Set-ADUserLogonTo

1.0.2

Set-ADUserLogonTo.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
                                Function Test-ADModule {

    [CmdletBinding()]

    Param()

    BEGIN {

        if (Get-Module -ListAvailable -Name ActiveDirectory) {

                return $true

        } else {

            Write-Error "ActiveDirectory Module is not available. Module may need to be installed from RSAT."

        }

    }

}

function Get-ADUserLogonTo{

    [CmdletBinding()]

    Param(

        [Parameter(Mandatory=$true,

                   ValueFromPipeline=$true)]

        $Identity,

        [switch]$ReturnCount

    )

    BEGIN{

        Test-ADModule -ErrorAction Stop

        $user = Get-ADUser -Identity $Identity -Properties userWorkstations

    }

    PROCESS{

        if ($user.userWorkstations -notlike ""){

            $count = 0

            foreach($workstation in $user.userWorkstations.split(",")){

                $count += 1

                if(!$ReturnCount){

                    $object = New-Object –TypeName PSObject –Prop @{'ComputerName'=$workstation}

                    $object.PSObject.TypeNames.Insert(0,'Microsoft.ActiveDirectory.Management.ADUser.userWorkstations')

                    Write-Output $object

                }

            }

            if($ReturnCount){

                Write-Output $count

            }

        }

    }

}

function Set-ADUserLogonTo{

    [CmdletBinding(

        SupportsShouldProcess=$True,

        ConfirmImpact="High"

        )]

    Param(

        [Parameter(Mandatory=$true,

                   ValueFromPipeline=$true)]

        [Parameter(ParameterSetName='ComputerList')]

        [Parameter(ParameterSetName='SetToNull')]

        $Identity,

        [Parameter(Mandatory=$true,

                   ParameterSetName='ComputerList')]

        $ComputerList,

        [Parameter(ParameterSetName='ComputerList')]

        $MaximumComputers = 64,

        [Parameter(Mandatory=$true,

                   ParameterSetName='SetToNull')]

        [switch]$SetToNull

    )

    BEGIN {

        Test-ADModule -ErrorAction Stop

    }

    PROCESS {

        if ($SetToNull) {

            if ($PSCmdlet.ShouldProcess($Identity,"Disabling logon restrictions")) {

                Set-ADUser -Identity $Identity -LogonWorkstations $null

            }

        }

        elseif ($ComputerList -ne $null) {

            $ComputerListArray = $ComputerList.split(",")

            $ConcatenatedQuery = $null

            foreach ($Name in $ComputerListArray) {

                $Query = (Get-ADComputer -Filter 'Name -like $Name').Name -join ','

                $ConcatenatedQuery += $Query.Insert(0,',')

            }

            $ConcatenatedQuery = $ConcatenatedQuery.TrimStart(",") #removes the unneccessary leading comma

            $SplitQuery = $ConcatenatedQuery.split(",")

            $SplitQueryLength = $SplitQuery.Length

            if ($SplitQueryLength -gt $MaximumComputers) {

                Write-Error -Message "Computer count has $SplitQueryLength entries. Count returned from query must have a value of $MaximumComputers or less. Attempted value was:`n$SplitQuery`n"

            }

            elseif ($SplitQueryLength -le $MaximumComputers) {

                if ($PSCmdlet.ShouldProcess($Identity,"Setting logon restrictions to the following $SplitQueryLength Computers:`n$SplitQuery`n")) {

                    Set-ADUser -Identity $Identity -LogonWorkstations $ConcatenatedQuery

                }

            }

        }

    }

}