Skip to content

Instantly share code, notes, and snippets.

@jworkmanjc
Created January 20, 2021 19:42
Show Gist options
  • Save jworkmanjc/f8a39bd7a919d023abaf6731e1dcbbdb to your computer and use it in GitHub Desktop.
Save jworkmanjc/f8a39bd7a919d023abaf6731e1dcbbdb to your computer and use it in GitHub Desktop.
This script will search a windows system for the UserToRename user, if it exists, it will rename that account to the username who installed JumpCloud from the user portal
################################################################################
# This script will pull the provisionerID from the JumpCloud console and rename
# the specified user account to the matching username in JumpCloud. This script
# will not rename or remap the user's home directory.
################################################################################
# Variables
# User to match and rename (case insensitive)
$UserToRename='oyo'
# API KEY
$JumpCloudApiKey = 'yourApiKeyHere'
# System Group IDs
# Before account rename group
$beforeRenameGroupID = 'replaceWithBeforeGroupID'
# After account rename group
$afterRenameGroupID = 'replaceWithAfterGroupID'
# Failure Group
$failureGroupID = 'replaceWithFailureGroupID'
################################################################################
# Get Local Accounts on system and see if UserToRename exists
################################################################################
$localUsers = Get-LocalUser
foreach ($username in $localUsers.name)
{
if ($username -match $UserToRename){
# Set Selected Username Variable
write-host "Matched $UserToRename user found"
$SelectedUser = $username
}
}
if ([System.String]::IsNullOrEmpty($SelectedUser))
{
throw "$username was not found on the system"
# Add system to failure group & remove from before rename group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "add"
'type' = "system"
} | ConvertTo-Json
Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "remove"
'type' = "system"
} | ConvertTo-Json
Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
exit
}
################################################################################
# Now try to match the Provisioner User from the System Record in JumpCloud
################################################################################
# Get System Key
$config = get-content 'C:\Program Files\JumpCloud\Plugins\Contrib\jcagent.conf'
$regex = 'systemKey\":\"(\w+)\"'
$systemKey = [regex]::Match($config, $regex).Groups[1].Value
$headers = @{
Accept = "application/json"
'x-api-key' = $JumpCloudApiKey
ContentType = 'application/json' 
}
$content = Invoke-WebRequest -Method Get -Uri "https://console.jumpcloud.com/api/systems/$systemKey" -Headers $headers -UseBasicParsing
if ($content.StatusCode -eq '200'){
$systemResponse = $content.content | Convertfrom-Json
}
# This should be the provisionerID value
$ProvisionerID = $systemResponse.provisionMetadata.provisioner.provisionerId
if ([System.String]::IsNullOrEmpty($ProvisionerID)){
throw "ProvisionerID does not exist for this system record"
# Add system to failure group & remove from before rename group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "add"
'type' = "system"
} | ConvertTo-Json
$groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# Finally add system to the completed group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "remove"
'type' = "system"
} | ConvertTo-Json
$groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
exit
}
# Get the user details
$content = Invoke-WebRequest -Method Get -Uri "https://console.jumpcloud.com/api/systemusers/$ProvisionerID" -Headers $headers -UseBasicParsing
$userResponse = $content.content | Convertfrom-Json
# This should be the provisioner username value
$ProvisionerUsername = $userResponse.username
# exit if this is null
if ([System.String]::IsNullOrEmpty($ProvisionerUsername))
{
throw "ProvisionerUsername does not exist for this system record"
# Add system to failure group & remove from before rename group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "add"
'type' = "system"
} | ConvertTo-Json
$groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# Finally add system to the completed group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "remove"
'type' = "system"
} | ConvertTo-Json
$groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
exit
}
write-host "######## User Details ########"
write-host "UserID: $provisionerID"
write-host "UserName: $ProvisionerUsername"
write-host "##############################"
################################################################################
# Finally attempt to change the username to ProvisionerUsername
################################################################################
# Change the local username to the new user
rename-localuser -name $SelectedUser -newname $ProvisionerUsername -ErrorVariable errortext
if ($errortext)
{
throw "Could not set username, exiting..."
$body = @{
'id' = "$systemKey"
'op' = "add"
'type' = "system"
} | ConvertTo-Json
$groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# Finally add system to the completed group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "remove"
'type' = "system"
} | ConvertTo-Json
$groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
exit
}
else{
write-host "$SelectedUser changed to $ProvisionerUsername"
}
################################################################################
# Group assignment
################################################################################
# If script was sucessful, remove from the command assignment group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "remove"
'type' = "system"
} | ConvertTo-Json
$groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# Finally add system to the completed group
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$systemKey"
'op' = "add"
'type' = "system"
} | ConvertTo-Json
$groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$afterRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# Bind the user to the system
$headers = @{
Accept = "application/json";
'x-api-key' = $JumpCloudApiKey;
}
$body = @{
'id' = "$ProvisionerID"
'op' = "add"
'type' = "user"
} | ConvertTo-Json
$userBind = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systems/${systemKey}/associations" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing
# After reboot the username and fullname fields should be set in the UI
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment