The PowerShell script to Reset SecureMFA OTP account in SQL database.
The PowerShell script for reseting SecureMFA OTP accounts.
- System which will execute a script must have SQL PowerShell module for Invoke-Sqlcmd available
- Invoke-Sqlcmd will require following tools as minimal requirement installed from Microsoft® SQL Server® Feature Pack: SQLSysClrTypes.msi; SharedManagementObjects.msi; PowerShellTools.msi
- Script can be converted into exe file using PS2EXE utility https://gallery.technet.microsoft.com/scriptcenter/PS2EXE-GUI-Convert-e7cb69d5 for servicedesk usage if required.
Bellow is a sample of a valid Json config file:
"input_text": "Please enter user's UPN"
- Detail help can be retrieved from PS file by running following PowerShell command against it: Get-Help .\ResetOTP.ps1 -Full
SecureMFA OTP maintenance script for SQL database.
Scheduler bellow SQL script to run as weekly job on SQL Server. Script will delete old user records with lastlogon data older than 60 days or value equals NULL .
Delete FROM [SecureMfaOTP].[dbo].[Secrets] WHERE lastlogon < DATEADD(day, -60, GETDATE()) OR lastlogon IS NULL