#Requires -Modules ActiveDirectory
<#
.SYNOPSIS
    Wyświetla kompletne informacje o koncie użytkownika AD.

.DESCRIPTION
    Pobiera wszystkie przydatne atrybuty konta AD: dane osobowe, grupy,
    status konta, daty logowania, atrybuty hasła, proxy addresses.
    Przydatny jako first-stop przy troubleshootingu konta.

.PARAMETER Identity
    SamAccountName, UPN lub DisplayName użytkownika.

.EXAMPLE
    .\Get-ADUserDetails.ps1 -Identity jkowalski
    .\Get-ADUserDetails.ps1 -Identity jkowalski@firma.pl
#>

param(
    [Parameter(Mandatory)]
    [string]$Identity
)

Import-Module ActiveDirectory -ErrorAction Stop

$user = Get-ADUser -Identity $Identity -Properties * -ErrorAction Stop

# Oblicz wygaśnięcie hasła
$maxPasswordAge = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
$passwordExpires = if ($user.PasswordNeverExpires) {
    "NIGDY (PasswordNeverExpires = True)"
} elseif ($user.PasswordLastSet) {
    ($user.PasswordLastSet + $maxPasswordAge).ToString("yyyy-MM-dd HH:mm")
} else {
    "Brak danych (nigdy nie ustawione)"
}

# Grupy bezpośrednie
$groups = ($user.MemberOf | ForEach-Object { ($_ -split ',')[0] -replace 'CN=' }) | Sort-Object

Write-Host "`n========================================" -ForegroundColor Cyan
Write-Host "  KONTO AD: $($user.SamAccountName)" -ForegroundColor Cyan
Write-Host "========================================`n" -ForegroundColor Cyan

Write-Host "--- DANE PODSTAWOWE ---" -ForegroundColor Yellow
[PSCustomObject]@{
    DisplayName       = $user.DisplayName
    SamAccountName    = $user.SamAccountName
    UPN               = $user.UserPrincipalName
    Email             = $user.EmailAddress
    Title             = $user.Title
    Department        = $user.Department
    Company           = $user.Company
    Manager           = if ($user.Manager) { (Get-ADUser $user.Manager).DisplayName } else { "-" }
    Office            = $user.Office
    PhoneNumber       = $user.telephoneNumber
    MobilePhone       = $user.mobile
    Description       = $user.Description
} | Format-List

Write-Host "--- STATUS KONTA ---" -ForegroundColor Yellow
[PSCustomObject]@{
    Enabled              = $user.Enabled
    LockedOut            = $user.LockedOut
    PasswordExpired      = $user.PasswordExpired
    PasswordNeverExpires = $user.PasswordNeverExpires
    PasswordLastSet      = $user.PasswordLastSet
    PasswordExpires      = $passwordExpires
    AccountExpires       = if ($user.AccountExpirationDate) { $user.AccountExpirationDate.ToString("yyyy-MM-dd") } else { "Nigdy" }
    BadLogonCount        = $user.BadLogonCount
    LastBadPasswordAttempt = $user.LastBadPasswordAttempt
    LastLogonDate        = $user.LastLogonDate
    LogonCount           = $user.logonCount
    Created              = $user.Created
    Modified             = $user.Modified
} | Format-List

Write-Host "--- LOKALIZACJA W AD ---" -ForegroundColor Yellow
Write-Host "OU: $($user.DistinguishedName -replace '^CN=[^,]+,','')"
Write-Host "DN: $($user.DistinguishedName)"

Write-Host "`n--- GRUPY ($($groups.Count)) ---" -ForegroundColor Yellow
$groups | ForEach-Object { Write-Host "  · $_" }

if ($user.ProxyAddresses) {
    Write-Host "`n--- PROXY ADDRESSES ---" -ForegroundColor Yellow
    $user.ProxyAddresses | Sort-Object | ForEach-Object { Write-Host "  · $_" }
}