-
-
Save irwins/84c990758dc5ad8a06b1b1f1bbef50d9 to your computer and use it in GitHub Desktop.
Get-ADHCPScriboReport
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Author: I.Strachan | |
Version: 1.0 | |
Version History: | |
Purpose: Active Directory Health Check PScribo/Excel report | |
#> | |
[CmdletBinding()] | |
Param( | |
$snapshotDate= '26052016' | |
) | |
#PScribo link: https://github.com/iainbrighton/PScribo | |
Import-Module PScribo,ImportExcel -Verbose:$false | |
#ImportExcel link: https://github.com/dfinke/ImportExcel | |
Import-Module ImportExcel -Verbose:$false | |
#Get ADSnapshot | |
$ADHCSnapshot = Import-Clixml .\export\adds\ADHC-$($snapshotDate).xml | |
#region Create PScribo Document | |
$reportAD = Document "ADHC snapshot report - $($snapshotDate)" { | |
GlobalOption -ForceUppercaseSection -EnableSectionNumbering -PageSize A4 -Margin 24 | |
BlankLine -Count 20 | |
Paragraph "Active Directory Health report - $($snapshotDate)" -Style Title | |
BlankLine -Count 20 | |
PageBreak | |
TOC -Name 'Table of Contents' | |
PageBreak | |
Section -Style Heading1 'Forest Information' { | |
$ADForest = [Ordered]@{ | |
Name = $($ADHCSnapshot.ADDS.Forest.Name) | |
RootDomain = $($ADHCSnapshot.ADDS.Forest.RootDomain) | |
ForestMode = $($ADHCSnapshot.ADDS.Forest.ForestMode.ToString()) | |
Domains = $($ADHCSnapshot.ADDS.Forest.Domains) | |
} | |
Table -Name 'Forest Information' -List -Width 0 -Hashtable $ADForest | |
Section -Style Heading2 'FSMO Roles' { | |
$ADHCSnapshot.ADDS.Forest | | |
Select-Object DomainNamingMaster,SchemaMaster | | |
Table -Name 'Forest FSMO Roles' -List -Width 0 | |
Blankline | |
$ADHCSnapshot.ADDS.Domain | | |
Select-Object PDCEmulator,InfrastructureMaster,RIDMaster | | |
Table -Name 'Domain FSMO Roles' -List -Width 0 | |
} | |
Section -Style Heading2 'Global Catalogs' { | |
$ADHCSnapshot.ADDS._Forest.GlobalCatalogs | | |
Select-Object Name | | |
Table -Name 'Global Catalogs' -Width 0 | |
} | |
} | |
PageBreak | |
Section -Style Heading1 'Domain Information' { | |
$ADDomain = [Ordered]@{ | |
NetBIOSName = $($ADHCSnapshot.ADDS.Domain.NetBIOSName) | |
DomainMode = $($ADHCSnapshot.ADDS.Domain.DomainMode.ToString()) | |
DistinguishedName = $($ADHCSnapshot.ADDS.Domain.DistinguishedName) | |
DomainSID = $($ADHCSnapshot.ADDS.Domain.DomainSID) | |
} | |
Table -Name 'Domain Information' -List -Width 0 -Hashtable $ADDomain | |
Section -Style Heading2 'Domain Controllers' { | |
$ADHCSnapshot.ADDS.DomainControllers | | |
Select-Object Name,OperatingSystem,IPv4Address,Site | | |
Table -Name 'Domain Controllers' -List -Width 0 | |
} | |
Section -Style Heading2 'Default Domain Password Policy' { | |
$ADHCSnapshot.ADDS.DefaultPassWordPoLicy | | |
Select-Object ComplexityEnabled,LockoutDuration,LockoutObservationWindow,LockoutThreshold, | |
MaxPasswordAge,MinPasswordAge,MinPasswordLength,PasswordHistoryCount,ReversibleEncryptionEnabled | | |
Table -Name 'Default Domain Password Policy' -List -Width 0 | |
} | |
Section -Style Heading2 'Domain Administrators' { | |
$ADHCSnapshot.ADDS.DomainAdministrators | | |
Select-Object Name,DistinguishedName | | |
Table -Name 'Domain Administrators' -Width 0 | |
} | |
PageBreak | |
Section -Style Heading2 'Organizational Units' { | |
$ADHCSnapshot.ADDS.OrganizationalUnits | | |
Select-Object Name,DistinguishedName | | |
Table -Name 'Organizational Units' -Width 0 | |
} | |
PageBreak | |
Section -Style Heading2 'Groups' { | |
$ADHCSnapshot.Groups.Privileged | | |
Select-Object DomainSID,NETBIOSName,FQDN | | |
Table -Name 'Groups' -list -Width 0 | |
Section -Style Heading3 'Privileged groups'{ | |
$ADHCSnapshot.Groups.Privileged.Groups | | |
Foreach-Object{ | |
[PSCustomObject]@{ | |
Name = $_.Name | |
Category = $_.GroupCategory.ToString() | |
Scope = $_.GroupScope.ToString() | |
SID = $_.SID | |
} | |
} | | |
Table -Name 'Privileged groups' -Width 0 | |
} | |
Section -Style Heading3 'Privileged groups count'{ | |
#Create Style for Privileged Groups count greater than 5 | |
Style -Name PrivilegedGroupsGT5 -Color White -BackgroundColor Firebrick | |
$PrivilegedGroupsGT5 = $ADHCSnapshot.Groups.Privileged.Groups | | |
Foreach-object { | |
[PSCustomObject]@{ | |
Name = $_.Name | |
MemberCount = @($_.Members).Count | |
} | |
} | |
#Set Style for Privileged Groups count greater than 5 | |
$PrivilegedGroupsGT5 | Where-object{ $_.MemberCount -gt 5} | Set-Style -Style 'PrivilegedGroupsGT5' | |
Table -InputObject $PrivilegedGroupsGT5 -Name 'Privileged groups count' -Width 0 | |
} | |
} | |
} | |
PageBreak | |
Section -Style Heading1 'Sites & Subnets' { | |
Section -Style Heading2 'Sites' { | |
$ADHCSnapshot.ADDS.Sites | | |
Select-Object Name,Description,DistinguishedName | | |
Table -Name 'Sites & Subnets' -Width 0 | |
Section -Style Heading3 'Sites without a description' { | |
$ADHCSnapshot.ADDS.Sites.Where{$_.Description -eq $null} | | |
Select-Object Name | | |
Table -Name 'Sites without a description' -Width 0 | |
} | |
if($ADHCSnapshot.ADDS._Forest.Sites.Where{@($_.Subnets).Count -eq 0 }){ | |
Section -Style Heading3 'Sites without a subnet' { | |
$ADHCSnapshot.ADDS._Forest.Sites.Where{@($_.Subnets).Count -eq 0 } | | |
Select-Object Name | | |
Table -Name 'Sites without a subnet' -Width 0 | |
} | |
} | |
if($ADHCSnapshot.ADDS._Forest.Sites.Where{@($_.Servers).Count -eq 0 }){ | |
Section -Style Heading3 'Sites without a DC' { | |
$ADHCSnapshot.ADDS._Forest.Sites.Where{@($_.Servers).Count -eq 0 } | | |
Select-Object Name | | |
Table -Name 'Sites without a DC' -Width 0 | |
} | |
} | |
Section -Style Heading3 'Sites Stats' { | |
$ADHCSnapshot.ADDS.SitesStats | | |
Table -Name 'Sites Stats' -Width 0 | |
} | |
} | |
Section -Style Heading2 'Sitelinks' { | |
$ADHCSnapshot.ADDS.SiteLinks | | |
Select-Object Name,Cost,ReplicationFrequencyInMinutes | | |
Table -Name 'Sitelinks' -Width 0 | |
} | |
Section -Style Heading2 'Subnets' { | |
$ADHCSnapshot.ADDS.Subnets | | |
Select-Object Name,Site | | |
Table -Name 'Subnets' -Width 0 | |
} | |
} | |
PageBreak | |
Section -Style Heading1 'Group Policies' { | |
$ADHCSnapshot.GPOs.All | | |
Select-Object DisplayName,Description,GPOStatus,ModificationTime | | |
Table -Name 'Group Policies' -Width 0 | |
Section -Style Heading2 'Group Policy Scope of Management' { | |
$ADHCSnapshot.GPOs.GPOsSoM | | |
Select-Object DisplayName,LinkOrderNr,GPOStatus,LinkEnabled,Enforced,BlockInheritance | | |
Table -Name 'Group Policy Scope of Management' -Width 0 | |
} | |
} | |
} | |
#endregion | |
#region Render report in HTML,Word & XML format | |
$reportAD | Export-Document -Path .\export\adds -Format Html,Word,XML | |
#Or save it and render later on. | |
$reportAD | Export-Clixml .\export\adds\ADHCRawPScriboDocument-$($snapshotDate).xml -Encoding UTF8 | |
#endregion | |
#region Export Users,Group & Computers to Excel | |
$xlsxUserFile = ".\export\adds\ADHC - UserReport - $($snapshotDate).xlsx" | |
$xlsxComputerFile = ".\export\adds\ADHC - ComputerReport - $($snapshotDate).xlsx" | |
$xlsxGroupMembersFile = ".\export\adds\ADHC - PrivilegedMembersReport - $($snapshotDate).xlsx" | |
$xlsxGroupMemberOfFile = ".\export\adds\ADHC - PrivilegedMemberOfReport - $($snapshotDate).xlsx" | |
#Users xlsx file | |
foreach($entry in $ADHCSnapshot.Users.Keys){ | |
$WorkSheetName = $entry | |
If($ADHCSnapshot.Users.$entry){ | |
$ADHCSnapshot.Users.$entry | | |
ConvertTo-Csv -Delimiter ';' -NoTypeInformation | | |
ConvertFrom-Csv -Delimiter ';' | | |
Export-Excel -Path $xlsxUserFile -WorkSheetname $WorkSheetName -AutoSize -BoldTopRow -FreezeTopRow | |
} | |
} | |
#Computers xlsx file | |
foreach($entry in $ADHCSnapshot.Computers.Keys){ | |
$WorkSheetName = $entry | |
if($ADHCSnapshot.Computers.$entry){ | |
$ADHCSnapshot.Computers.$entry | | |
ConvertTo-Csv -Delimiter ';' -NoTypeInformation | | |
ConvertFrom-Csv -Delimiter ';' | | |
Export-Excel -Path $xlsxComputerFile -WorkSheetname $WorkSheetName -AutoSize -BoldTopRow -FreezeTopRow | |
} | |
} | |
#Groups xlsx file | |
$snapshot.Groups.Privileged.Groups.ForEach{ | |
if($_.Members){ | |
$_.Members | | |
ForEach-Object{ | |
$_ | Get-ADObject | | |
Select-Object Name,DistinguishedName | |
} | | |
Export-Excel -Path $xlsxGroupMembersFile -WorkSheetname $_.Name -AutoSize -BoldTopRow -FreezeTopRow | |
} | |
if($_.MemberOf){ | |
$_.MemberOf | | |
ForEach-Object{ | |
$_ | Get-ADObject | | |
Select-Object Name,DistinguishedName | |
} | | |
Export-Excel -Path $xlsxGroupMemberOfFile -WorkSheetname $_.Name -AutoSize -BoldTopRow -FreezeTopRow | |
} | |
} | |
foreach($entry in $ADHCSnapshot.Computers.Keys){ | |
$WorkSheetName = $entry | |
if($ADHCSnapshot.Computers.$entry){ | |
$ADHCSnapshot.Computers.$entry | | |
ConvertTo-Csv -Delimiter ';' -NoTypeInformation | | |
ConvertFrom-Csv -Delimiter ';' | | |
Export-Excel -Path $xlsxComputerFile -WorkSheetname $WorkSheetName -AutoSize -BoldTopRow -FreezeTopRow | |
} | |
} | |
#endregion |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment