Last active
August 10, 2021 19:39
-
-
Save maartendamen/1ba1aaf6ac0efb2ea6c63b0399084acf to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import-module ActiveDirectory | |
# Configuration | |
$tenantId = '' ### Paste your tenant ID here | |
$appId = '' ### Paste your Application ID here | |
$appSecret = '' ### Paste your Application secret here | |
$skiplist = "" # Specifcy items as a list: "SERVER1","SERVER2","SERVER3" | |
$mailserver = "mailserver.host.com" # Mailserver (SMTP) | |
$from_address = "from@host.com" # From address | |
$to_address = "to@host.com" # To address | |
# Start of script | |
$resourceAppIdUri = 'https://api.securitycenter.microsoft.com' | |
$oAuthUri = "https://login.microsoftonline.com/$TenantId/oauth2/token" | |
$authBody = [Ordered] @{ | |
resource = "$resourceAppIdUri" | |
client_id = "$appId" | |
client_secret = "$appSecret" | |
grant_type = 'client_credentials' | |
} | |
$authResponse = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $authBody -ErrorAction Stop | |
$token = $authResponse.access_token | |
$url = "https://api-eu.securitycenter.windows.com/api/machines" | |
# Set the WebRequest headers | |
$headers = @{ | |
'Content-Type' = 'application/json' | |
Accept = 'application/json' | |
Authorization = "Bearer $token" | |
} | |
$response = Invoke-WebRequest -Method Get -Uri $url -Headers $headers -ErrorAction Stop | |
$machines = ($response | ConvertFrom-Json).value | |
$ad_servers = Get-ADComputer -Filter 'operatingsystem -like "*server*" -and enabled -eq "true"' -Properties Name, Operatingsystem, OperatingSystemVersion, IPv4Address | |
function IsMachineInDefender ($server_name) { | |
foreach ($machine in $machines) { | |
$server_name = $server_name.ToUpper() | |
if ($null -ne $machine.computerDnsName) { | |
$machine_name = $machine.computerDnsName.Split(".")[0] | |
} | |
else { | |
continue | |
} | |
if ($server_name -eq $machine_name) { | |
return $true | |
} | |
} | |
return $false | |
} | |
function sendEmail($servers) { | |
$SmtpClient = new-object system.net.mail.smtpClient | |
$MailMessage = New-Object system.net.mail.mailmessage | |
$SmtpClient.Host = $mailserver | |
$MailMessage.from = $from_address | |
$MailMessage.To.add($to_address) | |
$MailMessage.IsBodyHtml = 1 | |
$MailMessage.Subject = "Windows 365 Defender missing servers" | |
$MailMessage.Body += "<FONT FACE='Arial, Helvetica, Geneva'><h3>The following servers are missing in Windows 365 Defender:</h3><br>" | |
foreach ($server in $servers) { | |
if ($server.InDefender -eq $false -and !$skiplist.Contains($server.Name)) { | |
$MailMessage.Body += $server.Name + "<br>" | |
} | |
} | |
$MailMessage.Body += "</font>" | |
$SmtpClient.Send($MailMessage) | |
} | |
foreach ($server in $ad_servers) { | |
$server | Add-Member -MemberType NoteProperty -Name 'InDefender' -Value (IsMachineInDefender($server.Name)) -Force | |
} | |
sendEmail $ad_servers |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment