Nitish Kumar laymanstake

## Test-ADHealth-new.ps1
# Output formating options
$logopath = "https://camo.githubusercontent.com/239d9de795c471d44ad89783ec7dc03a76f5c0d60d00e457c181b6e95c6950b6/68747470733a2f2f6e69746973686b756d61722e66696c65732e776f726470726573732e636f6d2f323032322f31302f63726f707065642d696d675f32303232303732335f3039343534372d72656d6f766562672d707265766965772e706e67"
$ReportPath = "$env:USERPROFILE\desktop\ADReport_$(get-date -Uformat "%Y%m%d-%H%M%S").html"
$CopyRightInfo = " @Copyright Nitish Kumar <a href='https://github.com/laymanstake'>Visit nitishkumar.net</a>"

# CSS codes to format the report
$header = @"
<style>
    body { background-color: #b9d7f7; }
    h1 { font-family: Arial, Helvetica, sans-serif; color: #e68a00; font-size: 28px; }

## Start-ADAssessment.ps1
#Requires -Version 3.0
#Requires -Modules ActiveDirectory, GroupPolicy, DnsServer

<#
    Author : Nitish Kumar
    Performs Active Directory Forest Assessment
    version 1.0 | 06/06/2023 Initial version
    version 1.1 | 15/06/2023 Covered most areas though error proofing and dependency over wsman still remains
    version 1.2 | 16/06/2023 Number of small fixes included wrong calulations on empty groups
    version 1.3 | 21/06/2023 PowerShell jobs for AD health checks and Domain Summary details, Also chosing least latency DC

## Get-DFSInventory.ps1
Import-module ActiveDirectory

if ((Get-Module -ListAvailable -Name DFSN) -AND (Get-Module -ListAvailable -Name DFSR)) {
    Import-Module DFSN
    Import-Module DFSR
}
else {
    Exit
    Write-Output "Either of DFSN or DFSR is not available"
}

## Start-ADAssessment.ps1
function Get-UnusedNetlogonScripts {
    [CmdletBinding()]
    Param(
        [Parameter(ValueFromPipeline = $true, Mandatory = $true)]$DomainName,
        [Parameter(ValueFromPipeline = $true, mandatory = $true)][pscredential]$Credential
    )

    $unusedScripts = @()
    $referencedScripts = @()
    $PDC = (Test-Connection -Computername (Get-ADDomainController -Filter *  -Server $DomainName -Credential $Credential).Hostname -count 1 -AsJob | Get-Job | Receive-Job -Wait | Where-Object { $null -ne $_.Responsetime } | sort-object Responsetime | select-Object Address -first 1).Address

## Start-ADAssessment-nocred.ps1
#Requires -Version 3.0
#Requires -Modules ActiveDirectory, GroupPolicy, DnsServer

<#
    Author : Nitish Kumar
    Performs Active Directory Forest Assessment
    version 1.0 | 06/06/2023 Initial version
    version 1.1 | 15/06/2023 Covered most areas though error proofing and dependency over wsman still remains
    version 1.2 | 16/06/2023 Number of small fixes included wrong calulations on empty groups
    version 1.3 | 21/06/2023 PowerShell jobs for AD health checks and Domain Summary details, Also chosing least latency DC

## Get-ADDelegationReport.ps1
<#
    Author : Nitish Kumar
    AD delegated rights report
    version 1.0 | 06/09/2023 Initial version

    Disclaimer: This script is designed for illustration purposes only and the author do not claim to be responsible for any issues if caused by the script in production usages. Do due dilligence before running in the production environment
#>

# Initialize an empty array to store delegated permissions on OUs
$global:delegatedPermissionsOnOUs = @()

## Get-GPODetails.ps1
<#
    Author : Nitish Kumar
    Produces GPO inventory report
    version 1.0 | 01/09/2023 Initial version

    Disclaimer: This script is designed to only read data from the domain and should not cause any problems or change configurations but author do not claim to be responsible for any issues. Do due dilligence before running in the production environment

#>

Import-Module ActiveDirectory

## Start-SecurityCheck
Function Start-SecurityCheck {
    [CmdletBinding()]
    Param(
        [Parameter(ValueFromPipeline = $true, mandatory = $true)]$DomainName,
        [Parameter(ValueFromPipeline = $true, mandatory = $true)][pscredential]$Credential
    )

    $SecuritySettings = @()
    $DCs = (Get-ADDomainController -Filter * -Server $DomainName -Credential $Credential).hostname
    $PDC = (Test-Connection -Computername (Get-ADDomainController -Filter *  -Server $DomainName -Credential $Credential).Hostname -count 1 -AsJob | Get-Job | Receive-Job -Wait | Where-Object { $null -ne $_.Responsetime } | sort-object Responsetime | select-Object Address -first 1).Address

## Get-DHCPInventory.ps1
$logpath = "c:\temp\logfile.txt"

function Write-Log {
    [CmdletBinding()]
    Param(
        [Parameter(ValueFromPipeline = $true, mandatory = $true)]$logtext,
        [Parameter(ValueFromPipeline = $true, mandatory = $true)]$logpath
    )

    $Stamp = (Get-Date).toString("yyyy/MM/dd HH:mm:ss")

## Get-WSUSReport.ps1
#Requires -Version 3.0

<#
    Author : Nitish Kumar
    Gets WSUS Inventory
    version 1.0 | 18/07/2023 Initial version

    The script is kept as much modular as possible so that functions can be modified or added without altering the entire script
    It should be run as administrator and preferably Enterprise Administrator to get complete data. Its advised to run in demonstration environment to be sure first
	# Output formating options
	$logopath = "https://camo.githubusercontent.com/239d9de795c471d44ad89783ec7dc03a76f5c0d60d00e457c181b6e95c6950b6/68747470733a2f2f6e69746973686b756d61722e66696c65732e776f726470726573732e636f6d2f323032322f31302f63726f707065642d696d675f32303232303732335f3039343534372d72656d6f766562672d707265766965772e706e67"
	$ReportPath = "$env:USERPROFILE\desktop\ADReport_$(get-date -Uformat "%Y%m%d-%H%M%S").html"
	$CopyRightInfo = " @Copyright Nitish Kumar <a href='https://github.com/laymanstake'>Visit nitishkumar.net</a>"

	# CSS codes to format the report
	$header = @"
	<style>
	body { background-color: #b9d7f7; }
	h1 { font-family: Arial, Helvetica, sans-serif; color: #e68a00; font-size: 28px; }
	#Requires -Version 3.0
	#Requires -Modules ActiveDirectory, GroupPolicy, DnsServer

	<#
	Author : Nitish Kumar
	Performs Active Directory Forest Assessment
	version 1.0 \| 06/06/2023 Initial version
	version 1.1 \| 15/06/2023 Covered most areas though error proofing and dependency over wsman still remains
	version 1.2 \| 16/06/2023 Number of small fixes included wrong calulations on empty groups
	version 1.3 \| 21/06/2023 PowerShell jobs for AD health checks and Domain Summary details, Also chosing least latency DC
	Import-module ActiveDirectory

	if ((Get-Module -ListAvailable -Name DFSN) -AND (Get-Module -ListAvailable -Name DFSR)) {
	Import-Module DFSN
	Import-Module DFSR
	}
	else {
	Exit
	Write-Output "Either of DFSN or DFSR is not available"
	}
	function Get-UnusedNetlogonScripts {
	[CmdletBinding()]
	Param(
	[Parameter(ValueFromPipeline = $true, Mandatory = $true)]$DomainName,
	[Parameter(ValueFromPipeline = $true, mandatory = $true)][pscredential]$Credential
	)

	$unusedScripts = @()
	$referencedScripts = @()
	$PDC = (Test-Connection -Computername (Get-ADDomainController -Filter * -Server $DomainName -Credential $Credential).Hostname -count 1 -AsJob \| Get-Job \| Receive-Job -Wait \| Where-Object { $null -ne $_.Responsetime } \| sort-object Responsetime \| select-Object Address -first 1).Address
	<#
	Author : Nitish Kumar
	AD delegated rights report
	version 1.0 \| 06/09/2023 Initial version

	Disclaimer: This script is designed for illustration purposes only and the author do not claim to be responsible for any issues if caused by the script in production usages. Do due dilligence before running in the production environment
	#>

	# Initialize an empty array to store delegated permissions on OUs
	$global:delegatedPermissionsOnOUs = @()
	<#
	Author : Nitish Kumar
	Produces GPO inventory report
	version 1.0 \| 01/09/2023 Initial version

	Disclaimer: This script is designed to only read data from the domain and should not cause any problems or change configurations but author do not claim to be responsible for any issues. Do due dilligence before running in the production environment

	#>

	Import-Module ActiveDirectory
	Function Start-SecurityCheck {
	[CmdletBinding()]
	Param(
	[Parameter(ValueFromPipeline = $true, mandatory = $true)]$DomainName,
	[Parameter(ValueFromPipeline = $true, mandatory = $true)][pscredential]$Credential
	)

	$SecuritySettings = @()
	$DCs = (Get-ADDomainController -Filter * -Server $DomainName -Credential $Credential).hostname
	$PDC = (Test-Connection -Computername (Get-ADDomainController -Filter * -Server $DomainName -Credential $Credential).Hostname -count 1 -AsJob \| Get-Job \| Receive-Job -Wait \| Where-Object { $null -ne $_.Responsetime } \| sort-object Responsetime \| select-Object Address -first 1).Address
	$logpath = "c:\temp\logfile.txt"

	function Write-Log {
	[CmdletBinding()]
	Param(
	[Parameter(ValueFromPipeline = $true, mandatory = $true)]$logtext,
	[Parameter(ValueFromPipeline = $true, mandatory = $true)]$logpath
	)

	$Stamp = (Get-Date).toString("yyyy/MM/dd HH:mm:ss")
	#Requires -Version 3.0

	<#
	Author : Nitish Kumar
	Gets WSUS Inventory
	version 1.0 \| 18/07/2023 Initial version

	The script is kept as much modular as possible so that functions can be modified or added without altering the entire script
	It should be run as administrator and preferably Enterprise Administrator to get complete data. Its advised to run in demonstration environment to be sure first