"The Hub"
"The Hub" is the main four functions that first appear on program run. These functions are:
The clear last login makes three key modifications to the Windows registry, removing information form keys holding login information.
These keys are from HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI
- LastLoggedOnSAMUser
- LastLoggedOnUser
- LastLoggedOnUserSID
Setting these three keys to blank will effectively remove the known user from the list, leading to a clean username/password on the login screen after running.
LAPS, or Local Administrator Password Solution, is an Active Directory service that creates unique and secure administrative passwords, which are randomly cycled, and readable only by given users. For more information on LAPS, check out HERE. In April 2023, Microsoft rolled out a Windows update that as well introduced Windows LAPS, a new tool that is system-based versus application-based, called Windows LAPS. For more information on Windows LAPS, check out HERE
The default behavior for this function utilizes the LAPS storage location (ms-Mcs-AdmPwd) in Active Directory.
This will require the following:
- Appropriate AD rights to view the given property
- RSAT Active Directory tools installed on the given machine
The command run on the backend is just a simple Get-ADComputer command, which references the ms-Mcs-AdmPwd AD field.
The command run is Get-ADComputer $hostname -Properties * -Server $domain -Credential $username | Select-Object -ExpandProperty ms-Mcs-AdmPwd
For Windows LAPS, the behavior changes slightly. Windows LAPS queries use the Get-LAPSADPassword command. IF you use Azure AD, the query will need to be changed as well (Adding issue soon).
For now, the Windows LAPS function runs a query using Get-LapsADPassword -ComputerName $hostname -Credential (Get-Credential -Credential $usernameInput.Text) -AsPlainText | Select-Object -ExpandProperty Password
A standalone version of the LAPS client currently lives at https://github.com/eliweitzman/ETT-LAPS in case you don't want to download the whole toolkit! Version updates for this will be updated in sequence, but all changes will be made here in ETT.
Experimental - Azure AD Windows LAPS Scenario This is currently in alpha development, however needs significant testing, as it's approach is most definitely not functional yet. The current query run is as follows:
#Connect to the MS Graph API
Connect-MgGraph -TenantId $tenantID -ClientId $clientID
#Get the password
$lapsResult = Get-LapsAADPassword -DeviceIds $hostnameInput.Text -AsPlainText
This procedural difference is experimental, and untested as of now. Current tracking is kept in Issue #5
The "Update Apps" function is an extremely simple command, but does have prerequisites. This command runs on Winget, the Windows Package Manager. On newer Windows builds, this is already installed, so long as the "App Installer" application is installed on the machine.
The function first checks to see if Windows Package Manager is installed, then runs a simple winget upgrade --all
There are other modifications that can be appended, however I kept the basic one for now as every organizational preference is different.
The Windows Policy update is useful for organizations that want to script the compliance and policy updates on their machines. Currently, this function holds only a single "gpupdate /force" command. But, if your organization uses other device management tools with their own CLI commands, you can simply add them in the space that is commented out as "Any additional commands can be added here, depending on policy and compliance needs"