Created
January 20, 2021 19:42
-
-
Save jworkmanjc/f8a39bd7a919d023abaf6731e1dcbbdb to your computer and use it in GitHub Desktop.
This script will search a windows system for the UserToRename user, if it exists, it will rename that account to the username who installed JumpCloud from the user portal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################################################ | |
| # This script will pull the provisionerID from the JumpCloud console and rename | |
| # the specified user account to the matching username in JumpCloud. This script | |
| # will not rename or remap the user's home directory. | |
| ################################################################################ | |
| # Variables | |
| # User to match and rename (case insensitive) | |
| $UserToRename='oyo' | |
| # API KEY | |
| $JumpCloudApiKey = 'yourApiKeyHere' | |
| # System Group IDs | |
| # Before account rename group | |
| $beforeRenameGroupID = 'replaceWithBeforeGroupID' | |
| # After account rename group | |
| $afterRenameGroupID = 'replaceWithAfterGroupID' | |
| # Failure Group | |
| $failureGroupID = 'replaceWithFailureGroupID' | |
| ################################################################################ | |
| # Get Local Accounts on system and see if UserToRename exists | |
| ################################################################################ | |
| $localUsers = Get-LocalUser | |
| foreach ($username in $localUsers.name) | |
| { | |
| if ($username -match $UserToRename){ | |
| # Set Selected Username Variable | |
| write-host "Matched $UserToRename user found" | |
| $SelectedUser = $username | |
| } | |
| } | |
| if ([System.String]::IsNullOrEmpty($SelectedUser)) | |
| { | |
| throw "$username was not found on the system" | |
| # Add system to failure group & remove from before rename group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "add" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "remove" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| exit | |
| } | |
| ################################################################################ | |
| # Now try to match the Provisioner User from the System Record in JumpCloud | |
| ################################################################################ | |
| # Get System Key | |
| $config = get-content 'C:\Program Files\JumpCloud\Plugins\Contrib\jcagent.conf' | |
| $regex = 'systemKey\":\"(\w+)\"' | |
| $systemKey = [regex]::Match($config, $regex).Groups[1].Value | |
| $headers = @{ | |
| Accept = "application/json" | |
| 'x-api-key' = $JumpCloudApiKey | |
| ContentType = 'application/json' | |
| } | |
| $content = Invoke-WebRequest -Method Get -Uri "https://console.jumpcloud.com/api/systems/$systemKey" -Headers $headers -UseBasicParsing | |
| if ($content.StatusCode -eq '200'){ | |
| $systemResponse = $content.content | Convertfrom-Json | |
| } | |
| # This should be the provisionerID value | |
| $ProvisionerID = $systemResponse.provisionMetadata.provisioner.provisionerId | |
| if ([System.String]::IsNullOrEmpty($ProvisionerID)){ | |
| throw "ProvisionerID does not exist for this system record" | |
| # Add system to failure group & remove from before rename group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "add" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # Finally add system to the completed group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "remove" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| exit | |
| } | |
| # Get the user details | |
| $content = Invoke-WebRequest -Method Get -Uri "https://console.jumpcloud.com/api/systemusers/$ProvisionerID" -Headers $headers -UseBasicParsing | |
| $userResponse = $content.content | Convertfrom-Json | |
| # This should be the provisioner username value | |
| $ProvisionerUsername = $userResponse.username | |
| # exit if this is null | |
| if ([System.String]::IsNullOrEmpty($ProvisionerUsername)) | |
| { | |
| throw "ProvisionerUsername does not exist for this system record" | |
| # Add system to failure group & remove from before rename group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "add" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # Finally add system to the completed group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "remove" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| exit | |
| } | |
| write-host "######## User Details ########" | |
| write-host "UserID: $provisionerID" | |
| write-host "UserName: $ProvisionerUsername" | |
| write-host "##############################" | |
| ################################################################################ | |
| # Finally attempt to change the username to ProvisionerUsername | |
| ################################################################################ | |
| # Change the local username to the new user | |
| rename-localuser -name $SelectedUser -newname $ProvisionerUsername -ErrorVariable errortext | |
| if ($errortext) | |
| { | |
| throw "Could not set username, exiting..." | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "add" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$failureGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # Finally add system to the completed group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "remove" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| exit | |
| } | |
| else{ | |
| write-host "$SelectedUser changed to $ProvisionerUsername" | |
| } | |
| ################################################################################ | |
| # Group assignment | |
| ################################################################################ | |
| # If script was sucessful, remove from the command assignment group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "remove" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupRemove = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$beforeRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # Finally add system to the completed group | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$systemKey" | |
| 'op' = "add" | |
| 'type' = "system" | |
| } | ConvertTo-Json | |
| $groupAdd = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systemgroups/$afterRenameGroupID/members" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # Bind the user to the system | |
| $headers = @{ | |
| Accept = "application/json"; | |
| 'x-api-key' = $JumpCloudApiKey; | |
| } | |
| $body = @{ | |
| 'id' = "$ProvisionerID" | |
| 'op' = "add" | |
| 'type' = "user" | |
| } | ConvertTo-Json | |
| $userBind = Invoke-WebRequest -Method Post -Uri "https://console.jumpcloud.com/api/v2/systems/${systemKey}/associations" -Headers $headers -Body $body -ContentType 'application/json' -UseBasicParsing | |
| # After reboot the username and fullname fields should be set in the UI |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment