From 5cfd7fb7aa4b3988de23bf76fd4f661a697eb039 Mon Sep 17 00:00:00 2001 From: Hubert Cornet Date: Wed, 6 Aug 2025 10:15:55 +0200 Subject: [PATCH] =?UTF-8?q?T=C3=A9l=C3=A9verser=20les=20fichiers=20vers=20?= =?UTF-8?q?"Active=20Directory"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Active Directory/Validate-GroupMembership.ps1 | 112 ++++++++++++++++++ Active Directory/restauration.ps1 | 80 +++++++++++++ 2 files changed, 192 insertions(+) create mode 100644 Active Directory/Validate-GroupMembership.ps1 create mode 100644 Active Directory/restauration.ps1 diff --git a/Active Directory/Validate-GroupMembership.ps1 b/Active Directory/Validate-GroupMembership.ps1 new file mode 100644 index 0000000..921eee8 --- /dev/null +++ b/Active Directory/Validate-GroupMembership.ps1 @@ -0,0 +1,112 @@ +<# + + .SYNOPSIS + Validates AD group membership for a user or computer object + + .PARAMETER SearchString + Provide Username or Computer Name + + .PARAMETER SearchType + Specify type (User or Computer) + + .PARAMETER Group + Provide AD Group name + + .EXAMPLE + Validate-GroupMembership -SearchString $env:USERNAME -SearchType User -Group "Test Group" + + .EXAMPLE + Validate-GroupMembership -SearchString $env:COMPUTERNAME -SearchType Computer -Group "ORL Computers" + +#> + +param ( + [parameter(Mandatory = $True)] + [ValidateNotNullOrEmpty()]$SearchString, + [parameter(Mandatory = $True)] + [ValidateSet("User", "Computer")] + [ValidateNotNullOrEmpty()]$SearchType, + [parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()]$Group +) + +Try { + + $objSearcher = New-Object System.DirectoryServices.DirectorySearcher + $objSearcher.SearchRoot = New-Object System.DirectoryServices.DirectoryEntry + + If ($SearchType -eq "User") { + + $objSearcher.Filter = "(&(objectCategory=User)(SAMAccountName=$SearchString))" + + } + Else { + + $objSearcher.Filter = "(&(objectCategory=Computer)(cn=$SearchString))" + + } + + $objSearcher.SearchScope = "Subtree" + $obj = $objSearcher.FindOne() + $User = $obj.Properties["distinguishedname"] + + $objSearcher.PageSize = 1000 + $objSearcher.Filter = "(&(objectClass=group)(cn=$Group))" + $obj = $objSearcher.FindOne() + + [String[]]$Members = $obj.Properties["member"] + + If ($Members.count -eq 0) { + + $retrievedAllMembers = $false + $rangeBottom = 0 + $rangeTop = 0 + + While (! $retrievedAllMembers) { + + $rangeTop = $rangeBottom + 1499 + + $memberRange = "member;range=$rangeBottom-$rangeTop" + + $objSearcher.PropertiesToLoad.Clear() + [void]$objSearcher.PropertiesToLoad.Add("$memberRange") + + $rangeBottom += 1500 + + Try { + + $obj = $objSearcher.FindOne() + $rangedProperty = $obj.Properties.PropertyNames -like "member;range=*" + $Members += $obj.Properties.item($rangedProperty) + + if ($Members.count -eq 0) { $retrievedAllMembers = $true } + } + + Catch { + + $retrievedAllMembers = $true + } + + } + + } + +} + +Catch { + + Write-Host "Either group or user does not exist" + Return $False + +} + +If ($Members -contains $User) { + + Return $True + +} +Else { + + Return $False + +} \ No newline at end of file diff --git a/Active Directory/restauration.ps1 b/Active Directory/restauration.ps1 new file mode 100644 index 0000000..d3fbbcd --- /dev/null +++ b/Active Directory/restauration.ps1 @@ -0,0 +1,80 @@ + +Write-host +write-host "-------------------------------------------------------" +Write-host + +Import-module ActiveDirectory + +Function RestoreObject($Object) { + #----------------------------------------------------------------- + If ($Object.substring($Object.length - 1, 1) -ne '*') { + $Object += '*' + } + #----------------------------------------------------------------- + + $existing = Get-ADObject -Filter {name -like $Object} + + If (!$existing) { + "Aucun objet existant trouve, la recherche d objets supprimes." + $deleted = Get-ADObject -IncludeDeletedObjects -Filter {name -like $Object -and Deleted -eq $True} + + If ($deleted) { + "Objet supprime trouve, restauration en cour ..." + $deleted | Restore-ADObject + Start-Sleep -s 5 + $restoredobject = Get-ADObject -Filter {name -like $Object} + + If ($restoredobject) { + "Objet restauré avec succes. Essayer de trouver des informations de recuperation ..." + $recoveryinfos = Get-ADObject -IncludeDeletedObjects -Filter {lastKnownParent -like $restoredobject.DistinguishedName -and Deleted -eq $True -and objectClass -eq 'msFVE-RecoveryInformation'} + + ForEach($recoveryinfo in $recoveryinfos) { + If ($recoveryinfo) { + "Les informations de recuperation trouve, en essayant de restaurer ..." + $recoveryinfo | Restore-ADObject + + Start-Sleep -s 5 + + $restoredinfo = Get-ADObject -Filter {ObjectGUID -eq $recoveryinfo.ObjectGUID} + + If ($restoredinfo) { + "Les informations de recuperation restaure avec succes." + } + Else { + "Impossible de restaurer les informations de recuperation, interruption du script." + return $false + } + } + Else { + "Aucune information de recuperation trouve pour objet, interruption du script." + return $true + } + } + } + Else { + "Quelque-chose s est mal passe. Impossible de trouver l objet restaure, interruption du script." + return $false + } + } + Else { + "Pas Object supprime trouve, interruption du script." + return $false; + } + } + Else { + "Object existe deja, interruption du script." + Write-host $existing + return $false + } + "Restauration de Object realise avec success." + "Terminee." + return $true +} + +$cn = Read-Host "Saisie ObjectGUID de l objet a restaurer ?" + +RestoreObject($cn) + +Write-host +write-host "-------------------------------------------------------" +Write-host \ No newline at end of file