39 Star 221 Fork 51

chuanjiao10 / kasini3000

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
zkj_s所有win被控机改密码_验证周期_改密码_验证_对调密码_写入时间戳.ps1 10.32 KB
一键复制 编辑 Web IDE 原始数据 按行查看 历史
#建议保存编码为:bom头 + utf8
param
(
[Alias("force_change_pwd")][Switch]$忽略时间戳_强制更新密码,
[Alias("Write_To_Autologin")][Switch]$写入自动登录,
[Alias("Write_Log")][Switch]$写入log
)
if ( ($IsWindows -eq $True) -or ($PSVersionTable.psversion.major -lt 6) ) #win
{
& 'c:\ProgramData\kasini3000\0k_source.ps1'
}
if ($IsLinux -eq $True)
{
& '/etc/kasini3000/0k_source.ps1'
}
& 'zd只读nodelist文件.ps1'
foreach ($private:temp1 in $global:所有被控机)
{
if (& 'tcp--ping-v5.ps1' ${private:temp1}.ip ${private:temp1}.端口 -Quiet)
{
}
else
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
Write-Error ("错误:被控机【{0}】端口不通。" -f $private:temp1.ip )
}
else
{
Write-Error ("Error:Node port closed: {0} " -f $private:temp1.ip )
}
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("错误:被控机【{0}】端口不通。" -f $private:temp1.ip )
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("Error:Node port closed: {0} " -f $private:temp1.ip )
}
}
continue
}
[System.Net.IPAddress]$ip2 = 0
if (-not ( [System.Net.IPAddress]::TryParse($private:temp1.ip,[ref]$ip2) ) )
{
Write-Error ("错误:nodelist文件中找到这个ip地址:【{0}】但ip不合法,跳过此被控机" -f ${private:temp1}.ip)
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("错误:nodelist文件中找到这个ip地址:【{0}】但ip不合法,跳过此被控机" -f ${private:temp1}.ip)
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("Error: The ip address found in the nodelist file: {0} but the ip is illegal, skip this node" -f ${private:temp1}.ip)
}
}
continue
}
$win = 'win7','win8','win10','win11','win2008r2','win2012r2','win2016','win2019','win2022'
if ( ($private:temp1.被控机os类型 -eq $null) -or ($private:temp1.被控机os类型 -eq '') )
{
& 'sx1刷新单个被控机对象的_os类型属性.ps1' -被控机ip地址 ${private:temp1}.ip
}
if ( $private:temp1.被控机os类型 -notin $win)
{
Write-Warning ("警告:此被控机:【{0}】不是win操作系统,跳过此被控机" -f ${private:temp1}.ip)
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("警告:此被控机:【{0}】不是win操作系统,跳过此被控机" -f ${private:temp1}.ip)
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("Warning: This node: {0} is not a windows os, skip this node" -f ${private:temp1}.ip)
}
}
continue
}
if ($忽略时间戳_强制更新密码 -eq $true)
{
}
else
{
if ($private:temp1.密码写入节点时间戳 -ne '')
{
$最早改密码时间 = Get-Date $private:temp1.密码写入节点时间戳
if ( (Get-Date) -lt $最早改密码时间)
{
Write-Warning ("警告:此被控机【{0}】,时间戳【{1}】,未到改密周期,跳过此被控机!" -f ${private:temp1}.ip,$最早改密码时间 )
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("警告:此被控机【{0}】,时间戳【{1}】,未到改密周期,跳过此被控机!" -f ${private:temp1}.ip,$最早改密码时间 )
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("Warning: This node {0}, timestamp {1}, has not reached the password change period, skip this node" -f ${private:temp1}.ip)
}
}
continue
}
}
}
#改密码
if ($private:temp1.端口 -eq '')
{
$private:temp1.端口 = 5985
}
& 'zd只读nodelist文件.ps1'
$当前被控机 = $global:所有被控机 | Where-Object { $_.ip -eq ${private:temp1}.ip }
if ($当前被控机.ip -ne ${private:temp1}.ip)
{
Write-Error "错误:当前被控机ip获取失败: ${当前被控机}"
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 "错误:当前被控机ip获取失败: ${当前被控机}"
}
else
{
& 'k_写log.ps1' -被写入的log内容 "Error: Failed to obtain the node ip: ${当前被控机}"
}
}
continue
}
$PSRemoting服务器用户名 = $当前被控机.用户名
$用户名2 = "$(${private:temp1}.ip)\${PSRemoting服务器用户名}"
$密码明文 = $当前被控机.当前密码
$密码密文 = ConvertTo-SecureString $密码明文 -AsPlainText -Force
$用户名和密码捆绑后的授权信息 = New-Object System.Management.Automation.PSCredential ($用户名2,$密码密文)
Write-Verbose ("使用当前密码,在被控机【{0}】上连接w2w5985开始" -f ${private:temp1}.ip )
if ( ($IsWindows -eq $True) -or ($PSVersionTable.psversion.major -lt 6) ) #win
{
$private:连接31 = New-PSSession -ComputerName $private:temp1.ip -Port $private:temp1.端口 -Credential $用户名和密码捆绑后的授权信息
}
if ($IsLinux -eq $True)
{
$private:连接31 = New-PSSession -ComputerName $private:temp1.ip -Port $private:temp1.端口 -Credential $用户名和密码捆绑后的授权信息 -Authentication Negotiate
}
if ($private:连接31 -eq $null)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
Write-Error ("错误:使用当前密码,连接被控机【{0}】失败" -f $private:temp1.ip )
}
else
{
Write-Error ("error:Using current password connection to node {0} failed" -f $private:temp1.ip )
}
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("错误:使用当前密码,连接被控机【{0}】失败" -f ${private:temp1}.ip )
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("error:Using current password connection to node {0} failed" -f ${private:temp1}.ip )
}
}
continue
}
Write-Verbose '使用当前密码,连接成功。现在开始执行命令:'
[string]$private:cmd1 = "net user {0} '{1}'" -f $private:temp1.用户名,$private:temp1.旧密码
$private:cmd2 = [scriptblock]::Create($private:cmd1)
Invoke-Command -Session $private:连接31 -ScriptBlock $private:cmd2
$private:连接31 | Remove-PSSession
Start-Sleep -Seconds 2
#验证
$PSRemoting服务器用户名 = $当前被控机.用户名
$用户名2 = "$(${private:temp1}.ip)\${PSRemoting服务器用户名}"
$密码明文 = $当前被控机.旧密码
$密码密文 = ConvertTo-SecureString $密码明文 -AsPlainText -Force
$用户名和密码捆绑后的授权信息 = New-Object System.Management.Automation.PSCredential ($用户名2,$密码密文)
Write-Verbose '使用旧密码,验证开始'
if ( ($IsWindows -eq $True) -or ($PSVersionTable.psversion.major -lt 6) ) #win
{
$private:连接32 = New-PSSession -ComputerName $private:temp1.ip -Port $private:temp1.端口 -Credential $用户名和密码捆绑后的授权信息
}
if ($IsLinux -eq $True)
{
$private:连接32 = New-PSSession -ComputerName $private:temp1.ip -Port $private:temp1.端口 -Credential $用户名和密码捆绑后的授权信息 -Authentication Negotiate
}
if ($private:连接32 -eq $null)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
Write-Error ("错误:使用旧密码,验证失败。密码修改失败!被控机:{0} " -f $private:temp1.ip )
}
else
{
Write-Error ("error:Using the old password, verification failed. Password modification failed! node:{0} " -f $private:temp1.ip )
}
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("错误:使用旧密码,验证失败。密码修改失败!被控机:{0}" -f ${private:temp1}.ip )
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("error:Using the old password, verification failed. Password modification failed! node:{0} " -f ${private:temp1}.ip )
}
}
}
else
{
#密码对调
$private:temp993 = $private:temp1.当前密码
$private:temp1.当前密码 = $private:temp1.旧密码
$private:temp1.旧密码 = $private:temp993
#写入时间戳
$private:temp1.密码写入节点时间戳 = Get-Date ((Get-Date) + $global:被控机密码_变更周期) -Format 'F'
if ($env:LANG -eq 'zh_CN.UTF-8')
{
Write-Host -ForegroundColor green ("信息:被控机【{0}】密码修改成功。" -f $private:temp1.ip )
}
else
{
Write-Host -ForegroundColor green ("info:Node password is successfully modified: {0} " -f $private:temp1.ip )
}
if ($写入log -eq $True)
{
if ($env:LANG -eq 'zh_CN.UTF-8')
{
& 'k_写log.ps1' -被写入的log内容 ("信息:被控机【{0}】密码修改成功。" -f $private:temp1.ip )
}
else
{
& 'k_写log.ps1' -被写入的log内容 ("info:Node password is successfully modified: {0} " -f $private:temp1.ip )
}
}
if ($写入自动登录 -eq $true)
{
[scriptblock]$private:cmd =
{
New-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\' -Name PasswordLess
New-Item -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess' -Name Device
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device' -Name DevicePasswordLessBuildVersion -Value 0 -type dword -Force
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoAdminLogon -Value 1 -type String -Force
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultUserName -Value $args[0] -type String -Force
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultPassword -Value $args[1] -type String -Force
New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name DefaultDomainName -Value $env:COMPUTERNAME -type String -Force
#New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name ForceAutoLogon -Value 1 -type String -Force
#New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name IgnoreShiftOvveride -Value 1 -type String -Force
#New-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon' -Name AutoLogonCount -Value 1 -type dword -Force
}
Invoke-Command -Session $private:连接32 -ScriptBlock $private:cmd -ArgumentList $private:temp1.用户名,$private:temp1.当前密码
}
$private:连接32 | Remove-PSSession
}
}
& 'zl整理写入nodelist文件.ps1'
exit 0
PowerShell
1
https://gitee.com/chuanjiao10/kasini3000.git
git@gitee.com:chuanjiao10/kasini3000.git
chuanjiao10
kasini3000
kasini3000
master

搜索帮助

14c37bed 8189591 565d56ea 8189591