initial commit

LocalAdminRights.ps1

@@ -0,0 +1,34 @@
+# Path to the CSV file
+$CsvFilePath = "C:\Scripts\UserMachineMapping.csv"
+
+# Import CSV and create a hash table
+$UserMachineMapping = @{}
+Import-Csv -Path $CsvFilePath | ForEach-Object {
+    $UserMachineMapping[$_.Username] = $_.Machine
+}
+
+
+# User and Machine Info
+$CurrentUser = $env:USERNAME
+$CurrentMachine = $env:COMPUTERNAME
+
+# Group Info
+$AdminGroup = "Administrators"
+
+if ($UserMachineMapping.ContainsKey($CurrentUser)) {
+    $ExpectedMachine = $UserMachineMapping[$CurrentUser]
+
+    if ($CurrentMachine -eq $ExpectedMachine) {
+        $AdminGroup = [ADSI]"WinNT://$env:COMPUTERNAME/Administrators,group"
+        if (-not $AdminGroup.psbase.Invoke("IsMember", "WinNT://$env:COMPUTERNAME/$CurrentUser")) {
+            Add-LocalGroupMember -Group "Administrators" -Member $CurrentUser
+            Write-Output "$CurrentUser added to Local Admin."
+        }
+    }
+} else {
+    $AdminGroup = [ADSI]"WinNT://$env:COMPUTERNAME/Administrators,group"
+    if ($AdminGroup.psbase.Invoke("IsMember", "WinNT://$env:COMPUTERNAME/$CurrentUser")) {
+        $AdminGroup.Remove("WinNT://$env:COMPUTERNAME/$CurrentUser")
+        Write-Output "$CurrentUser removed from Local Admin."
+    }
+}

UserMachineMapping.csv

@@ -0,0 +1,3 @@
+Username,Machine
+tmctesterson,LB-SPAREASUS1
+aaguila,LB-HY3Q114

ValidateUsers.ps1

@@ -0,0 +1,23 @@
+$UserMachineMapping = @{
+
+"tmctesterson" = "LB-SPAREASUS1"
+
+
+}
+
+$CurrentUser = $env:USERNAME
+$CurrentMachine = $env:COMPUTERNAME
+
+if ($UserMachineMapping.ContainsKey($CurrentUser)){
+
+    $ExpectedMachine = $UserMachineMapping[$CurrentUser]
+
+    if ($CurrentMachine -ne $ExpectedMachine) {
+        Write-Output "Access Denied Biatch! $CurrentUser is not allowed in $CurrentMachine"
+        shutdown.exe /l
+    }
+
+}else {
+    Write-Output "Access Denied! $CurrentUser does not exist in the List"
+    shutdown.exe /l
+}