $users) {
	$confirmation = Read-Host "User $($user.Name) was found. Type 'yes' to confirm or 'skip' to skip this user"

	if ($confirmation -eq 'skip') {
	$skippedCount++
	Write-Log "User $($user.Name) was skipped."
	continue
	} elseif ($confirmation -ne 'yes') {
	Write-Log "Invalid input for user $($user.Name). Assuming skip."
	$skippedCount++
	continue
	}

	try {
	$newUser = Clone-User -username $user.Name
	Remove-AdminAccess -username $user.Name
	Write-Log "Cloned user $($user.Name) to $newUser and removed admin access from $($user.Name)"
	} catch {
	Write-Log "Failed to clone or update user $($user.Name): $_"
	}
	}

	if ($users.Count -ne 0 -and $skippedCount -eq $users.Count) {
	Write-Log "All users were skipped. No cloning operations were performed."
	} elseif ($users.Count -ne 0 -and $skippedCount -ne $users.Count) {
	Write-Log "User clone process completed successfully for confirmed users."
	}

	} catch {
	Write-Log "Failed to complete the process: $_"
	}

	# Keep the PowerShell window open
	Read-Host -Prompt "Program Completed. Press Any Key to Exit"