Why Am I Starting a PowerShell Blog? A Funny Tale
Well, folks, I think it’s time I let you in on a little secret about why I decided to start a PowerShell blog. My story is not only educational but will hopefully put a smile on your faces too!
<# .SYNOPSIS Active Directory Replication Analysis Tool .DESCRIPTION This script analyzes Active Directory replication status, identifies issues, and provides detailed information about replication topology and health. .NOTES File Name : ADReplicationAnalyzer.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, Active Directory module, and appropriate AD permissions Version : 1.0 Date : [Current Date] .EXAMPLE .\ADReplicationAnalyzer.ps1 #> # Import required modules Import-Module ActiveDirectory # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\AD_Replication_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== Active Directory Replication Analysis Tool ===" -ForegroundColor Cyan Write-Host "1. Check Replication Status" Write-Host "2. Analyze Replication Topology" Write-Host "3. Identify Replication Errors" Write-Host "4. Check Inter-Site Replication" Write-Host "5. Verify Domain Controller Metadata" Write-Host "6. Check KCC Connectivity" Write-Host "7. Analyze Replication Latency" Write-Host "8. Generate Comprehensive HTML Report" Write-Host "9. Exit" } <# .SYNOPSIS Checks the overall replication status. .OUTPUTS Array of PSObjects containing replication status details. #> function Check-ReplicationStatus { Write-Host "`nChecking Replication Status..." -ForegroundColor Yellow $results = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $replicationStatus = repadmin /showrepl $dc.HostName $lastReplication = ($replicationStatus | Select-String "Last attempt" | Select-Object -First 1) -replace "Last attempt @ ","" $results += [PSCustomObject]@{ DomainController = $dc.HostName LastReplication = $lastReplication Status = if ($replicationStatus -match "was successful") { "Successful" } else { "Failed" } } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Analyzes the replication topology. .OUTPUTS Array of PSObjects containing replication topology details. #> function Analyze-ReplicationTopology { Write-Host "`nAnalyzing Replication Topology..." -ForegroundColor Yellow $topology = @() $sites = Get-ADReplicationSite -Filter * foreach ($site in $sites) { $siteLinks = Get-ADReplicationSiteLink -Filter {SitesIncluded -eq $site.DistinguishedName} $dcs = Get-ADDomainController -Filter {Site -eq $site.Name} $topology += [PSCustomObject]@{ SiteName = $site.Name DomainControllers = ($dcs | ForEach-Object { $_.Name }) -join ", " ConnectedSites = ($siteLinks | ForEach-Object { ($_.SitesIncluded | Where-Object { $_ -ne $site.DistinguishedName }) -replace "CN=|,.*" }) -join ", " } } $topology | Format-Table -AutoSize return $topology } <# .SYNOPSIS Identifies replication errors. .OUTPUTS Array of PSObjects containing replication error details. #> function Identify-ReplicationErrors { Write-Host "`nIdentifying Replication Errors..." -ForegroundColor Yellow $errors = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $replicationStatus = repadmin /showrepl $dc.HostName $errorLines = $replicationStatus | Select-String "Error" foreach ($line in $errorLines) { $errors += [PSCustomObject]@{ DomainController = $dc.HostName Error = $line.Line.Trim() } } } if ($errors.Count -eq 0) { Write-Host "No replication errors found." -ForegroundColor Green } else { $errors | Format-Table -AutoSize } return $errors } <# .SYNOPSIS Checks inter-site replication. .OUTPUTS Array of PSObjects containing inter-site replication details. #> function Check-InterSiteReplication { Write-Host "`nChecking Inter-Site Replication..." -ForegroundColor Yellow $interSiteRepl = @() $siteLinks = Get-ADReplicationSiteLink -Filter * foreach ($link in $siteLinks) { $interSiteRepl += [PSCustomObject]@{ SiteLinkName = $link.Name Sites = ($link.SitesIncluded | ForEach-Object { ($_ -replace "CN=|,.*") }) -join ", " ReplicationInterval = $link.ReplicationFrequencyInMinutes Cost = $link.Cost } } $interSiteRepl | Format-Table -AutoSize return $interSiteRepl } <# .SYNOPSIS Verifies domain controller metadata. .OUTPUTS Array of PSObjects containing DC metadata details. #> function Verify-DCMetadata { Write-Host "`nVerifying Domain Controller Metadata..." -ForegroundColor Yellow $metadata = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $dcMetadata = Get-ADReplicationPartnerMetadata -Target $dc.HostName $metadata += [PSCustomObject]@{ DomainController = $dc.HostName LastReplicationAttempt = $dcMetadata.LastReplicationAttempt LastReplicationResult = $dcMetadata.LastReplicationResult LastReplicationSuccess = $dcMetadata.LastReplicationSuccess } } $metadata | Format-Table -AutoSize return $metadata } <# .SYNOPSIS Checks KCC connectivity. .OUTPUTS Array of PSObjects containing KCC connectivity details. #> function Check-KCCConnectivity { Write-Host "`nChecking KCC Connectivity..." -ForegroundColor Yellow $kccConnectivity = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $kccStatus = repadmin /showkcc $dc.HostName $kccConnectivity += [PSCustomObject]@{ DomainController = $dc.HostName Status = if ($kccStatus -match "completed successfully") { "Successful" } else { "Failed" } Details = ($kccStatus | Select-String "Intra" -Context 0,1).Context.PostContext } } $kccConnectivity | Format-Table -AutoSize return $kccConnectivity } <# .SYNOPSIS Analyzes replication latency. .OUTPUTS Array of PSObjects containing replication latency details. #> function Analyze-ReplicationLatency { Write-Host "`nAnalyzing Replication Latency..." -ForegroundColor Yellow $latency = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $replPartners = Get-ADReplicationPartnerMetadata -Target $dc.HostName foreach ($partner in $replPartners) { $latency += [PSCustomObject]@{ SourceDC = $dc.HostName PartnerDC = $partner.Partner LastReplicationAttempt = $partner.LastReplicationAttempt LastReplicationSuccess = $partner.LastReplicationSuccess LatencyMinutes = if ($partner.LastReplicationSuccess) { [math]::Round(($partner.LastReplicationAttempt - $partner.LastReplicationSuccess).TotalMinutes, 2) } else { "N/A" } } } } $latency | Format-Table -AutoSize return $latency } <# .SYNOPSIS Generates a comprehensive HTML report of all analyses. .PARAMETER AllResults Hashtable containing all analysis results. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { param([hashtable]$AllResults) Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>AD Replication Analysis Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2, h3 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>Active Directory Replication Analysis Report</h1> <p>Generated on: $(Get-Date)</p> <h2>Replication Status</h2> $($AllResults.ReplicationStatus | ConvertTo-Html -Fragment) <h2>Replication Topology</h2> $($AllResults.ReplicationTopology | ConvertTo-Html -Fragment) <h2>Replication Errors</h2> $($AllResults.ReplicationErrors | ConvertTo-Html -Fragment) <h2>Inter-Site Replication</h2> $($AllResults.InterSiteReplication | ConvertTo-Html -Fragment) <h2>Domain Controller Metadata</h2> $($AllResults.DCMetadata | ConvertTo-Html -Fragment) <h2>KCC Connectivity</h2> $($AllResults.KCCConnectivity | ConvertTo-Html -Fragment) <h2>Replication Latency</h2> $($AllResults.ReplicationLatency | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop $allResults = @{} do { Show-Menu $choice = Read-Host "`nEnter your choice (1-9)" switch ($choice) { "1" { $allResults.ReplicationStatus = Check-ReplicationStatus } "2" { $allResults.ReplicationTopology = Analyze-ReplicationTopology } "3" { $allResults.ReplicationErrors = Identify-ReplicationErrors } "4" { $allResults.InterSiteReplication = Check-InterSiteReplication } "5" { $allResults.DCMetadata = Verify-DCMetadata } "6" { $allResults.KCCConnectivity = Check-KCCConnectivity } "7" { $allResults.ReplicationLatency = Analyze-ReplicationLatency } "8" { Generate-HTMLReport -AllResults $allResults } "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "9") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "9")
This Active Directory Replication Analysis Tool includes:
Key features:
This tool is particularly useful for:
To use this script effectively:
This script provides a comprehensive overview of the AD replication status and health in an Active Directory environment, making it easier to identify issues, bottlenecks, or misconfigurations related to replication. It can significantly streamline the process of troubleshooting and maintaining AD replication in large or complex environments.
<# .SYNOPSIS Active Directory Certificate Services (AD CS) Analyzer .DESCRIPTION This script analyzes the configuration and health of Active Directory Certificate Services, providing detailed information about Certificate Authorities, templates, and potential issues. .NOTES File Name : ADCSAnalyzer.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, PSPKI module, and appropriate AD CS permissions Version : 1.0 Date : [Current Date] .EXAMPLE .\ADCSAnalyzer.ps1 #> # Check if PSPKI module is installed, if not, attempt to install it if (-not (Get-Module -ListAvailable -Name PSPKI)) { Write-Host "PSPKI module not found. Attempting to install..." -ForegroundColor Yellow try { Install-Module -Name PSPKI -Force -AllowClobber } catch { Write-Host "Failed to install PSPKI module. Please install it manually." -ForegroundColor Red exit } } # Import required modules Import-Module PSPKI # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\ADCS_Analysis_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== Active Directory Certificate Services Analyzer ===" -ForegroundColor Cyan Write-Host "1. Analyze Certificate Authorities" Write-Host "2. Review Certificate Templates" Write-Host "3. Check CA Health Status" Write-Host "4. Analyze Certificate Revocation Lists (CRLs)" Write-Host "5. Review CA Security Permissions" Write-Host "6. Analyze Certificate Issuance Policies" Write-Host "7. Check for Vulnerable Certificate Templates" Write-Host "8. Generate Comprehensive HTML Report" Write-Host "9. Exit" } <# .SYNOPSIS Analyzes Certificate Authorities in the environment. .OUTPUTS Array of PSObjects containing CA details. #> function Analyze-CertificateAuthorities { Write-Host "`nAnalyzing Certificate Authorities..." -ForegroundColor Yellow $cas = Get-CertificationAuthority $caDetails = @() foreach ($ca in $cas) { $caDetails += [PSCustomObject]@{ Name = $ca.Name Status = $ca.Status Type = $ca.Type Version = $ca.Version KeyLength = $ca.KeyLength HashAlgorithm = $ca.HashAlgorithm ValidityPeriod = $ca.ValidityPeriod } } $caDetails | Format-Table -AutoSize return $caDetails } <# .SYNOPSIS Reviews Certificate Templates. .OUTPUTS Array of PSObjects containing template details. #> function Review-CertificateTemplates { Write-Host "`nReviewing Certificate Templates..." -ForegroundColor Yellow $templates = Get-CertificateTemplate $templateDetails = @() foreach ($template in $templates) { $templateDetails += [PSCustomObject]@{ Name = $template.Name DisplayName = $template.DisplayName SchemaVersion = $template.SchemaVersion ValidityPeriod = $template.ValidityPeriod RenewalPeriod = $template.RenewalPeriod AuthorizedSignatures = $template.AuthorizedSignatures EnrollmentFlags = $template.EnrollmentFlags } } $templateDetails | Format-Table -AutoSize return $templateDetails } <# .SYNOPSIS Checks the health status of Certificate Authorities. .OUTPUTS Array of PSObjects containing CA health status. #> function Check-CAHealthStatus { Write-Host "`nChecking CA Health Status..." -ForegroundColor Yellow $cas = Get-CertificationAuthority $healthStatus = @() foreach ($ca in $cas) { $status = Test-CertificationAuthority -CertificationAuthority $ca.Name $healthStatus += [PSCustomObject]@{ CAName = $ca.Name IsAccessible = $status.IsAccessible IsCaAccessible = $status.IsCaAccessible IsRoleAccessible = $status.IsRoleAccessible IsWebEnrollmentAccessible = $status.IsWebEnrollmentAccessible } } $healthStatus | Format-Table -AutoSize return $healthStatus } <# .SYNOPSIS Analyzes Certificate Revocation Lists (CRLs). .OUTPUTS Array of PSObjects containing CRL details. #> function Analyze-CRLs { Write-Host "`nAnalyzing Certificate Revocation Lists..." -ForegroundColor Yellow $cas = Get-CertificationAuthority $crlDetails = @() foreach ($ca in $cas) { $crl = Get-CACrlDistributionPoint -CertificationAuthority $ca.Name foreach ($point in $crl) { $crlDetails += [PSCustomObject]@{ CAName = $ca.Name URI = $point.URI PublishToServer = $point.PublishToServer PublishToDeltaServer = $point.PublishToDeltaServer PublishToDS = $point.PublishToDS } } } $crlDetails | Format-Table -AutoSize return $crlDetails } <# .SYNOPSIS Reviews CA Security Permissions. .OUTPUTS Array of PSObjects containing CA security permission details. #> function Review-CASecurityPermissions { Write-Host "`nReviewing CA Security Permissions..." -ForegroundColor Yellow $cas = Get-CertificationAuthority $securityPermissions = @() foreach ($ca in $cas) { $permissions = Get-CASecurityDescriptor -CertificationAuthority $ca.Name foreach ($ace in $permissions.Access) { $securityPermissions += [PSCustomObject]@{ CAName = $ca.Name IdentityReference = $ace.IdentityReference AccessControlType = $ace.AccessControlType Rights = $ace.Rights } } } $securityPermissions | Format-Table -AutoSize return $securityPermissions } <# .SYNOPSIS Analyzes Certificate Issuance Policies. .OUTPUTS Array of PSObjects containing issuance policy details. #> function Analyze-CertificateIssuancePolicies { Write-Host "`nAnalyzing Certificate Issuance Policies..." -ForegroundColor Yellow $cas = Get-CertificationAuthority $issuancePolicies = @() foreach ($ca in $cas) { $policies = Get-CAPolicy -CertificationAuthority $ca.Name foreach ($policy in $policies) { $issuancePolicies += [PSCustomObject]@{ CAName = $ca.Name PolicyName = $policy.Name OID = $policy.OID Enabled = $policy.Enabled } } } $issuancePolicies | Format-Table -AutoSize return $issuancePolicies } <# .SYNOPSIS Checks for potentially vulnerable certificate templates. .OUTPUTS Array of PSObjects containing vulnerable template details. #> function Check-VulnerableCertificateTemplates { Write-Host "`nChecking for Vulnerable Certificate Templates..." -ForegroundColor Yellow $templates = Get-CertificateTemplate $vulnerableTemplates = @() foreach ($template in $templates) { $isVulnerable = $false $vulnerabilities = @() if ($template.EnrollmentFlags -band 0x00000008) { $isVulnerable = $true $vulnerabilities += "No CA signature required" } if ($template.AuthorizedSignatures -eq 0) { $isVulnerable = $true $vulnerabilities += "No authorized signatures required" } if ($template.PrivateKeyFlags -band 0x00000001) { $isVulnerable = $true $vulnerabilities += "Exportable private key" } if ($isVulnerable) { $vulnerableTemplates += [PSCustomObject]@{ TemplateName = $template.Name Vulnerabilities = $vulnerabilities -join ", " } } } $vulnerableTemplates | Format-Table -AutoSize return $vulnerableTemplates } <# .SYNOPSIS Generates a comprehensive HTML report of all analyses. .PARAMETER AllResults Hashtable containing all analysis results. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { param([hashtable]$AllResults) Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>AD CS Analysis Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2, h3 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>Active Directory Certificate Services Analysis Report</h1> <p>Generated on: $(Get-Date)</p> <h2>Certificate Authorities</h2> $($AllResults.CertificateAuthorities | ConvertTo-Html -Fragment) <h2>Certificate Templates</h2> $($AllResults.CertificateTemplates | ConvertTo-Html -Fragment) <h2>CA Health Status</h2> $($AllResults.CAHealthStatus | ConvertTo-Html -Fragment) <h2>Certificate Revocation Lists (CRLs)</h2> $($AllResults.CRLs | ConvertTo-Html -Fragment) <h2>CA Security Permissions</h2> $($AllResults.SecurityPermissions | ConvertTo-Html -Fragment) <h2>Certificate Issuance Policies</h2> $($AllResults.IssuancePolicies | ConvertTo-Html -Fragment) <h2>Vulnerable Certificate Templates</h2> $($AllResults.VulnerableTemplates | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop $allResults = @{} do { Show-Menu $choice = Read-Host "`nEnter your choice (1-9)" switch ($choice) { "1" { $allResults.CertificateAuthorities = Analyze-CertificateAuthorities } "2" { $allResults.CertificateTemplates = Review-CertificateTemplates } "3" { $allResults.CAHealthStatus = Check-CAHealthStatus } "4" { $allResults.CRLs = Analyze-CRLs } "5" { $allResults.SecurityPermissions = Review-CASecurityPermissions } "6" { $allResults.IssuancePolicies = Analyze-CertificateIssuancePolicies } "7" { $allResults.VulnerableTemplates = Check-VulnerableCertificateTemplates } "8" { Generate-HTMLReport -AllResults $allResults } "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "9") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "9")
This Active Directory Certificate Services Analyzer includes:
Key features:
This tool is particularly useful for:
To use this script effectively:
This script provides a comprehensive overview of the AD CS configuration in an Active Directory environment, making it easier to identify issues, security concerns, or misconfigurations related to your PKI infrastructure. It can significantly streamline the process of auditing and maintaining AD CS in large or complex environments.
<# .SYNOPSIS Active Directory Group Policy Analyzer .DESCRIPTION This script analyzes Group Policy Objects (GPOs) in an Active Directory environment, providing detailed information about policy settings, links, and potential issues. .NOTES File Name : ADGroupPolicyAnalyzer.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, GroupPolicy module, and appropriate AD permissions Version : 1.0 Date : [Current Date] .EXAMPLE .\ADGroupPolicyAnalyzer.ps1 #> # Import required modules Import-Module GroupPolicy Import-Module ActiveDirectory # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\GPO_Analysis_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== Active Directory Group Policy Analyzer ===" -ForegroundColor Cyan Write-Host "1. Analyze All GPOs" Write-Host "2. Find Unlinked GPOs" Write-Host "3. Identify GPOs with No Settings" Write-Host "4. Check for Conflicting GPO Settings" Write-Host "5. Analyze GPO Links" Write-Host "6. Review GPO Permissions" Write-Host "7. Check GPO Version Numbers" Write-Host "8. Generate Comprehensive HTML Report" Write-Host "9. Exit" } <# .SYNOPSIS Analyzes all GPOs in the domain. .OUTPUTS Array of PSObjects containing GPO details. #> function Analyze-AllGPOs { Write-Host "`nAnalyzing All GPOs..." -ForegroundColor Yellow $gpos = Get-GPO -All $results = @() foreach ($gpo in $gpos) { $report = Get-GPOReport -Guid $gpo.Id -ReportType XML $settingsCount = ([xml]$report).GPO.Computer.ExtensionData.Extension.Policy.Count + ([xml]$report).GPO.User.ExtensionData.Extension.Policy.Count $results += [PSCustomObject]@{ Name = $gpo.DisplayName ID = $gpo.Id CreationTime = $gpo.CreationTime ModificationTime = $gpo.ModificationTime SettingsCount = $settingsCount Status = $gpo.GpoStatus } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Finds unlinked GPOs in the domain. .OUTPUTS Array of PSObjects containing unlinked GPO details. #> function Find-UnlinkedGPOs { Write-Host "`nFinding Unlinked GPOs..." -ForegroundColor Yellow $gpos = Get-GPO -All $unlinkedGPOs = @() foreach ($gpo in $gpos) { $linkedOUs = Get-ADOrganizationalUnit -Filter * | Where-Object {(Get-GPInheritance -Target $_.DistinguishedName).GpoLinks.DisplayName -contains $gpo.DisplayName} if ($linkedOUs.Count -eq 0) { $unlinkedGPOs += [PSCustomObject]@{ Name = $gpo.DisplayName ID = $gpo.Id CreationTime = $gpo.CreationTime } } } $unlinkedGPOs | Format-Table -AutoSize return $unlinkedGPOs } <# .SYNOPSIS Identifies GPOs with no settings configured. .OUTPUTS Array of PSObjects containing empty GPO details. #> function Identify-EmptyGPOs { Write-Host "`nIdentifying GPOs with No Settings..." -ForegroundColor Yellow $gpos = Get-GPO -All $emptyGPOs = @() foreach ($gpo in $gpos) { $report = Get-GPOReport -Guid $gpo.Id -ReportType XML $settingsCount = ([xml]$report).GPO.Computer.ExtensionData.Extension.Policy.Count + ([xml]$report).GPO.User.ExtensionData.Extension.Policy.Count if ($settingsCount -eq 0) { $emptyGPOs += [PSCustomObject]@{ Name = $gpo.DisplayName ID = $gpo.Id CreationTime = $gpo.CreationTime } } } $emptyGPOs | Format-Table -AutoSize return $emptyGPOs } <# .SYNOPSIS Checks for potentially conflicting GPO settings. .OUTPUTS Array of PSObjects containing conflicting GPO details. #> function Check-ConflictingGPOSettings { Write-Host "`nChecking for Conflicting GPO Settings..." -ForegroundColor Yellow $gpos = Get-GPO -All $conflictingSettings = @() $allSettings = @{} foreach ($gpo in $gpos) { $report = ([xml](Get-GPOReport -Guid $gpo.Id -ReportType XML)) $settings = $report.GPO.Computer.ExtensionData.Extension.Policy + $report.GPO.User.ExtensionData.Extension.Policy foreach ($setting in $settings) { $key = "$($setting.Name):$($setting.Class)" if ($allSettings.ContainsKey($key)) { $conflictingSettings += [PSCustomObject]@{ SettingName = $setting.Name GPO1 = $allSettings[$key] GPO2 = $gpo.DisplayName } } else { $allSettings[$key] = $gpo.DisplayName } } } $conflictingSettings | Format-Table -AutoSize return $conflictingSettings } <# .SYNOPSIS Analyzes GPO links across the domain. .OUTPUTS Array of PSObjects containing GPO link details. #> function Analyze-GPOLinks { Write-Host "`nAnalyzing GPO Links..." -ForegroundColor Yellow $domain = Get-ADDomain $ous = Get-ADOrganizationalUnit -Filter * $gpoLinks = @() foreach ($ou in $ous) { $links = (Get-GPInheritance -Target $ou.DistinguishedName).GpoLinks foreach ($link in $links) { $gpoLinks += [PSCustomObject]@{ GPOName = $link.DisplayName LinkedOU = $ou.Name Enabled = $link.Enabled Enforced = $link.Enforced Order = $link.Order } } } $gpoLinks | Format-Table -AutoSize return $gpoLinks } <# .SYNOPSIS Reviews GPO permissions. .OUTPUTS Array of PSObjects containing GPO permission details. #> function Review-GPOPermissions { Write-Host "`nReviewing GPO Permissions..." -ForegroundColor Yellow $gpos = Get-GPO -All $gpoPermissions = @() foreach ($gpo in $gpos) { $permissions = Get-GPPermission -Guid $gpo.Id -All foreach ($perm in $permissions) { $gpoPermissions += [PSCustomObject]@{ GPOName = $gpo.DisplayName Trustee = $perm.Trustee.Name Permission = $perm.Permission } } } $gpoPermissions | Format-Table -AutoSize return $gpoPermissions } <# .SYNOPSIS Checks GPO version numbers. .OUTPUTS Array of PSObjects containing GPO version details. #> function Check-GPOVersions { Write-Host "`nChecking GPO Version Numbers..." -ForegroundColor Yellow $gpos = Get-GPO -All $gpoVersions = @() foreach ($gpo in $gpos) { $gpoVersions += [PSCustomObject]@{ Name = $gpo.DisplayName ComputerVersion = $gpo.Computer.DSVersion UserVersion = $gpo.User.DSVersion } } $gpoVersions | Format-Table -AutoSize return $gpoVersions } <# .SYNOPSIS Generates a comprehensive HTML report of all analyses. .PARAMETER AllResults Hashtable containing all analysis results. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { param([hashtable]$AllResults) Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Group Policy Analysis Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2, h3 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>Group Policy Analysis Report</h1> <p>Generated on: $(Get-Date)</p> <h2>All GPOs</h2> $($AllResults.AllGPOs | ConvertTo-Html -Fragment) <h2>Unlinked GPOs</h2> $($AllResults.UnlinkedGPOs | ConvertTo-Html -Fragment) <h2>Empty GPOs</h2> $($AllResults.EmptyGPOs | ConvertTo-Html -Fragment) <h2>Conflicting GPO Settings</h2> $($AllResults.ConflictingSettings | ConvertTo-Html -Fragment) <h2>GPO Links</h2> $($AllResults.GPOLinks | ConvertTo-Html -Fragment) <h2>GPO Permissions</h2> $($AllResults.GPOPermissions | ConvertTo-Html -Fragment) <h2>GPO Versions</h2> $($AllResults.GPOVersions | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop $allResults = @{} do { Show-Menu $choice = Read-Host "`nEnter your choice (1-9)" switch ($choice) { "1" { $allResults.AllGPOs = Analyze-AllGPOs } "2" { $allResults.UnlinkedGPOs = Find-UnlinkedGPOs } "3" { $allResults.EmptyGPOs = Identify-EmptyGPOs } "4" { $allResults.ConflictingSettings = Check-ConflictingGPOSettings } "5" { $allResults.GPOLinks = Analyze-GPOLinks } "6" { $allResults.GPOPermissions = Review-GPOPermissions } "7" { $allResults.GPOVersions = Check-GPOVersions } "8" { Generate-HTMLReport -AllResults $allResults } "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "9") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "9")
This Active Directory Group Policy Analyzer includes:
Key features:
This tool is particularly useful for:
To use this script effectively:
This script provides a comprehensive overview of Group Policy configurations in an Active Directory environment, making it easier to identify issues, inconsistencies, or security concerns related to GPOs. It can significantly streamline the process of auditing and maintaining Group Policies in large or complex AD environments.
<# .SYNOPSIS Advanced Network Configuration Analyzer .DESCRIPTION This script analyzes network configurations across multiple servers or workstations in a domain environment. It provides detailed information about IP configurations, firewall rules, network adapters, DNS settings, and more. .NOTES File Name : AdvancedNetworkConfigAnalyzer.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, Active Directory module, and appropriate permissions Version : 1.0 Date : [Current Date] .EXAMPLE .\AdvancedNetworkConfigAnalyzer.ps1 #> # Import required modules Import-Module ActiveDirectory # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\Network_Config_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== Advanced Network Configuration Analyzer ===" -ForegroundColor Cyan Write-Host "1. Analyze IP Configurations" Write-Host "2. Examine Firewall Rules" Write-Host "3. Inspect Network Adapters" Write-Host "4. Check DNS Settings" Write-Host "5. Review Network Shares" Write-Host "6. Analyze Network Routes" Write-Host "7. Check Remote Access Settings" Write-Host "8. Generate Comprehensive HTML Report" Write-Host "9. Exit" } <# .SYNOPSIS Gets a list of computers to analyze. .OUTPUTS Array of computer names. #> function Get-TargetComputers { $option = Read-Host "Analyze (A)ll domain computers, (S)pecific computers, or (F)ile input? (A/S/F)" switch ($option.ToUpper()) { "A" { return (Get-ADComputer -Filter * | Select-Object -ExpandProperty Name) } "S" { $computers = @() do { $computer = Read-Host "Enter computer name (or press Enter to finish)" if ($computer -ne "") { $computers += $computer } } while ($computer -ne "") return $computers } "F" { $filePath = Read-Host "Enter the path to the file containing computer names" return (Get-Content $filePath) } default { Write-Host "Invalid option. Defaulting to all domain computers." -ForegroundColor Yellow return (Get-ADComputer -Filter * | Select-Object -ExpandProperty Name) } } } <# .SYNOPSIS Analyzes IP configurations of target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing IP configuration details. #> function Analyze-IPConfigurations { param([string[]]$Computers) Write-Host "`nAnalyzing IP Configurations..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $ipConfig = Invoke-Command -ComputerName $computer -ScriptBlock { Get-NetIPConfiguration | Select-Object InterfaceAlias, IPv4Address, IPv4DefaultGateway, DNSServer } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer IPConfigurations = $ipConfig } } catch { Write-Host "Error analyzing $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Examines firewall rules on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing firewall rule details. #> function Examine-FirewallRules { param([string[]]$Computers) Write-Host "`nExamining Firewall Rules..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $firewallRules = Invoke-Command -ComputerName $computer -ScriptBlock { Get-NetFirewallRule | Where-Object Enabled -eq 'True' | Select-Object Name, DisplayName, Direction, Action, Profile } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer FirewallRules = $firewallRules } } catch { Write-Host "Error examining firewall rules on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Inspects network adapters on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing network adapter details. #> function Inspect-NetworkAdapters { param([string[]]$Computers) Write-Host "`nInspecting Network Adapters..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $adapters = Invoke-Command -ComputerName $computer -ScriptBlock { Get-NetAdapter | Select-Object Name, InterfaceDescription, Status, LinkSpeed, MacAddress } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer NetworkAdapters = $adapters } } catch { Write-Host "Error inspecting network adapters on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Checks DNS settings on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing DNS setting details. #> function Check-DNSSettings { param([string[]]$Computers) Write-Host "`nChecking DNS Settings..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $dnsSettings = Invoke-Command -ComputerName $computer -ScriptBlock { Get-DnsClientServerAddress | Select-Object InterfaceAlias, ServerAddresses } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer DNSSettings = $dnsSettings } } catch { Write-Host "Error checking DNS settings on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Reviews network shares on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing network share details. #> function Review-NetworkShares { param([string[]]$Computers) Write-Host "`nReviewing Network Shares..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $shares = Invoke-Command -ComputerName $computer -ScriptBlock { Get-SmbShare | Select-Object Name, Path, Description } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer NetworkShares = $shares } } catch { Write-Host "Error reviewing network shares on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Analyzes network routes on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing network route details. #> function Analyze-NetworkRoutes { param([string[]]$Computers) Write-Host "`nAnalyzing Network Routes..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $routes = Invoke-Command -ComputerName $computer -ScriptBlock { Get-NetRoute | Select-Object DestinationPrefix, NextHop, RouteMetric, InterfaceAlias } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer NetworkRoutes = $routes } } catch { Write-Host "Error analyzing network routes on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Checks remote access settings on target computers. .PARAMETER Computers Array of computer names to analyze. .OUTPUTS Array of PSObjects containing remote access setting details. #> function Check-RemoteAccessSettings { param([string[]]$Computers) Write-Host "`nChecking Remote Access Settings..." -ForegroundColor Yellow $results = @() foreach ($computer in $Computers) { try { $remoteAccess = Invoke-Command -ComputerName $computer -ScriptBlock { $rdp = (Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections").fDenyTSConnections $psRemoting = Get-PSSessionConfiguration | Select-Object -First 1 -ExpandProperty Enabled [PSCustomObject]@{ RDPEnabled = if ($rdp -eq 0) { $true } else { $false } PSRemotingEnabled = $psRemoting } } -ErrorAction Stop $results += [PSCustomObject]@{ ComputerName = $computer RemoteAccessSettings = $remoteAccess } } catch { Write-Host "Error checking remote access settings on $computer : $_" -ForegroundColor Red } } return $results } <# .SYNOPSIS Generates a comprehensive HTML report of all analyses. .PARAMETER AllResults Hashtable containing all analysis results. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { param([hashtable]$AllResults) Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Advanced Network Configuration Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2, h3 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>Advanced Network Configuration Report</h1> <p>Generated on: $(Get-Date)</p> <h2>IP Configurations</h2> $($AllResults.IPConfigurations | ConvertTo-Html -Fragment) <h2>Firewall Rules</h2> $($AllResults.FirewallRules | ConvertTo-Html -Fragment) <h2>Network Adapters</h2> $($AllResults.NetworkAdapters | ConvertTo-Html -Fragment) <h2>DNS Settings</h2> $($AllResults.DNSSettings | ConvertTo-Html -Fragment) <h2>Network Shares</h2> $($AllResults.NetworkShares | ConvertTo-Html -Fragment) <h2>Network Routes</h2> $($AllResults.NetworkRoutes | ConvertTo-Html -Fragment) <h2>Remote Access Settings</h2> $($AllResults.RemoteAccessSettings | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop $targetComputers = Get-TargetComputers $allResults = @{} do { Show-Menu $choice = Read-Host "`nEnter your choice (1-9)" switch ($choice) { "1" { $allResults.IPConfigurations = Analyze-IPConfigurations -Computers $targetComputers } "2" { $allResults.FirewallRules = Examine-FirewallRules -Computers $targetComputers } "3" { $allResults.NetworkAdapters = Inspect-NetworkAdapters -Computers $targetComputers } "4" { $allResults.DNSSettings = Check-DNSSettings -Computers $targetComputers } "5" { $allResults.NetworkShares = Review-NetworkShares -Computers $targetComputers } "6" { $allResults.NetworkRoutes = Analyze-NetworkRoutes -Computers $targetComputers } "7" { $allResults.RemoteAccessSettings = Check-RemoteAccessSettings -Computers $targetComputers } "8" { Generate-HTMLReport -AllResults $allResults } "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "9") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "9")
This Advanced Network Configuration Analyzer includes:
Key features:
This tool is particularly useful for:
To use this script effectively:
This script provides a comprehensive overview of network configurations across multiple machines, making it easier to identify inconsistencies, security issues, or misconfigurations in a network environment.
<# .SYNOPSIS Expert Active Directory Monitoring Tool .DESCRIPTION This script provides comprehensive monitoring and analysis capabilities for on-premises Active Directory environments. It covers various aspects including health checks, security audits, performance analysis, and configuration reviews. .NOTES File Name : ExpertADMonitoringTool.ps1 Author : [Your Name] Prerequisite : PowerShell V5.1 or later, ActiveDirectory, GroupPolicy, and DnsServer modules Version : 1.0 Date : [Current Date] .EXAMPLE .\ExpertADMonitoringTool.ps1 #> # Import required modules Import-Module ActiveDirectory Import-Module GroupPolicy Import-Module DnsServer # Global variables $global:reportPath = "$env:USERPROFILE\Desktop\AD_Expert_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html" $global:criticalEvents = @() <# .SYNOPSIS Displays the main menu of the tool. #> function Show-Menu { Clear-Host Write-Host "=== Expert Active Directory Monitoring Tool ===" -ForegroundColor Cyan Write-Host "1. Comprehensive Health Check" Write-Host "2. Security Audit" Write-Host "3. Performance Analysis" Write-Host "4. Replication Diagnostics" Write-Host "5. DNS Health Check" Write-Host "6. FSMO Roles and Site Topology Analysis" Write-Host "7. Group Policy Assessment" Write-Host "8. User and Computer Account Analysis" Write-Host "9. Active Directory Database and SYSVOL Analysis" Write-Host "10. Trust Relationship Verification" Write-Host "11. Active Directory Backup Status" Write-Host "12. Generate Comprehensive HTML Report" Write-Host "13. Exit" } <# .SYNOPSIS Performs a comprehensive health check on all domain controllers. .DESCRIPTION This function runs dcdiag tests on all domain controllers to check various aspects of AD health. .OUTPUTS Array of PSObjects containing health check results for each domain controller. #> function Comprehensive-HealthCheck { Write-Host "`nPerforming Comprehensive Health Check..." -ForegroundColor Yellow $results = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $dcdiag = Invoke-Command -ComputerName $dc.HostName -ScriptBlock { dcdiag /test:services /test:replications /test:advertising /test:fsmocheck /test:ridmanager /test:machineaccount /test:outboundSecureChannels /test:netlogons /test:systemlog /test:kccevent /test:frssysvol /test:frsevent } -ErrorAction SilentlyContinue $results += [PSCustomObject]@{ Name = $dc.HostName Services = if ($dcdiag -match "passed test Services") { "Passed" } else { "Failed" } Replications = if ($dcdiag -match "passed test Replications") { "Passed" } else { "Failed" } Advertising = if ($dcdiag -match "passed test Advertising") { "Passed" } else { "Failed" } FSMORoles = if ($dcdiag -match "passed test FsmoCheck") { "Passed" } else { "Failed" } RidManager = if ($dcdiag -match "passed test RidManager") { "Passed" } else { "Failed" } MachineAccount = if ($dcdiag -match "passed test MachineAccount") { "Passed" } else { "Failed" } OutboundSecureChannels = if ($dcdiag -match "passed test OutboundSecureChannels") { "Passed" } else { "Failed" } Netlogons = if ($dcdiag -match "passed test NetLogons") { "Passed" } else { "Failed" } SystemLog = if ($dcdiag -match "passed test SystemLog") { "Passed" } else { "Failed" } KccEvent = if ($dcdiag -match "passed test KccEvent") { "Passed" } else { "Failed" } FrsSysVol = if ($dcdiag -match "passed test FrsSysVol") { "Passed" } else { "Failed" } FrsEvent = if ($dcdiag -match "passed test FrsEvent") { "Passed" } else { "Failed" } } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Performs a security audit of the Active Directory environment. .DESCRIPTION This function checks for various security-related issues such as inactive accounts, non-expiring passwords, empty groups, and dormant computer accounts. .OUTPUTS Array of PSObjects containing security audit results. #> function Security-Audit { Write-Host "`nPerforming Security Audit..." -ForegroundColor Yellow $securityResults = @() # Check for inactive accounts $inactiveUsers = Get-ADUser -Filter {Enabled -eq $true} -Properties LastLogonDate | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)} $securityResults += [PSCustomObject]@{ Check = "Inactive User Accounts" Result = "$($inactiveUsers.Count) accounts inactive for 90+ days" } # Check for accounts with non-expiring passwords $nonExpiringPasswords = Get-ADUser -Filter {Enabled -eq $true -and PasswordNeverExpires -eq $true} | Measure-Object | Select-Object -ExpandProperty Count $securityResults += [PSCustomObject]@{ Check = "Non-expiring Passwords" Result = "$nonExpiringPasswords accounts" } # Check for empty groups $emptyGroups = Get-ADGroup -Filter * | Where-Object {-not (Get-ADGroupMember -Identity $_ -Recursive)} | Measure-Object | Select-Object -ExpandProperty Count $securityResults += [PSCustomObject]@{ Check = "Empty Groups" Result = "$emptyGroups groups" } # Check for dormant computer accounts $dormantComputers = Get-ADComputer -Filter {Enabled -eq $true} -Properties LastLogonDate | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)} | Measure-Object | Select-Object -ExpandProperty Count $securityResults += [PSCustomObject]@{ Check = "Dormant Computer Accounts" Result = "$dormantComputers accounts inactive for 90+ days" } # Check for users with admin rights $admins = Get-ADGroupMember "Domain Admins" -Recursive | Measure-Object | Select-Object -ExpandProperty Count $securityResults += [PSCustomObject]@{ Check = "Domain Admins Count" Result = "$admins users" } $securityResults | Format-Table -AutoSize return $securityResults } <# .SYNOPSIS Analyzes the performance of domain controllers. .DESCRIPTION This function checks CPU usage, memory usage, and free disk space on all domain controllers. .OUTPUTS Array of PSObjects containing performance metrics for each domain controller. #> function Performance-Analysis { Write-Host "`nPerforming Performance Analysis..." -ForegroundColor Yellow $perfResults = @() $dcs = Get-ADDomainController -Filter * foreach ($dc in $dcs) { $cpu = Get-WmiObject Win32_Processor -ComputerName $dc.HostName | Measure-Object -Property LoadPercentage -Average | Select-Object -ExpandProperty Average $memory = Get-WmiObject Win32_OperatingSystem -ComputerName $dc.HostName | Select-Object @{Name="MemoryUsage";Expression={"{0:N2}" -f ((($_.TotalVisibleMemorySize - $_.FreePhysicalMemory)*100)/ $_.TotalVisibleMemorySize)}} $disk = Get-WmiObject Win32_LogicalDisk -ComputerName $dc.HostName -Filter "DeviceID='C:'" | Select-Object @{Name="FreeSpace";Expression={"{0:N2}" -f ($_.FreeSpace/1GB)}} $perfResults += [PSCustomObject]@{ Name = $dc.HostName CPUUsage = "$cpu%" MemoryUsage = "$($memory.MemoryUsage)%" FreeDiskSpace = "$($disk.FreeSpace) GB" } } $perfResults | Format-Table -AutoSize return $perfResults } <# .SYNOPSIS Performs replication diagnostics. .DESCRIPTION This function checks for replication failures between domain controllers. .OUTPUTS Array of PSObjects containing replication failure details, if any. #> function Replication-Diagnostics { Write-Host "`nPerforming Replication Diagnostics..." -ForegroundColor Yellow $replResults = @() $repl = repadmin /showrepl * /csv | ConvertFrom-Csv $failedReplications = $repl | Where-Object { $_."Number of Failures" -ne "0" } if ($failedReplications) { foreach ($failure in $failedReplications) { $replResults += [PSCustomObject]@{ SourceDC = $failure."Source DC" DestinationDC = $failure."Destination DC" FailureCount = $failure."Number of Failures" LastFailureTime = $failure."Last Failure Time" } } } else { $replResults += [PSCustomObject]@{ Status = "No replication failures detected" } } $replResults | Format-Table -AutoSize return $replResults } <# .SYNOPSIS Checks the health of DNS servers. .DESCRIPTION This function analyzes DNS zones and statistics on all domain controllers. .OUTPUTS Array of PSObjects containing DNS health information for each domain controller. #> function DNS-HealthCheck { Write-Host "`nPerforming DNS Health Check..." -ForegroundColor Yellow $dnsResults = @() $dnsServers = Get-ADDomainController -Filter * | Select-Object -ExpandProperty HostName foreach ($server in $dnsServers) { $zones = Get-DnsServerZone -ComputerName $server foreach ($zone in $zones) { $stats = Get-DnsServerStatistics -ComputerName $server -ZoneName $zone.ZoneName $dnsResults += [PSCustomObject]@{ Server = $server Zone = $zone.ZoneName RecordCount = $zone.ZoneStatistics.RecordCount Queries = $stats.QueriesReceived Failures = $stats.QueriesFailure } } } $dnsResults | Format-Table -AutoSize return $dnsResults } <# .SYNOPSIS Analyzes FSMO roles and site topology. .DESCRIPTION This function identifies FSMO role holders and provides an overview of AD sites and subnets. .OUTPUTS Array of PSObjects containing FSMO role information and site topology details. #> function FSMO-SiteTopologyAnalysis { Write-Host "`nAnalyzing FSMO Roles and Site Topology..." -ForegroundColor Yellow $fsmoResults = @() $forest = Get-ADForest $domain = Get-ADDomain $fsmoResults += [PSCustomObject]@{ Role = "Schema Master" Holder = $forest.SchemaMaster } $fsmoResults += [PSCustomObject]@{ Role = "Domain Naming Master" Holder = $forest.DomainNamingMaster } $fsmoResults += [PSCustomObject]@{ Role = "PDC Emulator" Holder = $domain.PDCEmulator } $fsmoResults += [PSCustomObject]@{ Role = "RID Master" Holder = $domain.RIDMaster } $fsmoResults += [PSCustomObject]@{ Role = "Infrastructure Master" Holder = $domain.InfrastructureMaster } $fsmoResults | Format-Table -AutoSize Write-Host "`nSite Topology:" -ForegroundColor Yellow $sites = Get-ADReplicationSite -Filter * foreach ($site in $sites) { Write-Host "Site: $($site.Name)" $subnets = Get-ADReplicationSubnet -Filter * | Where-Object {$_.Site -eq $site.DistinguishedName} foreach ($subnet in $subnets) { Write-Host " Subnet: $($subnet.Name)" } $siteLinks = Get-ADReplicationSiteLink -Filter * | Where-Object {$_.SitesIncluded -contains $site.DistinguishedName} foreach ($link in $siteLinks) { Write-Host " Site Link: $($link.Name)" } } return $fsmoResults, $sites } <# .SYNOPSIS Assesses Group Policy Objects. .DESCRIPTION This function analyzes all GPOs, including their creation time, modification time, and number of settings. .OUTPUTS Array of PSObjects containing GPO assessment results. #> function GroupPolicy-Assessment { Write-Host "`nPerforming Group Policy Assessment..." -ForegroundColor Yellow $gpoResults = @() $allGPOs = Get-GPO -All foreach ($gpo in $allGPOs) { $report = Get-GPOReport -Guid $gpo.Id -ReportType XML $settings = ([xml]$report).GPO.Computer.ExtensionData.Extension.Policy | Measure-Object | Select-Object -ExpandProperty Count $settings += ([xml]$report).GPO.User.ExtensionData.Extension.Policy | Measure-Object | Select-Object -ExpandProperty Count $gpoResults += [PSCustomObject]@{ Name = $gpo.DisplayName CreationTime = $gpo.CreationTime ModificationTime = $gpo.ModificationTime SettingsCount = $settings } } $gpoResults | Format-Table -AutoSize return $gpoResults } <# .SYNOPSIS Analyzes user and computer accounts. .DESCRIPTION This function provides statistics on user and computer accounts, including active/inactive counts and OS versions. .OUTPUTS PSObject containing user and computer account analysis results. #> function UserComputer-AccountAnalysis { Write-Host "`nPerforming User and Computer Account Analysis..." -ForegroundColor Yellow $users = Get-ADUser -Filter * -Properties LastLogonDate, PasswordLastSet $computers = Get-ADComputer -Filter * -Properties LastLogonDate, OperatingSystem $analysis = [PSCustomObject]@{ TotalUsers = $users.Count ActiveUsers = ($users | Where-Object {$_.Enabled -eq $true}).Count InactiveUsers = ($users | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)}).Count PasswordNeverExpires = ($users | Where-Object {$_.PasswordNeverExpires -eq $true}).Count TotalComputers = $computers.Count ActiveComputers = ($computers | Where-Object {$_.Enabled -eq $true}).Count InactiveComputers = ($computers | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)}).Count Windows10Computers = ($computers | Where-Object {$_.OperatingSystem -like "*Windows 10*"}).Count Windows11Computers = ($computers | Where-Object {$_.OperatingSystem -like "*Windows 11*"}).Count ServerComputers = ($computers | Where-Object {$_.OperatingSystem -like "*Server*"}).Count } $analysis | Format-List return $analysis } <# .SYNOPSIS Analyzes Active Directory database and SYSVOL. .DESCRIPTION This function checks the size of NTDS.dit and SYSVOL on each domain controller. .OUTPUTS Array of PSObjects containing AD database and SYSVOL size information for each domain controller. #> function ADDB-SYSVOLAnalysis { Write-Host "`nPerforming Active Directory Database and SYSVOL Analysis..." -ForegroundColor Yellow $dcs = Get-ADDomainController -Filter * $results = @() foreach ($dc in $dcs) { $ntdsPath = Invoke-Command -ComputerName $dc.HostName -ScriptBlock { (Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Parameters").DatabasePath } $ntdsSize = Invoke-Command -ComputerName $dc.HostName -ScriptBlock { (Get-ChildItem $using:ntdsPath\ntds.dit).Length / 1GB } $sysvolSize = Invoke-Command -ComputerName $dc.HostName -ScriptBlock { (Get-ChildItem C:\Windows\SYSVOL -Recurse | Measure-Object -Property Length -Sum).Sum / 1GB } $results += [PSCustomObject]@{ DomainController = $dc.HostName NTDSSize = "{0:N2} GB" -f $ntdsSize SYSVOLSize = "{0:N2} GB" -f $sysvolSize } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Verifies trust relationships. .DESCRIPTION This function checks the health of all trust relationships in the forest. .OUTPUTS Array of PSObjects containing trust relationship status information. #> function Verify-TrustRelationships { Write-Host "`nVerifying Trust Relationships..." -ForegroundColor Yellow $trusts = Get-ADTrust -Filter * $results = @() foreach ($trust in $trusts) { $status = Test-ComputerSecureChannel -Server $trust.Name $results += [PSCustomObject]@{ TrustPartner = $trust.Name Direction = $trust.Direction Status = if ($status) { "Healthy" } else { "Unhealthy" } } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Checks Active Directory backup status. .DESCRIPTION This function retrieves the last successful backup date for each domain controller. .OUTPUTS Array of PSObjects containing backup status information for each domain controller. #> function Check-ADBackupStatus { Write-Host "`nChecking Active Directory Backup Status..." -ForegroundColor Yellow $dcs = Get-ADDomainController -Filter * $results = @() foreach ($dc in $dcs) { $backupStatus = Invoke-Command -ComputerName $dc.HostName -ScriptBlock { repadmin /showbackup } $lastBackupDate = if ($backupStatus -match "Last successful backup") { ($backupStatus -split "`n" | Select-String "Last successful backup").ToString().Split(":")[1].Trim() } else { "No backup information found" } $results += [PSCustomObject]@{ DomainController = $dc.HostName LastBackup = $lastBackupDate } } $results | Format-Table -AutoSize return $results } <# .SYNOPSIS Generates a comprehensive HTML report. .DESCRIPTION This function compiles all the analysis results into a single HTML report. .OUTPUTS Saves an HTML report to the desktop. #> function Generate-HTMLReport { Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow $reportContent = @" <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Active Directory Expert Report</title> <style> body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; } h1, h2 { color: #0078D4; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } </style> </head> <body> <h1>Active Directory Expert Report</h1> <p>Generated on: $(Get-Date)</p> <h2>Comprehensive Health Check</h2> $($healthCheck | ConvertTo-Html -Fragment) <h2>Security Audit</h2> $($securityAudit | ConvertTo-Html -Fragment) <h2>Performance Analysis</h2> $($performanceAnalysis | ConvertTo-Html -Fragment) <h2>Replication Diagnostics</h2> $($replicationDiagnostics | ConvertTo-Html -Fragment) <h2>DNS Health Check</h2> $($dnsHealth | ConvertTo-Html -Fragment) <h2>FSMO Roles and Site Topology</h2> $($fsmoAnalysis | ConvertTo-Html -Fragment) <h2>Group Policy Assessment</h2> $($gpoAssessment | ConvertTo-Html -Fragment) <h2>User and Computer Account Analysis</h2> $($accountAnalysis | ConvertTo-Html -Fragment) <h2>AD Database and SYSVOL Analysis</h2> $($dbAnalysis | ConvertTo-Html -Fragment) <h2>Trust Relationships</h2> $($trustRelationships | ConvertTo-Html -Fragment) <h2>AD Backup Status</h2> $($backupStatus | ConvertTo-Html -Fragment) </body> </html> "@ $reportContent | Out-File -FilePath $global:reportPath Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green } # Main program loop do { Show-Menu $choice = Read-Host "`nEnter your choice (1-13)" switch ($choice) { "1" { $healthCheck = Comprehensive-HealthCheck } "2" { $securityAudit = Security-Audit } "3" { $performanceAnalysis = Performance-Analysis } "4" { $replicationDiagnostics = Replication-Diagnostics } "5" { $dnsHealth = DNS-HealthCheck } "6" { $fsmoAnalysis = FSMO-SiteTopologyAnalysis } "7" { $gpoAssessment = GroupPolicy-Assessment } "8" { $accountAnalysis = UserComputer-AccountAnalysis } "9" { $dbAnalysis = ADDB-SYSVOLAnalysis } "10" { $trustRelationships = Verify-TrustRelationships } "11" { $backupStatus = Check-ADBackupStatus } "12" { Generate-HTMLReport } "13" { Write-Host "Exiting program..." -ForegroundColor Yellow; break } default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red } } if ($choice -ne "13") { Read-Host "`nPress Enter to continue..." } } while ($choice -ne "13")
This well-documented script includes:
This script is now more maintainable, easier to understand, and can serve as a reference for other administrators or for future modifications. It provides a comprehensive tool for monitoring and analyzing an Active Directory environment, suitable for experienced AD administrators managing complex AD infrastructures.
# Expert Active Directory Monitoring Tool
# Import required modules
Import-Module ActiveDirectory
Import-Module GroupPolicy
Import-Module DnsServer
# Global variables
$global:reportPath = "$env:USERPROFILE\Desktop\AD_Expert_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html"
$global:criticalEvents = @()
function Show-Menu {
Clear-Host
Write-Host "=== Expert Active Directory Monitoring Tool ===" -ForegroundColor Cyan
Write-Host "1. Comprehensive Health Check"
Write-Host "2. Security Audit"
Write-Host "3. Performance Analysis"
Write-Host "4. Replication Diagnostics"
Write-Host "5. DNS Health Check"
Write-Host "6. FSMO Roles and Site Topology Analysis"
Write-Host "7. Group Policy Assessment"
Write-Host "8. User and Computer Account Analysis"
Write-Host "9. Active Directory Database and SYSVOL Analysis"
Write-Host "10. Trust Relationship Verification"
Write-Host "11. Active Directory Backup Status"
Write-Host "12. Generate Comprehensive HTML Report"
Write-Host "13. Exit"
}
function Comprehensive-HealthCheck {
Write-Host "`nPerforming Comprehensive Health Check..." -ForegroundColor Yellow
$results = @()
$dcs = Get-ADDomainController -Filter *
foreach ($dc in $dcs) {
$dcdiag = Invoke-Command -ComputerName $dc.HostName -ScriptBlock {
dcdiag /test:services /test:replications /test:advertising /test:fsmocheck /test:ridmanager /test:machineaccount /test:outboundSecureChannels /test:netlogons /test:systemlog /test:kccevent /test:frssysvol /test:frsevent
} -ErrorAction SilentlyContinue
$results += [PSCustomObject]@{
Name = $dc.HostName
Services = if ($dcdiag -match "passed test Services") { "Passed" } else { "Failed" }
Replications = if ($dcdiag -match "passed test Replications") { "Passed" } else { "Failed" }
Advertising = if ($dcdiag -match "passed test Advertising") { "Passed" } else { "Failed" }
FSMORoles = if ($dcdiag -match "passed test FsmoCheck") { "Passed" } else { "Failed" }
RidManager = if ($dcdiag -match "passed test RidManager") { "Passed" } else { "Failed" }
MachineAccount = if ($dcdiag -match "passed test MachineAccount") { "Passed" } else { "Failed" }
OutboundSecureChannels = if ($dcdiag -match "passed test OutboundSecureChannels") { "Passed" } else { "Failed" }
Netlogons = if ($dcdiag -match "passed test NetLogons") { "Passed" } else { "Failed" }
SystemLog = if ($dcdiag -match "passed test SystemLog") { "Passed" } else { "Failed" }
KccEvent = if ($dcdiag -match "passed test KccEvent") { "Passed" } else { "Failed" }
FrsSysVol = if ($dcdiag -match "passed test FrsSysVol") { "Passed" } else { "Failed" }
FrsEvent = if ($dcdiag -match "passed test FrsEvent") { "Passed" } else { "Failed" }
}
}
$results | Format-Table -AutoSize
return $results
}
function Security-Audit {
Write-Host "`nPerforming Security Audit..." -ForegroundColor Yellow
$securityResults = @()
# Check for inactive accounts
$inactiveUsers = Get-ADUser -Filter {Enabled -eq $true} -Properties LastLogonDate | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)}
$securityResults += [PSCustomObject]@{
Check = "Inactive User Accounts"
Result = "$($inactiveUsers.Count) accounts inactive for 90+ days"
}
# Check for accounts with non-expiring passwords
$nonExpiringPasswords = Get-ADUser -Filter {Enabled -eq $true -and PasswordNeverExpires -eq $true} | Measure-Object | Select-Object -ExpandProperty Count
$securityResults += [PSCustomObject]@{
Check = "Non-expiring Passwords"
Result = "$nonExpiringPasswords accounts"
}
# Check for empty groups
$emptyGroups = Get-ADGroup -Filter * | Where-Object {-not (Get-ADGroupMember -Identity $_ -Recursive)} | Measure-Object | Select-Object -ExpandProperty Count
$securityResults += [PSCustomObject]@{
Check = "Empty Groups"
Result = "$emptyGroups groups"
}
# Check for dormant computer accounts
$dormantComputers = Get-ADComputer -Filter {Enabled -eq $true} -Properties LastLogonDate | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)} | Measure-Object | Select-Object -ExpandProperty Count
$securityResults += [PSCustomObject]@{
Check = "Dormant Computer Accounts"
Result = "$dormantComputers accounts inactive for 90+ days"
}
# Check for users with admin rights
$admins = Get-ADGroupMember "Domain Admins" -Recursive | Measure-Object | Select-Object -ExpandProperty Count
$securityResults += [PSCustomObject]@{
Check = "Domain Admins Count"
Result = "$admins users"
}
$securityResults | Format-Table -AutoSize
return $securityResults
}
function Performance-Analysis {
Write-Host "`nPerforming Performance Analysis..." -ForegroundColor Yellow
$perfResults = @()
$dcs = Get-ADDomainController -Filter *
foreach ($dc in $dcs) {
$cpu = Get-WmiObject Win32_Processor -ComputerName $dc.HostName | Measure-Object -Property LoadPercentage -Average | Select-Object -ExpandProperty Average
$memory = Get-WmiObject Win32_OperatingSystem -ComputerName $dc.HostName | Select-Object @{Name="MemoryUsage";Expression={"{0:N2}" -f ((($_.TotalVisibleMemorySize - $_.FreePhysicalMemory)*100)/ $_.TotalVisibleMemorySize)}}
$disk = Get-WmiObject Win32_LogicalDisk -ComputerName $dc.HostName -Filter "DeviceID='C:'" | Select-Object @{Name="FreeSpace";Expression={"{0:N2}" -f ($_.FreeSpace/1GB)}}
$perfResults += [PSCustomObject]@{
Name = $dc.HostName
CPUUsage = "$cpu%"
MemoryUsage = "$($memory.MemoryUsage)%"
FreeDiskSpace = "$($disk.FreeSpace) GB"
}
}
$perfResults | Format-Table -AutoSize
return $perfResults
}
function Replication-Diagnostics {
Write-Host "`nPerforming Replication Diagnostics..." -ForegroundColor Yellow
$replResults = @()
$repl = repadmin /showrepl * /csv | ConvertFrom-Csv
$failedReplications = $repl | Where-Object { $_."Number of Failures" -ne "0" }
if ($failedReplications) {
foreach ($failure in $failedReplications) {
$replResults += [PSCustomObject]@{
SourceDC = $failure."Source DC"
DestinationDC = $failure."Destination DC"
FailureCount = $failure."Number of Failures"
LastFailureTime = $failure."Last Failure Time"
}
}
} else {
$replResults += [PSCustomObject]@{
Status = "No replication failures detected"
}
}
$replResults | Format-Table -AutoSize
return $replResults
}
function DNS-HealthCheck {
Write-Host "`nPerforming DNS Health Check..." -ForegroundColor Yellow
$dnsResults = @()
$dnsServers = Get-ADDomainController -Filter * | Select-Object -ExpandProperty HostName
foreach ($server in $dnsServers) {
$zones = Get-DnsServerZone -ComputerName $server
foreach ($zone in $zones) {
$stats = Get-DnsServerStatistics -ComputerName $server -ZoneName $zone.ZoneName
$dnsResults += [PSCustomObject]@{
Server = $server
Zone = $zone.ZoneName
RecordCount = $zone.ZoneStatistics.RecordCount
Queries = $stats.QueriesReceived
Failures = $stats.QueriesFailure
}
}
}
$dnsResults | Format-Table -AutoSize
return $dnsResults
}
function FSMO-SiteTopologyAnalysis {
Write-Host "`nAnalyzing FSMO Roles and Site Topology..." -ForegroundColor Yellow
$fsmoResults = @()
$forest = Get-ADForest
$domain = Get-ADDomain
$fsmoResults += [PSCustomObject]@{
Role = "Schema Master"
Holder = $forest.SchemaMaster
}
$fsmoResults += [PSCustomObject]@{
Role = "Domain Naming Master"
Holder = $forest.DomainNamingMaster
}
$fsmoResults += [PSCustomObject]@{
Role = "PDC Emulator"
Holder = $domain.PDCEmulator
}
$fsmoResults += [PSCustomObject]@{
Role = "RID Master"
Holder = $domain.RIDMaster
}
$fsmoResults += [PSCustomObject]@{
Role = "Infrastructure Master"
Holder = $domain.InfrastructureMaster
}
$fsmoResults | Format-Table -AutoSize
Write-Host "`nSite Topology:" -ForegroundColor Yellow
$sites = Get-ADReplicationSite -Filter *
foreach ($site in $sites) {
Write-Host "Site: $($site.Name)"
$subnets = Get-ADReplicationSubnet -Filter * | Where-Object {$_.Site -eq $site.DistinguishedName}
foreach ($subnet in $subnets) {
Write-Host " Subnet: $($subnet.Name)"
}
$siteLinks = Get-ADReplicationSiteLink -Filter * | Where-Object {$_.SitesIncluded -contains $site.DistinguishedName}
foreach ($link in $siteLinks) {
Write-Host " Site Link: $($link.Name)"
}
}
return $fsmoResults, $sites
}
function GroupPolicy-Assessment {
Write-Host "`nPerforming Group Policy Assessment..." -ForegroundColor Yellow
$gpoResults = @()
$allGPOs = Get-GPO -All
foreach ($gpo in $allGPOs) {
$report = Get-GPOReport -Guid $gpo.Id -ReportType XML
$settings = ([xml]$report).GPO.Computer.ExtensionData.Extension.Policy | Measure-Object | Select-Object -ExpandProperty Count
$settings += ([xml]$report).GPO.User.ExtensionData.Extension.Policy | Measure-Object | Select-Object -ExpandProperty Count
$gpoResults += [PSCustomObject]@{
Name = $gpo.DisplayName
CreationTime = $gpo.CreationTime
ModificationTime = $gpo.ModificationTime
SettingsCount = $settings
}
}
$gpoResults | Format-Table -AutoSize
return $gpoResults
}
function UserComputer-AccountAnalysis {
Write-Host "`nPerforming User and Computer Account Analysis..." -ForegroundColor Yellow
$users = Get-ADUser -Filter * -Properties LastLogonDate, PasswordLastSet
$computers = Get-ADComputer -Filter * -Properties LastLogonDate, OperatingSystem
$analysis = [PSCustomObject]@{
TotalUsers = $users.Count
ActiveUsers = ($users | Where-Object {$_.Enabled -eq $true}).Count
InactiveUsers = ($users | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)}).Count
PasswordNeverExpires = ($users | Where-Object {$_.PasswordNeverExpires -eq $true}).Count
TotalComputers = $computers.Count
ActiveComputers = ($computers | Where-Object {$_.Enabled -eq $true}).Count
InactiveComputers = ($computers | Where-Object {$_.LastLogonDate -lt (Get-Date).AddDays(-90)}).Count
Windows10Computers = ($computers | Where-Object {$_.OperatingSystem -like "*Windows 10*"}).Count
Windows11Computers = ($computers | Where-Object {$_.OperatingSystem -like "*Windows 11*"}).Count
ServerComputers = ($computers | Where-Object {$_.OperatingSystem -like "*Server*"}).Count
}
$analysis | Format-List
return $analysis
}
function ADDB-SYSVOLAnalysis {
Write-Host "`nPerforming Active Directory Database and SYSVOL Analysis..." -ForegroundColor Yellow
$dcs = Get-ADDomainController -Filter *
$results = @()
foreach ($dc in $dcs) {
$ntdsPath = Invoke-Command -ComputerName $dc.HostName -ScriptBlock {
(Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Parameters").DatabasePath
}
$ntdsSize = Invoke-Command -ComputerName $dc.HostName -ScriptBlock {
(Get-ChildItem $using:ntdsPath\ntds.dit).Length / 1GB
}
$sysvolSize = Invoke-Command -ComputerName $dc.HostName -ScriptBlock {
(Get-ChildItem C:\Windows\SYSVOL -Recurse | Measure-Object -Property Length -Sum).Sum / 1GB
}
$results += [PSCustomObject]@{
DomainController = $dc.HostName
NTDSSize = "{0:N2} GB" -f $ntdsSize
SYSVOLSize = "{0:N2} GB" -f $sysvolSize
}
}
$results | Format-Table -AutoSize
return $results
}
function Verify-TrustRelationships {
Write-Host "`nVerifying Trust Relationships..." -ForegroundColor Yellow
$trusts = Get-ADTrust -Filter *
$results = @()
foreach ($trust in $trusts) {
$status = Test-ComputerSecureChannel -Server $trust.Name
$results += [PSCustomObject]@{
TrustPartner = $trust.Name
Direction = $trust.Direction
Status = if ($status) { "Healthy" } else { "Unhealthy" }
}
}
$results | Format-Table -AutoSize
return $results
}
function Check-ADBackupStatus {
Write-Host "`nChecking Active Directory Backup Status..." -ForegroundColor Yellow
$dcs = Get-ADDomainController -Filter *
$results = @()
foreach ($dc in $dcs) {
$backupStatus = Invoke-Command -ComputerName $dc.HostName -ScriptBlock {
repadmin /showbackup
}
$lastBackupDate = if ($backupStatus -match "Last successful backup") {
($backupStatus -split "`n" | Select-String "Last successful backup").ToString().Split(":")[1].Trim()
} else {
"No backup information found"
}
$results += [PSCustomObject]@{
DomainController = $dc.HostName
LastBackup = $lastBackupDate
}
}
$results | Format-Table -AutoSize
return $results
}
function Generate-HTMLReport {
Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow
$reportContent = @"
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Active Directory Expert Report</title>
<style>
body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; }
h1, h2 { color: #0078D4; }
table { border-collapse: collapse; width: 100%; margin-bottom: 20px; }
th, td { border: 1px solid #ddd; padding: 8px; text-align: left; }
th { background-color: #f2f2f2; }
</style>
</head>
<body>
<h1>Active Directory Expert Report</h1>
<p>Generated on: $(Get-Date)</p>
<h2>Comprehensive Health Check</h2>
$($healthCheck | ConvertTo-Html -Fragment)
<h2>Security Audit</h2>
$($securityAudit | ConvertTo-Html -Fragment)
<h2>Performance Analysis</h2>
$($performanceAnalysis | ConvertTo-Html -Fragment)
<h2>Replication Diagnostics</h2>
$($replicationDiagnostics | ConvertTo-Html -Fragment)
<h2>DNS Health Check</h2>
$($dnsHealth | ConvertTo-Html -Fragment)
<h2>FSMO Roles and Site Topology</h2>
$($fsmoAnalysis | ConvertTo-Html -Fragment)
<h2>Group Policy Assessment</h2>
$($gpoAssessment | ConvertTo-Html -Fragment)
<h2>User and Computer Account Analysis</h2>
$($accountAnalysis | ConvertTo-Html -Fragment)
<h2>AD Database and SYSVOL Analysis</h2>
$($dbAnalysis | ConvertTo-Html -Fragment)
<h2>Trust Relationships</h2>
$($trustRelationships | ConvertTo-Html -Fragment)
<h2>AD Backup Status</h2>
$($backupStatus | ConvertTo-Html -Fragment)
</body>
</html>
"@
$reportContent | Out-File -FilePath $global:reportPath
Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green
}
# Main program loop
do {
Show-Menu
$choice = Read-Host "`nEnter your choice (1-13)"
switch ($choice) {
"1" { $healthCheck = Comprehensive-HealthCheck }
"2" { $securityAudit = Security-Audit }
"3" { $performanceAnalysis = Performance-Analysis }
"4" { $replicationDiagnostics = Replication-Diagnostics }
"5" { $dnsHealth = DNS-HealthCheck }
"6" { $fsmoAnalysis = FSMO-SiteTopologyAnalysis }
"7" { $gpoAssessment = GroupPolicy-Assessment }
"8" { $accountAnalysis = UserComputer-AccountAnalysis }
"9" { $dbAnalysis = ADDB-SYSVOLAnalysis }
"10" { $trustRelationships = Verify-TrustRelationships }
"11" { $backupStatus = Check-ADBackupStatus }
"12" { Generate-HTMLReport }
"13" { Write-Host "Exiting program..." -ForegroundColor Yellow; break }
default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red }
}
if ($choice -ne "13") {
Read-Host "`nPress Enter to continue..."
}
} while ($choice -ne "13")
This Expert Active Directory Monitoring Tool includes:
Key features:
This tool provides a comprehensive analysis of an Active Directory environment. It’s particularly useful for:
Note: To use this script effectively, you need to:
This script is suitable for experienced AD administrators who need comprehensive monitoring and analysis capabilities for managing complex Active Directory environments.
Windows PowerShell: Automate tasks and streamline IT operations with Microsoft’s powerful command-line shell and scripting language. Boost productivity, manage systems efficiently, and harness the full potential of Windows and cloud platforms. Discover the power of PowerShell today!
PowerShell Book:
https://www.powershellbook.com
Amazon Books:
https://amazon.com/author/bocso
PowerShell Book Series:
— Email —
hello@powershellblog.com