1 files changed, 55 insertions, 12 deletions
diff --git a/Set-MachineAccountAttribute.ps1 b/Set-MachineAccountAttribute.ps1
index 1e5ba74..610cc6f 100644
--- a/Set-MachineAccountAttribute.ps1
+++ b/Set-MachineAccountAttribute.ps1
@@ -27,11 +27,18 @@ function Set-MachineAccountAttribute
     Author: Kevin Robertson (@kevin_robertson)  
     License: BSD 3-Clause 
 
+    .PARAMETER Credential
+    Credentials for account that was used to create the machine account.
+
     .PARAMETER DistinguishedName
     Distinguished name for the computers OU.
 
     .PARAMETER Domain
-    The targeted domain.
+    The targeted domain. This parameter is mandatory on a non-domain attached system. Note this parameter
+    requires a DNS domain name and not a NetBIOS version.
+
+    .PARAMETER DomainController
+    Domain controller to target. This parameter is mandatory on a non-domain attached system.
 
     .PARAMETER MachineAccount
     The username of the machine account that will be modified.
@@ -54,11 +61,45 @@ function Set-MachineAccountAttribute
     (
         [parameter(Mandatory=$false)][String]$DistinguishedName,
         [parameter(Mandatory=$false)][String]$Domain,
+        [parameter(Mandatory=$false)][String]$DomainController,
         [parameter(Mandatory=$true)][String]$MachineAccount,
         [parameter(Mandatory=$true)][String]$Attribute,
-        [parameter(Mandatory=$true)]$Value
+        [parameter(Mandatory=$true)]$Value,
+        [parameter(Mandatory=$false)][System.Management.Automation.PSCredential]$Credential
     )
 
+    if(!$DomainController)
+    {
+
+        try
+        {
+            $DomainController = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers[0].Name
+        }
+        catch
+        {
+            Write-Output "[-] domain controller not located"
+            throw
+        }
+
+    }
+
+    if(!$Domain)
+    {
+
+        try
+        {
+            $Domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().Name
+        }
+        catch
+        {
+            $error_message = $_.Exception.Message
+            $error_message = $error_message -replace "`n",""
+            Write-Output "[-] $error_message"
+            throw
+        }
+
+    }
+
     if($MachineAccount.EndsWith('$'))
     {
         $machine_account = $MachineAccount.SubString(0,$MachineAccount.Length - 1)
@@ -68,19 +109,12 @@ function Set-MachineAccountAttribute
         $machine_account = $MachineAccount  
     }
 
-    if(!$Domain)
-    {
-        $domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().Name
-    }
-
     if(!$DistinguishedName)
     {
-
         $distinguished_name = "CN=$machine_account,CN=Computers"
+        $DC_array = $Domain.Split(".")
 
-        $DCArray = $Domain.Split(".")
-
-        ForEach($DC in $DCArray)
+        ForEach($DC in $DC_array)
         {
             $distinguished_name += ",DC=$DC"
         }
@@ -91,7 +125,16 @@ function Set-MachineAccountAttribute
         $distinguished_name = "$DistinguishedName"
     }
 
-    $account = New-Object System.DirectoryServices.DirectoryEntry "LDAP://$distinguished_name"
+    Write-Verbose "[+] Distinguished Name=$distinguished_name"
+
+    if($Credential)
+    {
+        $account = New-Object System.DirectoryServices.DirectoryEntry("LDAP://$DomainController/$distinguished_name",$Credential.UserName,$credential.GetNetworkCredential().Password)
+    }
+    else
+    {
+        $account = New-Object System.DirectoryServices.DirectoryEntry "LDAP://$DomainController/$distinguished_name"
+    }
 
     try
     {