From 8993eac53108dd6719c17b30e08cb587dbe17330 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 8 Aug 2023 21:27:43 -0400 Subject: [PATCH 01/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a7caa13..63e1897 100644 --- a/README.md +++ b/README.md @@ -222,7 +222,7 @@ PS C:\> New-AsBuiltReport -Report Microsoft.AD -Target 'admin-dc-01v.contoso.loc - Issues with WinRM when using the IP address instead of the "Fully Qualified Domain Name". - This project relies heavily on the remote connection function through WinRM. For this reason the use of a Windows 10 client is specifically used as a jumpbox. -- The report provides the ability to extract the configuration of the DHCP/DNS services. In order to obtain this information it is required that the servers running these services have powershell modules installed for each service (RSAT-DNS-Server & RSAT-AD-PowerShell). +- The report provides the ability to extract the configuration of the DNS services. In order to obtain this information it is required that the servers running these services have powershell modules installed for each service (RSAT-DNS-Server & RSAT-AD-PowerShell). - This report assumes that the DNS Server service is running on the same server where Domain Controller is running (Cohost). - In some cases when trying to update the report, an error similar to this is generated: - "PackageManagement\Install-Package : Authenticode issuer 'CN="xyz, INC.", O="xyz, INC.", L=San Jose, S=California on the previusly-installed module 'PSPKI'. If you still want to install or update, use -SkipPublisherCheck parameter." From 46fa685b55ad9789701c4a99db50e329bf24eedf Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 8 Aug 2023 21:30:11 -0400 Subject: [PATCH 02/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 63e1897..a4d9181 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,7 @@ This report does not support Linux or Mac due to the fact that the ActiveDirecto A Microsoft AD As Built Report can be generated with Active Directory Enterprise Forest level privileges. Since this report relies extensively on the WinRM component, you should make sure that it is enabled and configured. [Reference](https://docs.microsoft.com/en-us/windows/win32/winrm/installation-and-configuration-for-windows-remote-management) -Due to a limitation of the WinRM component, a domain-joined machine is needed, also it is required to use the FQDN of the DC instead of its IP address. +Due to a limitation of the WinRM component, a domain-joined machine is needed, also it is required to use the FQDN of the DC instead of it's IP address. [Reference](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting?view=powershell-7.1#how-to-use-an-ip-address-in-a-remote-command) ## :package: Module Installation From e3936512993c68f5d87691ec2f6f302722e1ac92 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 8 Aug 2023 21:34:13 -0400 Subject: [PATCH 03/13] Update Release.yml updated to actions/checkout@v3 --- .github/workflows/Release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/Release.yml b/.github/workflows/Release.yml index 13308dd..fff8379 100644 --- a/.github/workflows/Release.yml +++ b/.github/workflows/Release.yml @@ -8,7 +8,7 @@ jobs: publish-to-gallery: runs-on: windows-2019 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set PSRepository to Trusted for PowerShell Gallery shell: pwsh run: | From 396971c9ca89828a4a04aaae6d5c780a4c3de2f7 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Sun, 20 Aug 2023 09:04:33 -0400 Subject: [PATCH 04/13] Fix logo on page --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a4d9181..4ffddfe 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@

- +

From f79d300b237c13e4c947d1027ec578e61254e745 Mon Sep 17 00:00:00 2001 From: Kenny Parsons <5930491+kennyparsons@users.noreply.github.com> Date: Tue, 22 Aug 2023 11:20:08 -0500 Subject: [PATCH 05/13] spelling: talbe -> table --- Src/Private/Get-AbrADDNSInfrastructure.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Src/Private/Get-AbrADDNSInfrastructure.ps1 b/Src/Private/Get-AbrADDNSInfrastructure.ps1 index a6a77fc..9a80cd3 100644 --- a/Src/Private/Get-AbrADDNSInfrastructure.ps1 +++ b/Src/Private/Get-AbrADDNSInfrastructure.ps1 @@ -396,7 +396,7 @@ function Get-AbrADDNSInfrastructure { if (($OutObj | Where-Object { $_.'IPv4 Address'.Count -gt 1 }) -or ($OutObj | Where-Object { $_.'IPv6 Address'.Count -gt 1 })) { Paragraph { Text "Corrective Actions:" -Bold - Text "Duplicate IP Address found in the talbe of the DNS root hints servers. The DNS console does not show the duplicate Root Hint servers; you can only see them using the DNS PowerShell cmdlets. While there is a dnscmd utility to replace the Root Hints file, Using PowerShell is the best way to remediate this issue." + Text "Duplicate IP Address found in the table of the DNS root hints servers. The DNS console does not show the duplicate Root Hint servers; you can only see them using the DNS PowerShell cmdlets. While there is a dnscmd utility to replace the Root Hints file, Using PowerShell is the best way to remediate this issue." } } } @@ -463,4 +463,4 @@ function Get-AbrADDNSInfrastructure { end {} -} \ No newline at end of file +} From 75eeeb8b2aa154550005be9e0083ad08f1722bec Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 22 Aug 2023 14:07:13 -0400 Subject: [PATCH 06/13] Fix --- AsBuiltReport.Microsoft.AD.psd1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/AsBuiltReport.Microsoft.AD.psd1 b/AsBuiltReport.Microsoft.AD.psd1 index 29be034..2a8e0c3 100644 --- a/AsBuiltReport.Microsoft.AD.psd1 +++ b/AsBuiltReport.Microsoft.AD.psd1 @@ -117,7 +117,7 @@ PrivateData = @{ ProjectUri = 'https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD' # A URL to an icon representing this module. - IconUri = 'https://raw.githubusercontent.com/AsBuiltReport/AsBuiltReport/master/AsBuiltReport.png' + IconUri = 'https://github.com/AsBuiltReport.png' # ReleaseNotes of this module ReleaseNotes = 'https://raw.githubusercontent.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/master/CHANGELOG.md' From 8d9883fe123c32686dfc4e6b6a98308da9e191ff Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Mon, 2 Oct 2023 21:36:06 -0400 Subject: [PATCH 07/13] Improved PKI Section --- Src/Private/Get-AbrADCAAIA.ps1 | 4 +- Src/Private/Get-AbrADCACRLSetting.ps1 | 12 +- Src/Private/Get-AbrADCACryptographyConfig.ps1 | 4 +- Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 | 4 +- Src/Private/Get-AbrADCARoot.ps1 | 8 +- Src/Private/Get-AbrADCASecurity.ps1 | 8 +- Src/Private/Get-AbrADCASubordinate.ps1 | 7 +- Src/Private/Get-AbrADCATemplate.ps1 | 10 +- Src/Private/Get-AbrPKISection.ps1 | 116 ++++++++++++++++++ 9 files changed, 148 insertions(+), 25 deletions(-) create mode 100644 Src/Private/Get-AbrPKISection.ps1 diff --git a/Src/Private/Get-AbrADCAAIA.ps1 b/Src/Private/Get-AbrADCAAIA.ps1 index 2f89ddc..602a41f 100644 --- a/Src/Private/Get-AbrADCAAIA.ps1 +++ b/Src/Private/Get-AbrADCAAIA.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCAAIA { .DESCRIPTION .NOTES - Version: 0.7.13 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -28,7 +28,7 @@ function Get-AbrADCAAIA { process { if ($CA) { - Section -Style Heading4 "Authority Information Access (AIA)" { + Section -Style Heading3 "Authority Information Access (AIA)" { Paragraph "The following section provides the Certification Authority Authority Information Access information." BlankLine try { diff --git a/Src/Private/Get-AbrADCACRLSetting.ps1 b/Src/Private/Get-AbrADCACRLSetting.ps1 index 9a8f95c..20ea08a 100644 --- a/Src/Private/Get-AbrADCACRLSetting.ps1 +++ b/Src/Private/Get-AbrADCACRLSetting.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCACRLSetting { .DESCRIPTION .NOTES - Version: 0.7.13 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -28,10 +28,10 @@ function Get-AbrADCACRLSetting { process { try { - Section -Style Heading4 "Certificate Revocation List (CRL)" { + Section -Style Heading3 "Certificate Revocation List (CRL)" { Paragraph "The following section provides the Certification Authority CRL Distribution Point information." BlankLine - Section -Style Heading5 "CRL Validity Period" { + Section -Style Heading4 "CRL Validity Period" { $OutObj = @() try { Write-PscriboMessage "Collecting AD CA CRL Validity Period information on $($CA.Name)." @@ -67,7 +67,7 @@ function Get-AbrADCACRLSetting { $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams } try { - Section -Style Heading5 "CRL Flags Settings" { + Section -Style Heading4 "CRL Flags Settings" { $OutObj = @() try { Write-PscriboMessage "Collecting AD CA CRL Distribution Point information on $($CA.Name)." @@ -105,7 +105,7 @@ function Get-AbrADCACRLSetting { Write-PscriboMessage -IsWarning "CRL Validity Period Section: $($_.Exception.Message)" } try { - Section -Style Heading5 "CRL Distribution Point" { + Section -Style Heading4 "CRL Distribution Point" { Paragraph "The following section provides the Certification Authority CRL Distribution Point information." BlankLine try { @@ -157,7 +157,7 @@ function Get-AbrADCACRLSetting { Write-PscriboMessage -IsWarning "$($_.Exception.Message) (CRL Distribution Point)" } try { - Section -Style Heading4 "AIA and CDP Health Status" { + Section -Style Heading3 "AIA and CDP Health Status" { Paragraph "The following section is intended to perform Certification Authority health status checking by CA certificate chain status and validating all CRL Distribution Point (CDP) and Authority Information Access (AIA) URLs for each certificate in the chain." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADCACryptographyConfig.ps1 b/Src/Private/Get-AbrADCACryptographyConfig.ps1 index 73d858f..545e238 100644 --- a/Src/Private/Get-AbrADCACryptographyConfig.ps1 +++ b/Src/Private/Get-AbrADCACryptographyConfig.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCACryptographyConfig { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -30,7 +30,7 @@ function Get-AbrADCACryptographyConfig { if ($CA) { $CryptoConfig = Get-CACryptographyConfig -CertificationAuthority $CA if ($CryptoConfig) { - Section -Style Heading4 "Cryptography Configuration" { + Section -Style Heading3 "Cryptography Configuration" { Paragraph "The following section provides the Certification Authority Cryptography Configuration information." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 index 7efc814..de3954a 100644 --- a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 +++ b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCAKeyRecoveryAgent { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -45,7 +45,7 @@ function Get-AbrADCAKeyRecoveryAgent { } if ($OutObj) { - Section -Style Heading4 "Key Recovery Agent Certificate" { + Section -Style Heading3 "Key Recovery Agent Certificate" { Paragraph "The following section provides the Key Recovery Agent certificate used to encrypt user's certificate private key and store it in CA database. In the case when user cannot access his or her certificate private key it is possible to recover it by Key Recovery Agent if Key Archival procedure was taken against particular certificate." BlankLine foreach ($Item in $OutObj) { diff --git a/Src/Private/Get-AbrADCARoot.ps1 b/Src/Private/Get-AbrADCARoot.ps1 index c5cbe3a..e7b66fa 100644 --- a/Src/Private/Get-AbrADCARoot.ps1 +++ b/Src/Private/Get-AbrADCARoot.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCARoot { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -27,7 +27,7 @@ function Get-AbrADCARoot { Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())." Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." if ($CAs | Where-Object {$_.IsRoot -like 'True'}) { - Section -Style Heading3 "Enterprise Root Certificate Authority" { + Section -Style Heading2 "Enterprise Root Certificate Authority" { Paragraph "The following section provides the Enterprise Root CA information." BlankLine $OutObj = @() @@ -40,6 +40,9 @@ function Get-AbrADCARoot { 'Config String' = $CA.ConfigString 'Operating System' = $CA.OperatingSystem 'Certificate' = $CA.Certificate + 'Auditing' = &{ + (Find-AuditingIssue -ADCSObjects (Get-ADCSObject $ForestInfo) | Where-Object {$_.Name -eq $CA.DisplayName}).Issue + } 'Status' = $CA.ServiceStatus } $OutObj += [pscustomobject]$inobj @@ -47,6 +50,7 @@ function Get-AbrADCARoot { if ($HealthCheck.CA.Status) { $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status' + $OutObj | Where-Object { $_.'Auditing' -notlike 'Running'} | Set-Style -Style Critical -Property 'Auditing' } $TableParams = @{ diff --git a/Src/Private/Get-AbrADCASecurity.ps1 b/Src/Private/Get-AbrADCASecurity.ps1 index c236508..ca10db9 100644 --- a/Src/Private/Get-AbrADCASecurity.ps1 +++ b/Src/Private/Get-AbrADCASecurity.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCASecurity { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -31,7 +31,7 @@ function Get-AbrADCASecurity { try { $CFP = Get-CertificateValidityPeriod -CertificationAuthority $CA if ($CFP) { - Section -Style Heading4 "Certificate Validity Period" { + Section -Style Heading3 "Certificate Validity Period" { Paragraph "The following section provides the Certification Authority Certificate Validity Period information." BlankLine $OutObj = @() @@ -66,7 +66,7 @@ function Get-AbrADCASecurity { try { $ACLs = Get-CertificationAuthorityAcl -CertificationAuthority $CA if ($ACLs) { - Section -Style Heading5 "Access Control List (ACL)" { + Section -Style Heading4 "Access Control List (ACL)" { $OutObj = @() try { Write-PscriboMessage "Collecting Certification Authority Access Control List information of $($CA.Name)." @@ -98,7 +98,7 @@ function Get-AbrADCASecurity { } $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams try { - Section -Style Heading6 "Access Rights" { + Section -Style Heading5 "Access Rights" { $OutObj = @() Write-PscriboMessage "Collecting AD Certification Authority Access Control List information of $($CA.Name)." foreach ($ACL in $ACLs.Access) { diff --git a/Src/Private/Get-AbrADCASubordinate.ps1 b/Src/Private/Get-AbrADCASubordinate.ps1 index 884f291..8927dca 100644 --- a/Src/Private/Get-AbrADCASubordinate.ps1 +++ b/Src/Private/Get-AbrADCASubordinate.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCASubordinate { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -27,7 +27,7 @@ function Get-AbrADCASubordinate { Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())." if ($CAs | Where-Object {$_.IsRoot -like 'False'}) { Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." - Section -Style Heading3 "Enterprise Subordinate Certificate Authority" { + Section -Style Heading2 "Enterprise Subordinate Certificate Authority" { Paragraph "The following section provides the Enterprise Subordinate CA information." BlankLine $OutObj = @() @@ -41,6 +41,9 @@ function Get-AbrADCASubordinate { 'Config String' = $CA.ConfigString 'Operating System' = $CA.OperatingSystem 'Certificate' = $CA.Certificate + 'Auditing' = &{ + (Find-AuditingIssue -ADCSObjects (Get-ADCSObject $ForestInfo) | Where-Object {$_.Name -eq $CA.DisplayName}).Issue + } 'Status' = $CA.ServiceStatus } $OutObj = [pscustomobject]$inobj diff --git a/Src/Private/Get-AbrADCATemplate.ps1 b/Src/Private/Get-AbrADCATemplate.ps1 index 0e86981..32a8306 100644 --- a/Src/Private/Get-AbrADCATemplate.ps1 +++ b/Src/Private/Get-AbrADCATemplate.ps1 @@ -5,7 +5,7 @@ function Get-AbrADCATemplate { .DESCRIPTION .NOTES - Version: 0.7.9 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -30,7 +30,7 @@ function Get-AbrADCATemplate { $Templates = Get-CATemplate -CertificationAuthority $CA.ComputerName | Select-Object -ExpandProperty Templates if ($Templates) { try { - Section -Style Heading4 "Certificate Template Summary" { + Section -Style Heading3 "Certificate Template Summary" { Paragraph "The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates." BlankLine $OutObj = @() @@ -61,14 +61,14 @@ function Get-AbrADCATemplate { $OutObj | Sort-Object -Property 'Template Name' | Table @TableParams if ($InfoLevel.CA -ge 3) { try { - Section -Style Heading5 "Issued Certificate Template ACLs" { + Section -Style Heading4 "Issued Certificate Template ACLs" { Paragraph "The following section provides the certificate templates Access Control List that are assigned to a specified Certification Authority (CA)." BlankLine foreach ($Template in $Templates) { try { $Rights = Get-CertificateTemplateAcl -Template $Template.Name | Select-Object -ExpandProperty Access if ($Rights) { - Section -ExcludeFromTOC -Style NOTOCHeading6 "$($Template.DisplayName)" { + Section -ExcludeFromTOC -Style NOTOCHeading5 "$($Template.DisplayName)" { $OutObj = @() foreach ($Right in $Rights) { try { @@ -110,7 +110,7 @@ function Get-AbrADCATemplate { try { $Templates = Get-CertificateTemplate if ($Templates) { - Section -Style Heading5 "Certificate Template In Active Directory" { + Section -Style Heading4 "Certificate Template In Active Directory" { Paragraph "The following section provides registered certificate templates from Active Directory." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrPKISection.ps1 b/Src/Private/Get-AbrPKISection.ps1 new file mode 100644 index 0000000..6790809 --- /dev/null +++ b/Src/Private/Get-AbrPKISection.ps1 @@ -0,0 +1,116 @@ +function Get-AbrPKISection { + <# + .SYNOPSIS + Used by As Built Report to build Microsoft AD PKI Section. + .DESCRIPTION + + .NOTES + Version: 0.7.15 + Author: Jonathan Colon + Twitter: @jcolonfzenpr + Github: rebelinux + .EXAMPLE + + .LINK + + #> + [CmdletBinding()] + param ( + ) + + begin { + Write-PscriboMessage "Discovering PKI infrastructure information from $ForestInfo." + } + + process { + if ($InfoLevel.CA -ge 1) { + try { + $CurrentMachineADDomain = Get-ComputerADDomain -ErrorAction SilentlyContinue + } catch { + Write-PscriboMessage -IsWarning 'Unable to determine current AD Domain' + Write-PscriboMessage -IsWarning $_.Exception.Message + } + if ($CurrentMachineADDomain.Name -in $ADSystem.Domains) { + Write-PScriboMessage "Current PC Domain $($CurrentMachineADDomain.Name) is in the Forrest Domain list of $($ADSystem.Name). Enabling Certificate Authority section" + try { + Write-PScriboMessage "Collecting Certification Authority information from $($System.split(".")[0])" + $Global:CAs = Get-CertificationAuthority -Enterprise + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + + if ($CAs) { + try { + Section -Style Heading1 "PKI Configuration" { + if ($Options.ShowDefinitionInfo) { + Paragraph 'In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.' + BlankLine + } + if (!$Options.ShowDefinitionInfo) { + Paragraph "The following section provides a summary of the Active Directory PKI Infrastructure Information." + BlankLine + } + try { + Get-AbrADCASummary + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + if ($InfoLevel.CA -ge 2) { + try { + Get-AbrADCARoot + Get-AbrADCASubordinate + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + foreach ($CA in ($CAs | Where-Object {$_.IsAccessible -notlike 'False'}).ComputerName) { + $CAObject = Get-CertificationAuthority -Enterprise -ComputerName $CA + if ($CAObject) { + Section -Style Heading2 "$($CAObject.DisplayName) Details" { + try { + Get-AbrADCASecurity -CA $CAObject + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + try { + Get-AbrADCACryptographyConfig -CA $CAObject + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + if ($InfoLevel.CA -ge 2) { + try { + Get-AbrADCAAIA -CA $CAObject + Get-AbrADCACRLSetting -CA $CAObject + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + if ($InfoLevel.CA -ge 2) { + try { + Get-AbrADCATemplate -CA $CAObject + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + try { + Get-AbrADCAKeyRecoveryAgent -CA $CAObject + } catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + } + } + } + } + catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + continue + } + } + } else { + Write-PScriboMessage -IsWarning "Current PC Domain $($CurrentMachineADDomain.Name) is not in the Forrest Domain list of $($ADSystem.Name). Disabling Certificate Authority section" + } + } + } + end {} +} From bf8b860f00a86c79cf1506e7f33f09b01cc2d3a6 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Mon, 2 Oct 2023 21:41:10 -0400 Subject: [PATCH 08/13] Improve report --- AsBuiltReport.Microsoft.AD.Style.ps1 | 1 + AsBuiltReport.Microsoft.AD.psd1 | 2 +- Src/Private/Get-AbrADDCDiag.ps1 | 4 +- Src/Private/Get-AbrADDCRoleFeature.ps1 | 4 +- Src/Private/Get-AbrADDFSHealth.ps1 | 8 +- Src/Private/Get-AbrADDNSInfrastructure.ps1 | 20 +- Src/Private/Get-AbrADDNSZone.ps1 | 14 +- Src/Private/Get-AbrADDomainController.ps1 | 26 +- Src/Private/Get-AbrADDomainLastBackup.ps1 | 4 +- Src/Private/Get-AbrADDomainObject.ps1 | 38 +- Src/Private/Get-AbrADDuplicateObject.ps1 | 4 +- Src/Private/Get-AbrADDuplicateSPN.ps1 | 4 +- Src/Private/Get-AbrADFSMO.ps1 | 4 +- Src/Private/Get-AbrADGPO.ps1 | 22 +- .../Get-AbrADInfrastructureService.ps1 | 4 +- Src/Private/Get-AbrADKerberosAudit.ps1 | 8 +- Src/Private/Get-AbrADOU.ps1 | 6 +- Src/Private/Get-AbrADSecurityAssessment.ps1 | 12 +- Src/Private/Get-AbrADSiteReplication.ps1 | 10 +- Src/Private/Get-AbrADTrust.ps1 | 6 +- Src/Private/Get-AbrDNSSection.ps1 | 76 ++++ Src/Private/Get-AbrDomainSection.ps1 | 149 ++++++++ Src/Private/Get-AbrForestSection.ps1 | 63 ++++ Src/Private/SharedUtilsFunctions.ps1 | 130 +++++++ .../Invoke-AsBuiltReport.Microsoft.AD.ps1 | 324 +----------------- 25 files changed, 531 insertions(+), 412 deletions(-) create mode 100644 Src/Private/Get-AbrDNSSection.ps1 create mode 100644 Src/Private/Get-AbrDomainSection.ps1 create mode 100644 Src/Private/Get-AbrForestSection.ps1 diff --git a/AsBuiltReport.Microsoft.AD.Style.ps1 b/AsBuiltReport.Microsoft.AD.Style.ps1 index 932c374..6e23d75 100644 --- a/AsBuiltReport.Microsoft.AD.Style.ps1 +++ b/AsBuiltReport.Microsoft.AD.Style.ps1 @@ -10,6 +10,7 @@ Style -Name 'Title 3' -Size 12 -Color '1F6BCF' -Align Left Style -Name 'Heading 1' -Size 16 -Color '0078D4' Style -Name 'Heading 2' -Size 14 -Color '00447C' Style -Name 'Heading 3' -Size 13 -Color '0081FF' +Style -Name 'NO TOC Heading 3' -Size 13 -Color '0081FF' Style -Name 'Heading 4' -Size 12 -Color '0077B7' Style -Name 'NO TOC Heading 4' -Size 12 -Color '0077B7' Style -Name 'Heading 5' -Size 11 -Color '1A9BA3' diff --git a/AsBuiltReport.Microsoft.AD.psd1 b/AsBuiltReport.Microsoft.AD.psd1 index 29be034..a6162fb 100644 --- a/AsBuiltReport.Microsoft.AD.psd1 +++ b/AsBuiltReport.Microsoft.AD.psd1 @@ -12,7 +12,7 @@ RootModule = 'AsBuiltReport.Microsoft.AD.psm1' # Version number of this module. -ModuleVersion = '0.7.14' +ModuleVersion = '0.7.15' # Supported PSEditions # CompatiblePSEditions = @() diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1 index c3701cd..61cbede 100644 --- a/Src/Private/Get-AbrADDCDiag.ps1 +++ b/Src/Private/Get-AbrADDCDiag.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDCDiag { .DESCRIPTION .NOTES - Version: 0.7.7 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -35,7 +35,7 @@ function Get-AbrADDCDiag { Write-PscriboMessage "Discovering Active Directory DCDiag information for DC $DC." $DCDIAG = Invoke-DcDiag -DomainController $DC if ($DCDIAG) { - Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().split('.')[0].ToUpper()) { + Section -ExcludeFromTOC -Style NOTOCHeading4 $($DC.ToString().split('.')[0].ToUpper()) { $OutObj = @() $Description = @{ "Advertising" = "Validates this Domain Controller can be correctly located through the KDC service. It does not validate the Kerberos tickets answer or the communication through the TCP and UDP port 88.", 'High' diff --git a/Src/Private/Get-AbrADDCRoleFeature.ps1 b/Src/Private/Get-AbrADDCRoleFeature.ps1 index 1881067..250cf4b 100644 --- a/Src/Private/Get-AbrADDCRoleFeature.ps1 +++ b/Src/Private/Get-AbrADDCRoleFeature.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDCRoleFeature { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADDCRoleFeature { $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'ADDCRoleFeature' if ($DCPssSession) { Write-PscriboMessage "Discovered Active Directory DC Role & Features information of $DC." - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() $Features = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-WindowsFeature | Where-Object {$_.installed -eq "True" -and $_.FeatureType -eq 'Role'}} Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADDFSHealth.ps1 b/Src/Private/Get-AbrADDFSHealth.ps1 index bcaf560..ce52ebe 100644 --- a/Src/Private/Get-AbrADDFSHealth.ps1 +++ b/Src/Private/Get-AbrADDFSHealth.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDFSHealth { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -35,7 +35,7 @@ function Get-AbrADDFSHealth { } Else {$DFS = Get-WinADDFSHealth -Domain $Domain -Credential $Credential} Write-PscriboMessage "Discovered AD Domain DFS Health information from $Domain." if ($DFS) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Sysvol Replication Status' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Sysvol Replication Status' { Paragraph "The following section details the sysvol folder replication status for Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() @@ -113,7 +113,7 @@ function Get-AbrADDFSHealth { 'TotalSize'= '{0:N2}' -f ((($_.group | Measure-Object length -Sum).Sum) /1MB) } } | Sort-Object -Descending -Property 'Totalsize'} if ($SYSVOLFolder) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Sysvol Content Status' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Sysvol Content Status' { Paragraph "The following section details domain $($Domain.ToString().ToUpper()) sysvol health status." BlankLine $OutObj = @() @@ -175,7 +175,7 @@ function Get-AbrADDFSHealth { 'TotalSize'= '{0:N2}' -f ((($_.group | Measure-Object length -Sum).Sum) /1MB) } } | Sort-Object -Descending -Property 'Totalsize'} if ($NetlogonFolder) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Netlogon Content Status' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Netlogon Content Status' { Paragraph "The following section details domain $($Domain.ToString().ToUpper()) netlogon health status." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADDNSInfrastructure.ps1 b/Src/Private/Get-AbrADDNSInfrastructure.ps1 index a6a77fc..6e413a6 100644 --- a/Src/Private/Get-AbrADDNSInfrastructure.ps1 +++ b/Src/Private/Get-AbrADDNSInfrastructure.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDNSInfrastructure { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -31,7 +31,7 @@ function Get-AbrADDNSInfrastructure { try { $DCs = Invoke-Command -Session $TempPssSession {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object {$_ -notin ($using:Options).Exclude.DCs}} if ($DCs) { - Section -Style Heading4 "Infrastructure Summary" { + Section -Style Heading3 "Infrastructure Summary" { Paragraph "The following section provides a summary of the DNS Infrastructure configuration." BlankLine $OutObj = @() @@ -70,12 +70,12 @@ function Get-AbrADDNSInfrastructure { #---------------------------------------------------------------------------------------------# if ($InfoLevel.DNS -ge 2) { try { - Section -Style Heading5 "Application Directory Partition" { + Section -Style Heading4 "Application Directory Partition" { Paragraph "The following section provides Directory Partition information." BlankLine foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() Write-PscriboMessage "Collecting Directory Partition information from $($DC)." try { @@ -129,7 +129,7 @@ function Get-AbrADDNSInfrastructure { #---------------------------------------------------------------------------------------------# if ($InfoLevel.DNS -ge 2) { try { - Section -Style Heading5 "Response Rate Limiting (RRL)" { + Section -Style Heading4 "Response Rate Limiting (RRL)" { $OutObj = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { @@ -174,7 +174,7 @@ function Get-AbrADDNSInfrastructure { #---------------------------------------------------------------------------------------------# if ($InfoLevel.DNS -ge 2) { try { - Section -Style Heading5 "Scavenging Options" { + Section -Style Heading4 "Scavenging Options" { $OutObj = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { @@ -236,7 +236,7 @@ function Get-AbrADDNSInfrastructure { # DNS Forwarder Section # #---------------------------------------------------------------------------------------------# try { - Section -Style Heading5 "Forwarder Options" { + Section -Style Heading4 "Forwarder Options" { $OutObj = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { @@ -306,12 +306,12 @@ function Get-AbrADDNSInfrastructure { #---------------------------------------------------------------------------------------------# if ($InfoLevel.DNS -ge 2) { try { - Section -Style Heading5 "Root Hints" { + Section -Style Heading4 "Root Hints" { Paragraph "The following section provides Root Hints information from domain $($Domain)." BlankLine foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() Write-PscriboMessage "Collecting Root Hint information from $($DC)." try { @@ -414,7 +414,7 @@ function Get-AbrADDNSInfrastructure { #---------------------------------------------------------------------------------------------# if ($InfoLevel.DNS -ge 2) { try { - Section -Style Heading5 "Zone Scope Recursion" { + Section -Style Heading4 "Zone Scope Recursion" { $OutObj = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { diff --git a/Src/Private/Get-AbrADDNSZone.ps1 b/Src/Private/Get-AbrADDNSZone.ps1 index 0a1a6c8..e384171 100644 --- a/Src/Private/Get-AbrADDNSZone.ps1 +++ b/Src/Private/Get-AbrADDNSZone.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDNSZone { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADDNSZone { try { $DNSSetting = Get-DnsServerZone -CimSession $TempCIMSession -ComputerName $DC | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -notlike "Forwarder"} if ($DNSSetting) { - Section -Style Heading4 "$($DC.ToString().ToUpper().Split(".")[0]) DNS Zones" { + Section -Style Heading3 "$($DC.ToString().ToUpper().Split(".")[0]) DNS Zones" { $OutObj = @() Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)" foreach ($Zones in $DNSSetting) { @@ -97,7 +97,7 @@ function Get-AbrADDNSZone { } if ($OutObj) { - Section -Style Heading5 "Zone Delegation" { + Section -Style Heading4 "Zone Delegation" { $TableParams = @{ Name = "Zone Delegations - $($Domain.ToString().ToUpper())" @@ -120,7 +120,7 @@ function Get-AbrADDNSZone { try { $DNSSetting = Invoke-Command -Session $DCPssSession {Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones\*" | Get-ItemProperty | Where-Object {$_ -match 'SecondaryServers'}} if ($DNSSetting) { - Section -Style Heading5 "Zone Transfers" { + Section -Style Heading4 "Zone Transfers" { $OutObj = @() foreach ($Zone in $DNSSetting) { try { @@ -175,7 +175,7 @@ function Get-AbrADDNSZone { try { $DNSSetting = Get-DnsServerZone -CimSession $TempCIMSession -ComputerName $DC | Where-Object {$_.IsReverseLookupZone -like "True"} if ($DNSSetting) { - Section -Style Heading5 "Reverse Lookup Zone" { + Section -Style Heading4 "Reverse Lookup Zone" { $OutObj = @() Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC (Domain Name System Zone)" foreach ($Zones in $DNSSetting) { @@ -215,7 +215,7 @@ function Get-AbrADDNSZone { try { $DNSSetting = Get-DnsServerZone -CimSession $TempCIMSession -ComputerName $DC | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -like "Forwarder"} if ($DNSSetting) { - Section -Style Heading5 "Conditional Forwarder" { + Section -Style Heading4 "Conditional Forwarder" { $OutObj = @() Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Conditional Forwarder)" foreach ($Zones in $DNSSetting) { @@ -256,7 +256,7 @@ function Get-AbrADDNSZone { $DNSSetting = Get-DnsServerZone -CimSession $TempCIMSession -ComputerName $DC | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -eq "Primary"} | Select-Object -ExpandProperty ZoneName $Zones = Get-DnsServerZoneAging -CimSession $TempCIMSession -Name $DNSSetting -ComputerName $DC if ($Zones) { - Section -Style Heading5 "Zone Scope Aging" { + Section -Style Heading4 "Zone Scope Aging" { $OutObj = @() foreach ($Settings in $Zones) { try { diff --git a/Src/Private/Get-AbrADDomainController.ps1 b/Src/Private/Get-AbrADDomainController.ps1 index 9a57d73..8af831f 100644 --- a/Src/Private/Get-AbrADDomainController.ps1 +++ b/Src/Private/Get-AbrADDomainController.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDomainController { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -83,7 +83,7 @@ function Get-AbrADDomainController { try { Write-PscriboMessage "Collecting AD Domain Controller Hardware information for domain $Domain" - Section -Style Heading5 'Hardware Inventory' { + Section -Style Heading4 'Hardware Inventory' { Paragraph "The following section provides detailed Domain Controller hardware information for domain $($Domain.ToString().ToUpper())." BlankLine Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." @@ -133,7 +133,7 @@ function Get-AbrADDomainController { if ($InfoLevel.Domain -ge 2) { foreach ($DCHW in $DCHWInfo) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DCHW.Name.ToString().ToUpper()) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DCHW.Name.ToString().ToUpper()) { if ($HealthCheck.DomainController.Diagnostic) { if ([int]([regex]::Matches($DCHW.'Physical Memory', "\d+(\.*\d+)").value) -lt 8) { $DCHW | Set-Style -Style Warning -Property 'Physical Memory' @@ -194,7 +194,7 @@ function Get-AbrADDomainController { # DNS IP Section # #---------------------------------------------------------------------------------------------# try { - Section -Style Heading5 "DNS IP Configuration" { + Section -Style Heading4 "DNS IP Configuration" { $OutObj = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { @@ -295,7 +295,7 @@ function Get-AbrADDomainController { try { Write-PscriboMessage "Collecting AD Domain Controller NTDS information." - Section -Style Heading5 'NTDS Information' { + Section -Style Heading4 'NTDS Information' { $OutObj = @() Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." foreach ($DC in $DCs) { @@ -341,7 +341,7 @@ function Get-AbrADDomainController { } try { Write-PscriboMessage "Collecting AD Domain Controller Time Source information." - Section -Style Heading5 'Time Source Information' { + Section -Style Heading4 'Time Source Information' { $OutObj = @() Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." foreach ($DC in $DCs) { @@ -398,7 +398,7 @@ function Get-AbrADDomainController { if ($HealthCheck.DomainController.Diagnostic) { try { Write-PscriboMessage "Collecting AD Domain Controller SRV Records Status." - Section -Style Heading5 'SRV Records Status' { + Section -Style Heading4 'SRV Records Status' { $OutObj = @() Write-PscriboMessage "Discovering Active Directory Domain Controller SRV Records Status in $Domain." foreach ($DC in $DCs) { @@ -520,7 +520,7 @@ function Get-AbrADDomainController { $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllersFileShares' $Shares = Invoke-Command -Session $DCPssSession { Get-SmbShare | Where-Object { $_.Description -ne 'Default share' -and $_.Description -notmatch 'Remote' -and $_.Name -ne 'NETLOGON' -and $_.Name -ne 'SYSVOL' } } if ($Shares) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $FSObj = @() foreach ($Share in $Shares) { $inObj = [ordered] @{ @@ -558,7 +558,7 @@ function Get-AbrADDomainController { } if ($OutObj) { - Section -Style Heading5 "File Shares" { + Section -Style Heading4 "File Shares" { Paragraph "The following domain controllers have non-default file shares." $OutObj Paragraph "Health Check:" -Bold -Underline @@ -597,7 +597,7 @@ function Get-AbrADDomainController { } if ( $Software ) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() foreach ($APP in $Software) { try { @@ -642,7 +642,7 @@ function Get-AbrADDomainController { } } if ($DCObj) { - Section -Style Heading5 'Installed Software' { + Section -Style Heading4 'Installed Software' { Paragraph "The following section provides a summary of additional software running on Domain Controllers from domain $($Domain.ToString().ToUpper())." BlankLine $DCObj @@ -665,7 +665,7 @@ function Get-AbrADDomainController { Remove-PSSession -Session $DCPssSession if ( $Updates ) { - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() foreach ($Update in $Updates) { try { @@ -709,7 +709,7 @@ function Get-AbrADDomainController { } } if ($DCObj) { - Section -Style Heading5 'Missing Windows Updates' { + Section -Style Heading4 'Missing Windows Updates' { Paragraph "The following section provides a summary of pending/missing windows updates on Domain Controllers from domain $($Domain.ToString().ToUpper())." BlankLine $DCObj diff --git a/Src/Private/Get-AbrADDomainLastBackup.ps1 b/Src/Private/Get-AbrADDomainLastBackup.ps1 index 18cc68b..8e412c4 100644 --- a/Src/Private/Get-AbrADDomainLastBackup.ps1 +++ b/Src/Private/Get-AbrADDomainLastBackup.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDomainLastBackup { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADDomainLastBackup { $LastBackups = Get-WinADLastBackup -Domain $Domain -Credential $Credential Write-PscriboMessage "Discovered last taken backup information of domain $Domain." if ($LastBackups) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Naming Context Last Backup' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Naming Context Last Backup' { Paragraph "The following section details naming context last backup time for Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADDomainObject.ps1 b/Src/Private/Get-AbrADDomainObject.ps1 index 4d10b1e..d108775 100644 --- a/Src/Private/Get-AbrADDomainObject.ps1 +++ b/Src/Private/Get-AbrADDomainObject.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDomainObject { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -29,7 +29,7 @@ function Get-AbrADDomainObject { process { try { - Section -Style Heading4 'Domain Object Stats' { + Section -Style Heading3 'Domain Object Stats' { if ($Domain) { Write-PScriboMessage "Collecting the Active Directory Object Count of domain $Domain." try { @@ -104,7 +104,7 @@ function Get-AbrADDomainObject { } } if ($OutObj) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Computers' { + Section -ExcludeFromTOC -Style NOTOCHeading3 'Computers' { if ($chartFileItem) { Image -Text 'Computers Object - Diagram' -Align 'Center' -Percent 100 -Path $chartFileItem } @@ -175,7 +175,7 @@ function Get-AbrADDomainObject { } } if ($OutObj) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Domain Controller' { + Section -ExcludeFromTOC -Style NOTOCHeading3 'Domain Controller' { if ($chartFileItem) { Image -Text 'Domain Controller Object - Diagram' -Align 'Center' -Percent 100 -Path $chartFileItem } @@ -247,7 +247,7 @@ function Get-AbrADDomainObject { } } if ($OutObj) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Users' { + Section -ExcludeFromTOC -Style NOTOCHeading3 'Users' { if ($chartFileItem) { Image -Text 'Users Object - Diagram' -Align 'Center' -Percent 100 -Path $chartFileItem } @@ -393,7 +393,7 @@ function Get-AbrADDomainObject { } } if ($OutObj) { - Section -Style Heading4 'Status of Users Accounts' { + Section -Style Heading3 'Status of Users Accounts' { if ($chartFileItem) { Image -Text 'Status of Users Accounts - Diagram' -Align 'Center' -Percent 100 -Path $chartFileItem } @@ -404,7 +404,7 @@ function Get-AbrADDomainObject { Write-PScriboMessage -IsWarning $($_.Exception.Message) } try { - Section -Style Heading4 'Privileged Groups' { + Section -Style Heading3 'Privileged Groups' { $OutObj = @() if ($Domain) { Write-PScriboMessage "Collecting Privileged Group in Active Directory." @@ -491,7 +491,7 @@ function Get-AbrADDomainObject { Write-PScriboMessage "Collecting Privileged Group $($Group.Name) with SID $($Group.SID)" $GroupObjects = Invoke-Command -Session $TempPssSession { Get-ADGroupMember -Server $using:DC -Identity ($using:Group).Name -Recursive -ErrorAction SilentlyContinue | ForEach-Object {Get-ADUser -Filter 'SamAccountName -eq $_.SamAccountName' -Server $using:DC -Property SamAccountName,objectClass,LastLogonDate,passwordNeverExpires,Enabled -SearchBase (Get-ADDomain -Identity $using:Domain).distinguishedName }} if ($GroupObjects) { - Section -ExcludeFromTOC -Style NOTOCHeading5 "$($Group.Name) ($(($GroupObjects | Measure-Object).count) Members)" { + Section -ExcludeFromTOC -Style NOTOCHeading4 "$($Group.Name) ($(($GroupObjects | Measure-Object).count) Members)" { $OutObj = @() foreach ($GroupObject in $GroupObjects) { $inObj = [ordered] @{ @@ -683,7 +683,7 @@ function Get-AbrADDomainObject { } } if ($OutObj) { - Section -Style Heading4 'Status of Computer Accounts' { + Section -Style Heading3 'Status of Computer Accounts' { if ($chartFileItem -and ($OutObj.'Total' | Measure-Object -Sum).Sum -ne 0) { Image -Text 'Status of Computer Accounts - Diagram' -Align 'Center' -Percent 100 -Path $chartFileItem } @@ -695,7 +695,7 @@ function Get-AbrADDomainObject { Write-PScriboMessage -IsWarning $($_.Exception.Message) } try { - Section -Style Heading4 'Operating Systems Count' { + Section -Style Heading3 'Operating Systems Count' { $OutObj = @() if ($Domain) { Write-PScriboMessage "Collecting Operating Systems in Active Directory." @@ -743,7 +743,7 @@ function Get-AbrADDomainObject { Write-PScriboMessage -IsWarning $($_.Exception.Message) } try { - Section -Style Heading4 'Default Domain Password Policy' { + Section -Style Heading3 'Default Domain Password Policy' { $OutObj = @() if ($Domain) { Write-PScriboMessage "Collecting the Active Directory Default Domain Password Policy of domain $Item." @@ -789,7 +789,7 @@ function Get-AbrADDomainObject { $DCPDC = Invoke-Command -Session $TempPssSession { Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty PDCEmulator } $PasswordPolicy = Invoke-Command -Session $TempPssSession { Get-ADFineGrainedPasswordPolicy -Server $using:DCPDC -Filter { Name -like "*" } -Properties * -SearchBase (Get-ADDomain -Identity $using:Domain).distinguishedName } | Sort-Object -Property Name if ($PasswordPolicy) { - Section -Style Heading4 'Fined Grained Password Policies' { + Section -Style Heading3 'Fined Grained Password Policies' { $FGPPInfo = @() foreach ($FGPP in $PasswordPolicy) { try { @@ -821,7 +821,7 @@ function Get-AbrADDomainObject { if ($InfoLevel.Domain -ge 2) { foreach ($FGPP in $FGPPInfo) { - Section -Style NOTOCHeading5 -ExcludeFromTOC "$($FGPP.Name)" { + Section -Style NOTOCHeading4 -ExcludeFromTOC "$($FGPP.Name)" { $TableParams = @{ Name = "Fined Grained Password Policies - $($FGPP.Name)" List = $true @@ -860,7 +860,7 @@ function Get-AbrADDomainObject { $DomainInfo = Invoke-Command -Session $TempPssSession { Get-ADDomain $using:Domain -ErrorAction Stop } $DCPDC = Invoke-Command -Session $TempPssSession { Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty PDCEmulator } $LAPS = Invoke-Command -Session $TempPssSession { Get-ADObject -Server $using:DCPDC "CN=ms-Mcs-AdmPwd,CN=Schema,CN=Configuration,$(($using:DomainInfo).DistinguishedName)" } | Sort-Object -Property Name - Section -Style Heading4 'Local Administrator Password Solution' { + Section -Style Heading3 'Windows LAPS ' { $LAPSInfo = @() try { $inObj = [ordered] @{ @@ -886,7 +886,7 @@ function Get-AbrADDomainObject { if ($InfoLevel.Domain -ge 2) { foreach ($LAP in $LAPSInfo) { $TableParams = @{ - Name = "Local Administrator Password Solution - $($Domain.ToString().ToUpper())" + Name = "Windows LAPS - $($Domain.ToString().ToUpper())" List = $true ColumnWidths = 40, 60 } @@ -897,7 +897,7 @@ function Get-AbrADDomainObject { } } else { $TableParams = @{ - Name = "Local Administrator Password Solution - $($Domain.ToString().ToUpper())" + Name = "Windows LAPS - $($Domain.ToString().ToUpper())" List = $false Columns = 'Name', 'Domain Name', 'Enabled' ColumnWidths = 34, 33, 33 @@ -920,7 +920,7 @@ function Get-AbrADDomainObject { } } } catch { - Write-PScriboMessage -IsWarning "$($_.Exception.Message) (Local Administrator Password Solution)" + Write-PScriboMessage -IsWarning "$($_.Exception.Message) (Windows LAPS)" } try { @@ -930,7 +930,7 @@ function Get-AbrADDomainObject { Write-PScriboMessage "Collecting the Active Directory Group Managed Service Accounts from DC $DC." $GMSA = Invoke-Command -Session $TempPssSession { Get-ADServiceAccount -Server $using:DC -Filter * -Properties * } if ($GMSA) { - Section -Style Heading4 'gMSA identities' { + Section -Style Heading3 'gMSA Identities' { $GMSAInfo = @() foreach ($Account in $GMSA) { try { @@ -992,7 +992,7 @@ function Get-AbrADDomainObject { if ($InfoLevel.Domain -ge 2) { foreach ($Account in $GMSAInfo) { - Section -Style NOTOCHeading5 -ExcludeFromTOC "$($Account.Name)" { + Section -Style NOTOCHeading4 -ExcludeFromTOC "$($Account.Name)" { $TableParams = @{ Name = "gMSA - $($Account.Name)" List = $true diff --git a/Src/Private/Get-AbrADDuplicateObject.ps1 b/Src/Private/Get-AbrADDuplicateObject.ps1 index 656db77..406adeb 100644 --- a/Src/Private/Get-AbrADDuplicateObject.ps1 +++ b/Src/Private/Get-AbrADDuplicateObject.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDuplicateObject { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADDuplicateObject { $Objects = Get-WinADDuplicateObject -Domain $Domain -Credential $Credential Write-PscriboMessage "Discovered AD Duplicate Objects information from $Domain." if ($Objects) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Duplicate Objects' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Duplicate Objects' { Paragraph "The following section details Duplicate Objects discovered on Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADDuplicateSPN.ps1 b/Src/Private/Get-AbrADDuplicateSPN.ps1 index 3b8f9a8..148577d 100644 --- a/Src/Private/Get-AbrADDuplicateSPN.ps1 +++ b/Src/Private/Get-AbrADDuplicateSPN.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDuplicateSPN { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADDuplicateSPN { $SPNs = Get-WinADDuplicateSPN -Domain $Domain -Credential $Credential Write-PscriboMessage "Discovered AD Duplicate SPN information from $Domain." if ($SPNs) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Duplicate SPN' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Duplicate SPN' { Paragraph "The following section details Duplicate SPN discovered on Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADFSMO.ps1 b/Src/Private/Get-AbrADFSMO.ps1 index ed47da4..746c0c3 100644 --- a/Src/Private/Get-AbrADFSMO.ps1 +++ b/Src/Private/Get-AbrADFSMO.ps1 @@ -5,7 +5,7 @@ function Get-AbrADFSMO { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -34,7 +34,7 @@ function Get-AbrADFSMO { if ($DomainData -and $ForestData) { $DC = Invoke-Command -Session $TempPssSession {(Get-ADDomain -Identity $using:Domain).ReplicaDirectoryServers | Select-Object -First 1} $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'FSMORoles' - Section -Style Heading4 'FSMO Roles' { + Section -Style Heading3 'FSMO Roles' { $IsInfraMasterGC = (Invoke-Command -Session $DCPssSession {Get-ADDomainController -Identity ($using:DomainData).InfrastructureMaster}).IsGlobalCatalog $OutObj = @() try { diff --git a/Src/Private/Get-AbrADGPO.ps1 b/Src/Private/Get-AbrADGPO.ps1 index 4825f8f..70a80e7 100644 --- a/Src/Private/Get-AbrADGPO.ps1 +++ b/Src/Private/Get-AbrADGPO.ps1 @@ -5,7 +5,7 @@ function Get-AbrADGPO { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -29,7 +29,7 @@ function Get-AbrADGPO { process { try { - Section -Style Heading5 "Group Policy Objects" { + Section -Style Heading4 "Group Policy Objects" { Paragraph "The following section provides a summary of the Group Policy Objects for domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() @@ -111,7 +111,7 @@ function Get-AbrADGPO { if ($InfoLevel.Domain -ge 2) { try { foreach ($GPO in $GPOs) { - Section -ExcludeFromTOC -Style NOTOCHeading6 "$($GPO.DisplayName)" { + Section -ExcludeFromTOC -Style NOTOCHeading5 "$($GPO.DisplayName)" { try { [xml]$Links = Invoke-Command -Session $TempPssSession -ScriptBlock {$using:GPO | Get-GPOReport -Domain $using:Domain -ReportType XML} Write-PscriboMessage "Collecting Active Directory Group Policy Objects '$($GPO.DisplayName)'. (Group Policy Objects)" @@ -210,7 +210,7 @@ function Get-AbrADGPO { Remove-PSSession -Session $DCPssSession } if ($WmiFilters) { - Section -Style Heading6 "WMI Filters" { + Section -Style Heading5 "WMI Filters" { $OutObj = @() foreach ($WmiFilter in $WmiFilters) { Write-PscriboMessage "Discovered wmi filter information on $Domain. (WMI Filters)" @@ -248,7 +248,7 @@ function Get-AbrADGPO { $PATH = "\\$Domain\SYSVOL\$Domain\Policies\PolicyDefinitions" $CentralStore = Invoke-Command -Session $TempPssSession -ScriptBlock {Test-Path $using:PATH} if ($PATH) { - Section -Style Heading6 "Central Store Repository" { + Section -Style Heading5 "Central Store Repository" { $OutObj = @() Write-PscriboMessage "Discovered Active Directory Central Store information on $Domain. (Central Store)" $inObj = [ordered] @{ @@ -318,7 +318,7 @@ function Get-AbrADGPO { } } if ($OutObj) { - Section -Style Heading6 "User Logon/Logoff Script" { + Section -Style Heading5 "Logon/Logoff Script" { if ($HealthCheck.Domain.GPO) { $OutObj | Where-Object { $_.'GPO Status' -like 'All Settings Disabled'} | Set-Style -Style Warning -Property 'GPO Status' } @@ -371,7 +371,7 @@ function Get-AbrADGPO { } } if ($OutObj) { - Section -Style Heading6 "Computer Startup/Shutdown Script" { + Section -Style Heading5 "Startup/Shutdown Script" { if ($HealthCheck.Domain.GPO) { $OutObj | Where-Object { $_.'GPO Status' -like 'All Settings Disabled'} | Set-Style -Style Warning -Property 'GPO Status' } @@ -420,7 +420,7 @@ function Get-AbrADGPO { } } if ($OutObj) { - Section -Style Heading6 "Unlinked GPO" { + Section -Style Heading5 "Unlinked GPO" { if ($HealthCheck.Domain.GPO) { $OutObj | Set-Style -Style Warning } @@ -471,7 +471,7 @@ function Get-AbrADGPO { } } if ($OutObj) { - Section -Style Heading6 "Empty GPOs" { + Section -Style Heading5 "Empty GPOs" { if ($HealthCheck.Domain.GPO) { $OutObj | Set-Style -Style Warning } @@ -527,7 +527,7 @@ function Get-AbrADGPO { } if ($OutObj) { - Section -Style Heading6 "Enforced GPO" { + Section -Style Heading5 "Enforced GPO" { if ($HealthCheck.Domain.GPO) { $OutObj | Set-Style -Style Warning } @@ -579,7 +579,7 @@ function Get-AbrADGPO { $OrphanGPOs += $MissingADGPOs $OrphanGPOs += $MissingSYSVOLGPOs if ($OrphanGPOs) { - Section -Style Heading6 "Orphaned GPO" { + Section -Style Heading5 "Orphaned GPO" { Paragraph "The following table summarizes the group policy objects that are orphaned or missing in the AD database or in the SYSVOL directory." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADInfrastructureService.ps1 b/Src/Private/Get-AbrADInfrastructureService.ps1 index e2b69d7..94d4728 100644 --- a/Src/Private/Get-AbrADInfrastructureService.ps1 +++ b/Src/Private/Get-AbrADInfrastructureService.ps1 @@ -5,7 +5,7 @@ function Get-AbrADInfrastructureService { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -34,7 +34,7 @@ function Get-AbrADInfrastructureService { $Available = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-Service "W32Time" | Select-Object DisplayName, Name, Status} if ($Available) { Write-PscriboMessage "Discovered Active Directory DC Infrastructure Services information of $DC." - Section -ExcludeFromTOC -Style NOTOCHeading6 $($DC.ToString().ToUpper().Split(".")[0]) { + Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() if ($DC) { $Services = @('CertSvc','DHCPServer','DNS','DFS Replication','Intersite Messaging','Kerberos Key Distribution Center','NetLogon','Active Directory Domain Services','W32Time','ADWS','RPCSS','EVENTSYSTEM','DNSCACHE','SAMSS','WORKSTATION','Spooler') diff --git a/Src/Private/Get-AbrADKerberosAudit.ps1 b/Src/Private/Get-AbrADKerberosAudit.ps1 index 3e905e7..7a957ae 100644 --- a/Src/Private/Get-AbrADKerberosAudit.ps1 +++ b/Src/Private/Get-AbrADKerberosAudit.ps1 @@ -5,7 +5,7 @@ function Get-AbrADKerberosAudit { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -34,7 +34,7 @@ function Get-AbrADKerberosAudit { $Unconstrained = Invoke-Command -Session $TempPssSession {Get-ADComputer -Filter { (TrustedForDelegation -eq $True) -AND (PrimaryGroupID -ne '516') -AND (PrimaryGroupID -ne '521') } -Server $using:DC -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName} Write-PscriboMessage "Discovered Unconstrained Kerberos Delegation information from $Domain." if ($Unconstrained) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Unconstrained Kerberos Delegation' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Unconstrained Kerberos Delegation' { Paragraph "The following section provide a summary of unconstrained kerberos delegation on Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() @@ -78,7 +78,7 @@ function Get-AbrADKerberosAudit { $KRBTGT = $Users | Where-Object {$_.Name -eq 'krbtgt'} Write-PscriboMessage "Discovered Unconstrained Kerberos Delegation information from $Domain." if ($KRBTGT) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'KRBTGT Account Audit' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'KRBTGT Account Audit' { Paragraph "The following section provide a summary of KRBTGT account on Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() @@ -127,7 +127,7 @@ function Get-AbrADKerberosAudit { $ADMIN = $Users | Where-Object {$_.SID -eq $SID} Write-PscriboMessage "Discovered Unconstrained Kerberos Delegation information from $Domain." if ($ADMIN) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Administrator Account Audit' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Administrator Account Audit' { Paragraph "The following section provide a summary of Administrator account on Domain $($Domain.ToString().ToUpper())." BlankLine $OutObj = @() diff --git a/Src/Private/Get-AbrADOU.ps1 b/Src/Private/Get-AbrADOU.ps1 index dc79b86..6d28635 100644 --- a/Src/Private/Get-AbrADOU.ps1 +++ b/Src/Private/Get-AbrADOU.ps1 @@ -5,7 +5,7 @@ function Get-AbrADOU { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADOU { Write-PscriboMessage "Discovered Active Directory Organizational Unit information on DC $DC. (Organizational Unit)" $OUs = Invoke-Command -Session $TempPssSession -ScriptBlock {Get-ADOrganizationalUnit -Server $using:DC -Properties * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName -Filter *} if ($OUs) { - Section -Style Heading4 "Organizational Units" { + Section -Style Heading3 "Organizational Units" { Paragraph "The following section provides a summary of Active Directory Organizational Unit information." BlankLine $OutObj = @() @@ -114,7 +114,7 @@ function Get-AbrADOU { } } if ($OutObj) { - Section -ExcludeFromTOC -Style NOTOCHeading4 "GPO Blocked Inheritance" { + Section -ExcludeFromTOC -Style NOTOCHeading3 "GPO Blocked Inheritance" { if ($HealthCheck.Domain.GPO) { $OutObj | Set-Style -Style Warning } diff --git a/Src/Private/Get-AbrADSecurityAssessment.ps1 b/Src/Private/Get-AbrADSecurityAssessment.ps1 index 044fb71..a8ccca1 100644 --- a/Src/Private/Get-AbrADSecurityAssessment.ps1 +++ b/Src/Private/Get-AbrADSecurityAssessment.ps1 @@ -5,7 +5,7 @@ function Get-AbrADSecurityAssessment { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -131,7 +131,7 @@ function Get-AbrADSecurityAssessment { } } if ($OutObj) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Account Security Assessment' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Account Security Assessment' { Paragraph "The following section provide a summary of the Account Security Assessment on Domain $($Domain.ToString().ToUpper())." BlankLine if ($chartFileItem) { @@ -154,7 +154,7 @@ function Get-AbrADSecurityAssessment { try { Write-PscriboMessage "Discovered Privileged Users information from $Domain." if ($PrivilegedUsers) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Privileged Users Assessment' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Privileged Users Assessment' { Paragraph "The following section details probable AD Admin accounts (user accounts with AdminCount set to 1) on Domain $($Domain.ToString().ToUpper())" BlankLine $OutObj = @() @@ -209,7 +209,7 @@ function Get-AbrADSecurityAssessment { Write-PscriboMessage "Discovered Inactive Privileged Accounts information from $Domain." $InactivePrivilegedUsers = $PrivilegedUsers | Where-Object {($_.LastLogonDate -le (Get-Date).AddDays(-30)) -AND ($_.PasswordLastSet -le (Get-Date).AddDays(-365)) -and ($_.SamAccountName -ne 'krbtgt') -and ($_.SamAccountName -ne 'Administrator') } if ($InactivePrivilegedUsers) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Inactive Privileged Accounts' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Inactive Privileged Accounts' { Paragraph "The following section details privileged accounts with the following filter (LastLogonDate >=30 days and PasswordLastSet >= 365 days) on Domain $($Domain.ToString().ToUpper())" BlankLine $OutObj = @() @@ -269,7 +269,7 @@ function Get-AbrADSecurityAssessment { $UserSPNs = Invoke-Command -Session $TempPssSession {Get-ADUser -ResultPageSize 1000 -Server $using:Domain -filter {ServicePrincipalName -like '*'} -Properties AdminCount,PasswordLastSet,LastLogonDate,ServicePrincipalName,TrustedForDelegation,TrustedtoAuthForDelegation} Write-PscriboMessage "Discovered Service Accounts information from $Domain." if ($UserSPNs) { - Section -ExcludeFromTOC -Style NOTOCHeading5 'Service Accounts Assessment' { + Section -ExcludeFromTOC -Style NOTOCHeading4 'Service Accounts Assessment' { Paragraph "The following section details probable AD Service Accounts (user accounts with SPNs) on Domain $($Domain.ToString().ToUpper())" BlankLine $OutObj = @() @@ -331,7 +331,5 @@ function Get-AbrADSecurityAssessment { } } } - end {} - } \ No newline at end of file diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index 010c0db..2b89ee3 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -5,7 +5,7 @@ function Get-AbrADSiteReplication { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -81,11 +81,11 @@ function Get-AbrADSiteReplication { } if ($ReplInfo) { if ($InfoLevel.Domain -ge 2) { - Section -Style Heading5 'Replication Connection' { + Section -Style Heading4 'Replication Connection' { Paragraph "The following section provides detailed information about Replication Connection." BlankLine foreach ($Repl in ($ReplInfo | Sort-Object -Property 'Replicate From Directory Server')) { - Section -Style NOTOCHeading5 -ExcludeFromTOC "Site: $($Repl.'From Site'): From: $($Repl.'From Server') To: $($Repl.'To Server')" { + Section -Style NOTOCHeading4 -ExcludeFromTOC "Site: $($Repl.'From Site'): From: $($Repl.'From Server') To: $($Repl.'To Server')" { $TableParams = @{ Name = "Replication Connection - $($Repl.'To Server')" List = $true @@ -99,7 +99,7 @@ function Get-AbrADSiteReplication { } } } else { - Section -Style Heading5 'Replication Connection' { + Section -Style Heading4 'Replication Connection' { Paragraph "The following section provide connection objects to source server ." BlankLine $TableParams = @{ @@ -128,7 +128,7 @@ function Get-AbrADSiteReplication { Write-PscriboMessage "Discovered Active Directory Replication Status on $Domain. (Replication Status)" $RepStatus = Invoke-Command -Session $DCPssSession -ScriptBlock {repadmin /showrepl /repsto /csv | ConvertFrom-Csv} if ($RepStatus) { - Section -Style Heading5 'Replication Status' { + Section -Style Heading4 'Replication Status' { $OutObj = @() Write-PscriboMessage "Collecting Active Directory Replication Status from $($Domain). (Replication Status)" foreach ($Status in $RepStatus) { diff --git a/Src/Private/Get-AbrADTrust.ps1 b/Src/Private/Get-AbrADTrust.ps1 index c365a25..c3daebc 100644 --- a/Src/Private/Get-AbrADTrust.ps1 +++ b/Src/Private/Get-AbrADTrust.ps1 @@ -5,7 +5,7 @@ function Get-AbrADTrust { .DESCRIPTION .NOTES - Version: 0.7.11 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -34,7 +34,7 @@ function Get-AbrADTrust { $DC = Invoke-Command -Session $TempPssSession {(Get-ADDomain -Identity $using:Domain).ReplicaDirectoryServers | Select-Object -First 1} $Trusts = Invoke-Command -Session $TempPssSession {Get-ADTrust -Filter * -Server $using:DC} if ($Trusts) { - Section -Style Heading4 'Domain and Trusts' { + Section -Style Heading3 'Domain and Trusts' { $TrustInfo = @() Write-PScriboMessage "Discovered created trusts in domain $Domain" foreach ($Trust in $Trusts) { @@ -62,7 +62,7 @@ function Get-AbrADTrust { if ($InfoLevel.Domain -ge 2) { foreach ($Trust in $TrustInfo) { - Section -Style NOTOCHeading5 -ExcludeFromTOC "$($Trust.Name)" { + Section -Style NOTOCHeading4 -ExcludeFromTOC "$($Trust.Name)" { $TableParams = @{ Name = "Trusts - $($Trust.Name)" List = $true diff --git a/Src/Private/Get-AbrDNSSection.ps1 b/Src/Private/Get-AbrDNSSection.ps1 new file mode 100644 index 0000000..9f03a5b --- /dev/null +++ b/Src/Private/Get-AbrDNSSection.ps1 @@ -0,0 +1,76 @@ +function Get-AbrDNSSection { + <# + .SYNOPSIS + Used by As Built Report to build Microsoft AD DNS Section. + .DESCRIPTION + + .NOTES + Version: 0.7.15 + Author: Jonathan Colon + Twitter: @jcolonfzenpr + Github: rebelinux + .EXAMPLE + + .LINK + + #> + [CmdletBinding()] + param ( + ) + + begin { + Write-PscriboMessage "Discovering DNS server information from $ForestInfo." + } + + process { + if ($InfoLevel.DNS -ge 1) { + Section -Style Heading1 "DNS Configuration" { + if ($Options.ShowDefinitionInfo) { + Paragraph "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols." + BlankLine + } + if (!$Options.ShowDefinitionInfo) { + Paragraph "The following section provides a summary of the Active Directory DNS Infrastructure Information." + BlankLine + } + foreach ($Domain in $OrderedDomains.split(" ")) { + if ($Domain) { + try { + # Define Filter option for Domain variable + if ($Options.Include.Domains) { + $DomainFilterOption = $Domain -in $Options.Include.Domains + + } else { + $DomainFilterOption = $Domain -notin $Options.Exclude.Domains + } + if (( $DomainFilterOption ) -and (Invoke-Command -Session $TempPssSession {Get-ADDomain $using:Domain -ErrorAction Stop})) { + Section -Style Heading2 "$($Domain.ToString().ToUpper())" { + Paragraph "The following section provides a configuration summary of the DNS service." + BlankLine + Get-AbrADDNSInfrastructure -Domain $Domain + $DCs = Invoke-Command -Session $TempPssSession {Get-ADDomain $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object { $_ -notin ($using:Options).Exclude.DCs}} + foreach ($DC in $DCs){ + if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DDNSInfrastructure' + Get-AbrADDNSZone -Domain $Domain -DC $DC + } + if ($DCPssSession) { + Remove-PSSession -Session $DCPssSession + } + } + } + } else { + Write-PScriboMessage "$($Domain) disabled in Exclude.Domain variable" + } + } + catch { + Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Name System Information)" + continue + } + } + } + } + } + } + end {} +} diff --git a/Src/Private/Get-AbrDomainSection.ps1 b/Src/Private/Get-AbrDomainSection.ps1 new file mode 100644 index 0000000..4d8fbf0 --- /dev/null +++ b/Src/Private/Get-AbrDomainSection.ps1 @@ -0,0 +1,149 @@ +function Get-AbrDomainSection { + <# + .SYNOPSIS + Used by As Built Report to build Microsoft AD Domain Section. + .DESCRIPTION + + .NOTES + Version: 0.7.15 + Author: Jonathan Colon + Twitter: @jcolonfzenpr + Github: rebelinux + .EXAMPLE + + .LINK + + #> + [CmdletBinding()] + param ( + ) + + begin { + Write-PscriboMessage "Discovering Domain information from $ForestInfo." + } + + process { + if ($InfoLevel.Domain -ge 1) { + Section -Style Heading1 "AD Domain Configuration" { + if ($Options.ShowDefinitionInfo) { + Paragraph "An Active Directory domain is a collection of objects within a Microsoft Active Directory network. An object can be a single user or a group or it can be a hardware component, such as a computer or printer.Each domain holds a database containing object identity information. Active Directory domains can be identified using a DNS name, which can be the same as an organization's public domain name, a sub-domain or an alternate version (which may end in .local)." + BlankLine + } + if (!$Options.ShowDefinitionInfo) { + Paragraph "The following section provides a summary of the Active Directory Domain Information." + BlankLine + } + + foreach ($Domain in $OrderedDomains.split(" ")) { + if ($Domain) { + # Define Filter option for Domain variable + if ($Options.Include.Domains) { + $DomainFilterOption = $Domain -in $Options.Include.Domains + + } else { + $DomainFilterOption = $Domain -notin $Options.Exclude.Domains + } + try { + if (( $DomainFilterOption ) -and (Invoke-Command -Session $TempPssSession {Get-ADDomain -Identity $using:Domain})) { + Section -Style Heading2 "$($Domain.ToString().ToUpper())" { + Paragraph "The following section provides a summary of the Active Directory Domain Information." + BlankLine + Get-AbrADDomain -Domain $Domain + Get-AbrADFSMO -Domain $Domain + Get-AbrADTrust -Domain $Domain + Get-AbrADDomainObject -Domain $Domain + if ($HealthCheck.Domain.Backup -or $HealthCheck.Domain.DFS -or $HealthCheck.Domain.SPN -or $HealthCheck.Domain.Security -or $HealthCheck.Domain.DuplicateObject) { + Section -Style Heading3 'Health Checks' { + Get-AbrADDomainLastBackup -Domain $Domain + Get-AbrADDFSHealth -Domain $Domain + if ($Domain -like $ADSystem.RootDomain) { + Get-AbrADDuplicateSPN -Domain $ADSystem.RootDomain + } + Get-AbrADSecurityAssessment -Domain $Domain + Get-AbrADKerberosAudit -Domain $Domain + Get-AbrADDuplicateObject -Domain $Domain + } + } + Section -Style Heading3 'Domain Controllers' { + if ($Options.ShowDefinitionInfo) { + Paragraph "A domain controller (DC) is a server computer that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain." + BlankLine + } + if (!$Options.ShowDefinitionInfo) { + Paragraph "The following section provides a summary of the Active Directory Domain Controllers." + BlankLine + } + $DCs = Invoke-Command -Session $TempPssSession {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object { $_ -notin ($using:Options).Exclude.DCs}} | Sort-Object + + if ($DCs) { + + Get-AbrADDomainController -Domain $Domain -Dcs $DCs + + if ($InfoLevel.Domain -ge 2) { + Section -Style Heading4 "Roles" { + Paragraph "The following section provides a summary of installed role & features on $Domain DCs." + foreach ($DC in $DCs){ + $DCStatus = Test-Connection -ComputerName $DC -Quiet -Count 2 + if ($DCStatus -eq $false) { + Write-PScriboMessage -IsWarning "Unable to connect to $DC. Removing it from the $Domain report" + } + if (($DC -notin $Options.Exclude.DCs) -and $DCStatus) { + Get-AbrADDCRoleFeature -DC $DC + } + } + } + } + if ($HealthCheck.DomainController.Diagnostic) { + try { + Section -Style Heading4 'DC Diagnostic' { + Paragraph "The following section provides a summary of the Active Directory DC Diagnostic." + BlankLine + foreach ($DC in $DCs){ + if (($DC -notin $Options.Exclude.DCs) -and (Test-Connection -ComputerName $DC -Quiet -Count 2)) { + Get-AbrADDCDiag -Domain $Domain -DC $DC + } + } + } + } + catch { + Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation. ('DCDiag Information)" + Write-PscriboMessage -IsWarning $_.Exception.Message + continue + } + } + try { + Section -Style Heading4 "Infrastructure Services" { + Paragraph "The following section provides a summary of the Domain Controller Infrastructure services status." + foreach ($DC in $DCs){ + if (($DC -notin $Options.Exclude.DCs) -and (Test-Connection -ComputerName $DC -Quiet -Count 2)) { + Get-AbrADInfrastructureService -DC $DC + } + } + } + } + catch { + Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation. (ADInfrastructureService)" + Write-PscriboMessage -IsWarning $_.Exception.Message + continue + } + } + Get-AbrADSiteReplication -Domain $Domain + Get-AbrADGPO -Domain $Domain + Get-AbrADOU -Domain $Domain + } + } + } else { + Write-PScriboMessage "$($Domain) disabled in Exclude.Domain variable" + } + } + catch { + Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Active Directory Domain)" + continue + } + } + } + } + } + } + end {} +} diff --git a/Src/Private/Get-AbrForestSection.ps1 b/Src/Private/Get-AbrForestSection.ps1 new file mode 100644 index 0000000..f135a86 --- /dev/null +++ b/Src/Private/Get-AbrForestSection.ps1 @@ -0,0 +1,63 @@ +function Get-AbrForestSection { + <# + .SYNOPSIS + Used by As Built Report to build Microsoft AD Forest Section. + .DESCRIPTION + + .NOTES + Version: 0.7.15 + Author: Jonathan Colon + Twitter: @jcolonfzenpr + Github: rebelinux + .EXAMPLE + + .LINK + + #> + [CmdletBinding()] + param ( + ) + + begin { + Write-PscriboMessage "Discovering Forest information from $Domain." + } + + process { + Section -Style Heading1 "$($ForestInfo.toUpper())" { + Paragraph "The following section provides a summary of the Active Directory Infrastructure configuration for $($ForestInfo)." + BlankLine + Write-PScriboMessage "Forest InfoLevel set at $($InfoLevel.Forest)." + if ($InfoLevel.Forest -ge 1) { + try { + Section -Style Heading2 "Forest Configuration." { + if ($Options.ShowDefinitionInfo) { + Paragraph "The Active Directory framework that holds the objects can be viewed at a number of levels. The forest, tree, and domain are the logical divisions in an Active Directory network. At the top of the structure is the forest. A forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which users, computers, groups, and other objects are accessible." + BlankLine + } + if (!$Options.ShowDefinitionInfo) { + Paragraph "The following section provides a summary of the Active Directory Forest Information." + BlankLine + } + try { + Get-AbrADForest + } + catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + try { + Get-AbrADSite + } + catch { + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + } + catch { + Write-PscriboMessage -IsWarning "Error: Unable to retreive Forest: $ForestInfo information." + Write-PscriboMessage -IsWarning $_.Exception.Message + } + } + } + } + end {} +} \ No newline at end of file diff --git a/Src/Private/SharedUtilsFunctions.ps1 b/Src/Private/SharedUtilsFunctions.ps1 index 13a2607..f8b189f 100644 --- a/Src/Private/SharedUtilsFunctions.ps1 +++ b/Src/Private/SharedUtilsFunctions.ps1 @@ -1737,4 +1737,134 @@ function Get-ComputerADDomain () Write-Verbose -Message 'Calling GetCurrentDomain()' ([DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()) +} + +function Find-AuditingIssue { + <# + .SYNOPSIS + Used by As Built Report to find PKI Server auditing not enabled. + .DESCRIPTION + + .NOTES + Version: 2023.08 + Author: Jake Hildreth + + .EXAMPLE + + .LINK + https://github.com/TrimarcJake/Locksmith + #> + [CmdletBinding()] + param( + [Parameter(Mandatory = $true)] + [array]$ADCSObjects + ) + $ADCSObjects | Where-Object { + ($_.objectClass -eq 'pKIEnrollmentService') -and + ($_.AuditFilter -ne '127') + } | ForEach-Object { + $Issue = New-Object -TypeName pscustomobject + $Issue | Add-Member -MemberType NoteProperty -Name Forest -Value $_.CanonicalName.split('/')[0] -Force + $Issue | Add-Member -MemberType NoteProperty -Name Name -Value $_.Name -Force + $Issue | Add-Member -MemberType NoteProperty -Name DistinguishedName -Value $_.DistinguishedName -Force + if ($_.AuditFilter -match 'CA Unavailable') { + $Issue | Add-Member -MemberType NoteProperty -Name Issue -Value $_.AuditFilter -Force + $Issue | Add-Member -MemberType NoteProperty -Name Fix -Value 'N/A' -Force + $Issue | Add-Member -MemberType NoteProperty -Name Revert -Value 'N/A' -Force + $Issue | Add-Member -MemberType NoteProperty -Name Technique -Value 'DETECT' -Force + } + else { + $AuditValue = Switch ($_.AuditFilter) { + $Null {'Never Configured'} + default {$_.AuditFilter} + } + $Issue | Add-Member -MemberType NoteProperty -Name Issue -Value "Auditing is not fully enabled. Current value is $($AuditValue)" -Force + $Issue | Add-Member -MemberType NoteProperty -Name Fix ` + -Value "certutil -config `'$($_.CAFullname)`' -setreg `'CA\AuditFilter`' 127; Invoke-Command -ComputerName `'$($_.dNSHostName)`' -ScriptBlock { Get-Service -Name `'certsvc`' | Restart-Service -Force }" -Force + $Issue | Add-Member -MemberType NoteProperty -Name Revert ` + -Value "certutil -config $($_.CAFullname) -setreg CA\AuditFilter $($_.AuditFilter); Invoke-Command -ComputerName `'$($_.dNSHostName)`' -ScriptBlock { Get-Service -Name `'certsvc`' | Restart-Service -Force }" -Force + $Issue | Add-Member -MemberType NoteProperty -Name Technique -Value 'DETECT' -Force + } + $Severity = Get-Severity -Issue $Issue + $Issue | Add-Member -MemberType NoteProperty -Name Severity -Value $Severity + $Issue + } +} + + +function Get-ADCSObject { + <# + .SYNOPSIS + Used by As Built Report to find PKI Server auditing not enabled. + .DESCRIPTION + + .NOTES + Version: 2023.08 + Author: Jake Hildreth + + .EXAMPLE + + .LINK + https://github.com/TrimarcJake/Locksmith + #> + [CmdletBinding()] + param( + [Parameter(Mandatory)] + [string]$Target + ) + try { + $ADRoot = Invoke-Command -Session $TempPssSession {(Get-ADRootDSE -Server $Using:Target).defaultNamingContext} + Invoke-Command -Session $TempPssSession {Get-ADObject -Filter * -SearchBase "CN=Public Key Services,CN=Services,CN=Configuration,$Using:ADRoot" -SearchScope 2 -Properties *} + } catch { + Write-PScriboMessage -IsWarning "Unable to find CA auditing information" + } +} + +function get-Severity { + <# + .SYNOPSIS + Used by As Built Report to find PKI Server auditing not enabled. + .DESCRIPTION + + .NOTES + Version: 2023.08 + Author: Spencer Alessi + + + .EXAMPLE + + .LINK + https://github.com/TrimarcJake/Locksmith + #> + [CmdletBinding()] + param( + [Parameter(Mandatory = $true)] + [array]$Issue + ) + foreach ($Finding in $Issue) { + try { + # Auditing + if ($Finding.Technique -eq 'DETECT') { + return 'Medium' + } + # ESC6 + if ($Finding.Technique -eq 'ESC6') { + return 'High' + } + # ESC8 + if ($Finding.Technique -eq 'ESC8') { + return 'High' + } + # ESC1, ESC2, ESC4, ESC5 + $SID = ConvertFrom-IdentityReference -Object $Finding.IdentityReference + if ($SID -match $SafeUsers -or $SID -match $SafeOwners) { + return 'Medium' + } + if (($SID -notmatch $SafeUsers -and $SID -notmatch $SafeOwners) -and ($Finding.ActiveDirectoryRights -match $DangerousRights)) { + return 'Critical' + } + } catch { + Write-Error 'Could not determine issue severity' + } + } } \ No newline at end of file diff --git a/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 b/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 index 6b71f09..6ae4312 100644 --- a/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 +++ b/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 @@ -5,7 +5,7 @@ function Invoke-AsBuiltReport.Microsoft.AD { .DESCRIPTION Documents the configuration of Microsoft AD in Word/HTML/Text formats using PScribo. .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -95,323 +95,25 @@ function Invoke-AsBuiltReport.Microsoft.AD { [array]$ChildDomains = $ADSystem.Domains | Where-Object {$_ -ne $RootDomains} [string]$OrderedDomains = $RootDomains + $ChildDomains - #---------------------------------------------------------------------------------------------# - # Forest Section # - #---------------------------------------------------------------------------------------------# - Section -Style Heading1 "$($ForestInfo.toUpper())" { - Paragraph "The following section provides a summary of the Active Directory Infrastructure configuration for $($ForestInfo)." - BlankLine - Write-PScriboMessage "Forest InfoLevel set at $($InfoLevel.Forest)." - if ($InfoLevel.Forest -ge 1) { - try { - Section -Style Heading2 "Forest Configuration." { - if ($Options.ShowDefinitionInfo) { - Paragraph "The Active Directory framework that holds the objects can be viewed at a number of levels. The forest, tree, and domain are the logical divisions in an Active Directory network. At the top of the structure is the forest. A forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which users, computers, groups, and other objects are accessible." - BlankLine - } - if (!$Options.ShowDefinitionInfo) { - Paragraph "The following section provides a summary of the Active Directory Forest Information." - BlankLine - } - try { - Get-AbrADForest - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - try { - Get-AbrADSite - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - } - catch { - Write-PscriboMessage -IsWarning "Error: Unable to retreive Forest: $ForestInfo information." - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - #---------------------------------------------------------------------------------------------# - # Domain Section # - #---------------------------------------------------------------------------------------------# - - if ($InfoLevel.Domain -ge 1) { - Section -Style Heading2 "AD Domain Configuration" { - if ($Options.ShowDefinitionInfo) { - Paragraph "An Active Directory domain is a collection of objects within a Microsoft Active Directory network. An object can be a single user or a group or it can be a hardware component, such as a computer or printer.Each domain holds a database containing object identity information. Active Directory domains can be identified using a DNS name, which can be the same as an organization's public domain name, a sub-domain or an alternate version (which may end in .local)." - BlankLine - } - if (!$Options.ShowDefinitionInfo) { - Paragraph "The following section provides a summary of the Active Directory Domain Information." - BlankLine - } - - foreach ($Domain in $OrderedDomains.split(" ")) { - if ($Domain) { - # Define Filter option for Domain variable - if ($Options.Include.Domains) { - $DomainFilterOption = $Domain -in $Options.Include.Domains - - } else { - $DomainFilterOption = $Domain -notin $Options.Exclude.Domains - } - try { - if (( $DomainFilterOption ) -and (Invoke-Command -Session $TempPssSession {Get-ADDomain -Identity $using:Domain})) { - Section -Style Heading3 "$($Domain.ToString().ToUpper())" { - Paragraph "The following section provides a summary of the Active Directory Domain Information." - BlankLine - Get-AbrADDomain -Domain $Domain - Get-AbrADFSMO -Domain $Domain - Get-AbrADTrust -Domain $Domain - Get-AbrADDomainObject -Domain $Domain - if ($HealthCheck.Domain.Backup -or $HealthCheck.Domain.DFS -or $HealthCheck.Domain.SPN -or $HealthCheck.Domain.Security -or $HealthCheck.Domain.DuplicateObject) { - Section -Style Heading4 'Health Checks' { - Get-AbrADDomainLastBackup -Domain $Domain - Get-AbrADDFSHealth -Domain $Domain - if ($Domain -like $ADSystem.RootDomain) { - Get-AbrADDuplicateSPN -Domain $ADSystem.RootDomain - } - Get-AbrADSecurityAssessment -Domain $Domain - Get-AbrADKerberosAudit -Domain $Domain - Get-AbrADDuplicateObject -Domain $Domain - } - } - Section -Style Heading4 'Domain Controllers' { - if ($Options.ShowDefinitionInfo) { - Paragraph "A domain controller (DC) is a server computer that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain." - BlankLine - } - if (!$Options.ShowDefinitionInfo) { - Paragraph "The following section provides a summary of the Active Directory Domain Controllers." - BlankLine - } - $DCs = Invoke-Command -Session $TempPssSession {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object { $_ -notin ($using:Options).Exclude.DCs}} | Sort-Object + # Forest Section + Get-AbrForestSection - if ($DCs) { + # Domain Section + Get-AbrDomainSection - Get-AbrADDomainController -Domain $Domain -Dcs $DCs + # DNS Section + Get-AbrDnsSection - if ($InfoLevel.Domain -ge 2) { - Section -Style Heading5 "Roles" { - Paragraph "The following section provides a summary of installed role & features on $Domain DCs." - foreach ($DC in $DCs){ - $DCStatus = Test-Connection -ComputerName $DC -Quiet -Count 2 - if ($DCStatus -eq $false) { - Write-PScriboMessage -IsWarning "Unable to connect to $DC. Removing it from the $Domain report" - } - if (($DC -notin $Options.Exclude.DCs) -and $DCStatus) { - Get-AbrADDCRoleFeature -DC $DC - } - } - } - } - if ($HealthCheck.DomainController.Diagnostic) { - try { - Section -Style Heading5 'DC Diagnostic' { - Paragraph "The following section provides a summary of the Active Directory DC Diagnostic." - BlankLine - foreach ($DC in $DCs){ - if (($DC -notin $Options.Exclude.DCs) -and (Test-Connection -ComputerName $DC -Quiet -Count 2)) { - Get-AbrADDCDiag -Domain $Domain -DC $DC - } - } - } - } - catch { - Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation. ('DCDiag Information)" - Write-PscriboMessage -IsWarning $_.Exception.Message - continue - } - } - try { - Section -Style Heading5 "Infrastructure Services" { - Paragraph "The following section provides a summary of the Domain Controller Infrastructure services status." - foreach ($DC in $DCs){ - if (($DC -notin $Options.Exclude.DCs) -and (Test-Connection -ComputerName $DC -Quiet -Count 2)) { - Get-AbrADInfrastructureService -DC $DC - } - } - } - } - catch { - Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation. (ADInfrastructureService)" - Write-PscriboMessage -IsWarning $_.Exception.Message - continue - } - } - Get-AbrADSiteReplication -Domain $Domain - Get-AbrADGPO -Domain $Domain - Get-AbrADOU -Domain $Domain - } - } - } else { - Write-PScriboMessage "$($Domain) disabled in Exclude.Domain variable" - } - } - catch { - Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Active Directory Domain)" - continue - } - } - } - } - } - #---------------------------------------------------------------------------------------------# - # DNS Section # - #---------------------------------------------------------------------------------------------# - if ($InfoLevel.DNS -ge 1) { - Section -Style Heading2 "DNS Configuration" { - if ($Options.ShowDefinitionInfo) { - Paragraph "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols." - BlankLine - } - if (!$Options.ShowDefinitionInfo) { - Paragraph "The following section provides a summary of the Active Directory DNS Infrastructure Information." - BlankLine - } - foreach ($Domain in $OrderedDomains.split(" ")) { - if ($Domain) { - try { - # Define Filter option for Domain variable - if ($Options.Include.Domains) { - $DomainFilterOption = $Domain -in $Options.Include.Domains - - } else { - $DomainFilterOption = $Domain -notin $Options.Exclude.Domains - } - if (( $DomainFilterOption ) -and (Invoke-Command -Session $TempPssSession {Get-ADDomain $using:Domain -ErrorAction Stop})) { - Section -Style Heading3 "$($Domain.ToString().ToUpper())" { - Paragraph "The following section provides a configuration summary of the DNS service." - BlankLine - Get-AbrADDNSInfrastructure -Domain $Domain - $DCs = Invoke-Command -Session $TempPssSession {Get-ADDomain $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object { $_ -notin ($using:Options).Exclude.DCs}} - foreach ($DC in $DCs){ - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { - $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DDNSInfrastructure' - Get-AbrADDNSZone -Domain $Domain -DC $DC - } - if ($DCPssSession) { - Remove-PSSession -Session $DCPssSession - } - } - } - } else { - Write-PScriboMessage "$($Domain) disabled in Exclude.Domain variable" - } - } - catch { - Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Name System Information)" - continue - } - } - } - } - } + # PKI Section + Get-AbrPKISection - #---------------------------------------------------------------------------------------------# - # Certificate Authority Section # - #---------------------------------------------------------------------------------------------# - if ($InfoLevel.CA -ge 1) { - try { - $CurrentMachineADDomain = Get-ComputerADDomain -ErrorAction SilentlyContinue - } catch { - Write-PscriboMessage -IsWarning 'Unable to determine current AD Domain' - Write-PscriboMessage -IsWarning $_.Exception.Message - - } - if ($CurrentMachineADDomain.Name -in $ADSystem.Domains) { - Write-PScriboMessage "Current PC Domain $($CurrentMachineADDomain.Name) is in the Forrest Domain list of $($ADSystem.Name). Enabling Certificate Authority section" - try { - Write-PScriboMessage "Collecting Certification Authority information from $($System.split(".")[0])" - $Global:CAs = Get-CertificationAuthority -Enterprise - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - - if ($CAs) { - try { - Section -Style Heading2 "CA Configuration" { - if ($Options.ShowDefinitionInfo) { - Paragraph 'In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.' - BlankLine - } - if (!$Options.ShowDefinitionInfo) { - Paragraph "The following section provides a summary of the Active Directory PKI Infrastructure Information." - BlankLine - } - try { - Get-AbrADCASummary - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - if ($InfoLevel.CA -ge 2) { - try { - Get-AbrADCARoot - Get-AbrADCASubordinate - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - foreach ($CA in ($CAs | Where-Object {$_.IsAccessible -notlike 'False'}).ComputerName) { - $CAObject = Get-CertificationAuthority -Enterprise -ComputerName $CA - if ($CAObject) { - Section -Style Heading3 "$($CAObject.DisplayName) Details" { - try { - Get-AbrADCASecurity -CA $CAObject - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - try { - Get-AbrADCACryptographyConfig -CA $CAObject - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - if ($InfoLevel.CA -ge 2) { - try { - Get-AbrADCAAIA -CA $CAObject - Get-AbrADCACRLSetting -CA $CAObject - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - if ($InfoLevel.CA -ge 2) { - try { - Get-AbrADCATemplate -CA $CAObject - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - try { - Get-AbrADCAKeyRecoveryAgent -CA $CAObject - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - } - } - } - } - } - } - catch { - Write-PscriboMessage -IsWarning $_.Exception.Message - continue - } - } - } else {Write-PScriboMessage -IsWarning "Current PC Domain $($CurrentMachineADDomain.Name) is not in the Forrest Domain list of $($ADSystem.Name). Disabling Certificate Authority section" - } - } - }#endregion AD Section + # Remove used PSSession Write-PscriboMessage "Clearing PowerShell Session $($TempPssSession.Id)" Remove-PSSession -Session $TempPssSession + + # Remove used CIMSession Write-PscriboMessage "Clearing CIM Session $($TempCIMSession.Id)" Remove-CIMSession -CimSession $TempCIMSession + }#endregion foreach loop } From 0b710d22c1013c5a1a885c3ed6f8b9950c432e17 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 3 Oct 2023 09:52:30 -0400 Subject: [PATCH 09/13] Improved verbose logging --- Src/Private/Get-AbrADCARoot.ps1 | 2 -- Src/Private/Get-AbrADCASubordinate.ps1 | 1 + Src/Private/Get-AbrADCASummary.ps1 | 1 - Src/Private/Get-AbrADDCDiag.ps1 | 3 ++- Src/Private/Get-AbrADDCRoleFeature.ps1 | 4 ---- Src/Private/Get-AbrADDFSHealth.ps1 | 6 ++++++ Src/Private/Get-AbrADDNSZone.ps1 | 12 ++++++++++++ Src/Private/Get-AbrADDomainLastBackup.ps1 | 2 ++ Src/Private/Get-AbrADDuplicateObject.ps1 | 2 ++ Src/Private/Get-AbrADDuplicateSPN.ps1 | 2 ++ Src/Private/Get-AbrADForest.ps1 | 6 ++++++ Src/Private/Get-AbrADGPO.ps1 | 16 ++++++++++++++++ Src/Private/Get-AbrADInfrastructureService.ps1 | 2 ++ Src/Private/Get-AbrADKerberosAudit.ps1 | 6 ++++++ Src/Private/Get-AbrADOU.ps1 | 2 ++ Src/Private/Get-AbrADSecurityAssessment.ps1 | 8 ++++++++ Src/Private/Get-AbrADSite.ps1 | 16 ++++++++++++++-- Src/Private/Get-AbrADSiteReplication.ps1 | 5 ++++- Src/Private/Get-AbrADTrust.ps1 | 2 ++ 19 files changed, 87 insertions(+), 11 deletions(-) diff --git a/Src/Private/Get-AbrADCARoot.ps1 b/Src/Private/Get-AbrADCARoot.ps1 index e7b66fa..852c823 100644 --- a/Src/Private/Get-AbrADCARoot.ps1 +++ b/Src/Private/Get-AbrADCARoot.ps1 @@ -24,8 +24,6 @@ function Get-AbrADCARoot { process { try { - Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())." - Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." if ($CAs | Where-Object {$_.IsRoot -like 'True'}) { Section -Style Heading2 "Enterprise Root Certificate Authority" { Paragraph "The following section provides the Enterprise Root CA information." diff --git a/Src/Private/Get-AbrADCASubordinate.ps1 b/Src/Private/Get-AbrADCASubordinate.ps1 index 8927dca..3226f1a 100644 --- a/Src/Private/Get-AbrADCASubordinate.ps1 +++ b/Src/Private/Get-AbrADCASubordinate.ps1 @@ -50,6 +50,7 @@ function Get-AbrADCASubordinate { if ($HealthCheck.CA.Status) { $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status' + $OutObj | Where-Object { $_.'Auditing' -notlike 'Running'} | Set-Style -Style Critical -Property 'Auditing' } $TableParams = @{ diff --git a/Src/Private/Get-AbrADCASummary.ps1 b/Src/Private/Get-AbrADCASummary.ps1 index f0ff697..0da6cb6 100644 --- a/Src/Private/Get-AbrADCASummary.ps1 +++ b/Src/Private/Get-AbrADCASummary.ps1 @@ -25,7 +25,6 @@ function Get-AbrADCASummary { process { $OutObj = @() if ($ForestInfo) { - Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())." foreach ($CA in $CAs) { Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." try { diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1 index 61cbede..936cbb2 100644 --- a/Src/Private/Get-AbrADDCDiag.ps1 +++ b/Src/Private/Get-AbrADDCDiag.ps1 @@ -32,7 +32,6 @@ function Get-AbrADDCDiag { process { if ($DC) { try { - Write-PscriboMessage "Discovering Active Directory DCDiag information for DC $DC." $DCDIAG = Invoke-DcDiag -DomainController $DC if ($DCDIAG) { Section -ExcludeFromTOC -Style NOTOCHeading4 $($DC.ToString().split('.')[0].ToUpper()) { @@ -90,6 +89,8 @@ function Get-AbrADDCDiag { } $OutObj | Sort-Object -Property 'Entity' | Table @TableParams } + } else { + Write-PscriboMessage "No DCDiag information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADDCRoleFeature.ps1 b/Src/Private/Get-AbrADDCRoleFeature.ps1 index 250cf4b..d3acbdc 100644 --- a/Src/Private/Get-AbrADDCRoleFeature.ps1 +++ b/Src/Private/Get-AbrADDCRoleFeature.ps1 @@ -28,11 +28,9 @@ function Get-AbrADDCRoleFeature { } process { - Write-PscriboMessage "Collecting AD Domain Controller Role & Features information for domain $Domain" try { $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'ADDCRoleFeature' if ($DCPssSession) { - Write-PscriboMessage "Discovered Active Directory DC Role & Features information of $DC." Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() $Features = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-WindowsFeature | Where-Object {$_.installed -eq "True" -and $_.FeatureType -eq 'Role'}} @@ -53,9 +51,7 @@ function Get-AbrADDCRoleFeature { } if ($HealthCheck.DomainController.BestPractice) { - $OutObj | Where-Object {$_.'Name' -notin @('Active Directory Domain Services','DNS Server','File and Storage Services','DHCP Server')} | Set-Style -Style Warning - } $TableParams = @{ diff --git a/Src/Private/Get-AbrADDFSHealth.ps1 b/Src/Private/Get-AbrADDFSHealth.ps1 index ce52ebe..5d9ca31 100644 --- a/Src/Private/Get-AbrADDFSHealth.ps1 +++ b/Src/Private/Get-AbrADDFSHealth.ps1 @@ -96,6 +96,8 @@ function Get-AbrADDFSHealth { BlankLine } } + } else { + Write-PscriboMessage "No DFS information found, disabling section" } } catch { @@ -155,6 +157,8 @@ function Get-AbrADDFSHealth { } } } + } else { + Write-PscriboMessage "No SYSVOL folder information found, disabling section" } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession @@ -217,6 +221,8 @@ function Get-AbrADDFSHealth { } } } + } else { + Write-PscriboMessage "No NETLOGON folder information found, disabling section" } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADDNSZone.ps1 b/Src/Private/Get-AbrADDNSZone.ps1 index e384171..5f1acfd 100644 --- a/Src/Private/Get-AbrADDNSZone.ps1 +++ b/Src/Private/Get-AbrADDNSZone.ps1 @@ -88,12 +88,16 @@ function Get-AbrADDNSZone { Write-PscriboMessage -IsWarning $($_.Exception.Message) } } + } else { + Write-PscriboMessage "No Zone Delegation information found, disabling section" } } catch { Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Delegation Item)" } } + } else { + Write-PscriboMessage "No Zone Delegation information found, disabling section" } if ($OutObj) { @@ -166,6 +170,8 @@ function Get-AbrADDNSZone { } } } + } else { + Write-PscriboMessage "No Zone Transfer information found, disabling section" } } catch { @@ -207,6 +213,8 @@ function Get-AbrADDNSZone { } $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } + } else { + Write-PscriboMessage "No Reverse lookup zone information found, disabling section" } } catch { @@ -245,6 +253,8 @@ function Get-AbrADDNSZone { } $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } + } else { + Write-PscriboMessage "No Conditional forwarder zone information found, disabling section" } } catch { @@ -300,6 +310,8 @@ function Get-AbrADDNSZone { } } } + } else { + Write-PscriboMessage "No Zone Aging property information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADDomainLastBackup.ps1 b/Src/Private/Get-AbrADDomainLastBackup.ps1 index 8e412c4..fef0bdf 100644 --- a/Src/Private/Get-AbrADDomainLastBackup.ps1 +++ b/Src/Private/Get-AbrADDomainLastBackup.ps1 @@ -78,6 +78,8 @@ function Get-AbrADDomainLastBackup { } } } + } else { + Write-PscriboMessage "No Naming context last backup information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADDuplicateObject.ps1 b/Src/Private/Get-AbrADDuplicateObject.ps1 index 406adeb..adf74f1 100644 --- a/Src/Private/Get-AbrADDuplicateObject.ps1 +++ b/Src/Private/Get-AbrADDuplicateObject.ps1 @@ -74,6 +74,8 @@ function Get-AbrADDuplicateObject { Text "Ensure there aren't any duplicate object." } } + } else { + Write-PscriboMessage "No Duplicate object information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADDuplicateSPN.ps1 b/Src/Private/Get-AbrADDuplicateSPN.ps1 index 148577d..6783f88 100644 --- a/Src/Private/Get-AbrADDuplicateSPN.ps1 +++ b/Src/Private/Get-AbrADDuplicateSPN.ps1 @@ -75,6 +75,8 @@ function Get-AbrADDuplicateSPN { } } } + } else { + Write-PscriboMessage "No Duplicate SPN information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADForest.ps1 b/Src/Private/Get-AbrADForest.ps1 index a6e4bd0..5a33358 100644 --- a/Src/Private/Get-AbrADForest.ps1 +++ b/Src/Private/Get-AbrADForest.ps1 @@ -166,6 +166,8 @@ function Get-AbrADForest { } } } + } else { + Write-PscriboMessage "No Certificate Authority Root information found, disabling section" } Write-PscriboMessage "Discovering certificate authority issuers on forest $ForestInfo." $ConfigNCDN = $Data.PartitionsContainer.Split(',') | Select-Object -Skip 1 @@ -198,6 +200,8 @@ function Get-AbrADForest { } $OutObj | Sort-Object -Property 'Name' | Table @TableParams } + } else { + Write-PscriboMessage "No Certificate Authority Issuer information found, disabling section" } } } @@ -257,6 +261,8 @@ function Get-AbrADForest { } } + } else { + Write-PscriboMessage "No Optional Feature information found, disabling section" } } } diff --git a/Src/Private/Get-AbrADGPO.ps1 b/Src/Private/Get-AbrADGPO.ps1 index 70a80e7..5dcc73e 100644 --- a/Src/Private/Get-AbrADGPO.ps1 +++ b/Src/Private/Get-AbrADGPO.ps1 @@ -238,6 +238,8 @@ function Get-AbrADGPO { $OutObj | Table @TableParams } } + } else { + Write-PscriboMessage "No WMI Filter information found, disabling section" } } catch { @@ -281,6 +283,8 @@ function Get-AbrADGPO { } } } + } else { + Write-PscriboMessage "No GPO Central Store information found, disabling section" } } catch { @@ -334,6 +338,8 @@ function Get-AbrADGPO { } $OutObj | Sort-Object -Property 'GPO Name' | Table @TableParams } + } else { + Write-PscriboMessage "No GPO Logon/Logoff script information found, disabling section" } } catch { @@ -388,6 +394,8 @@ function Get-AbrADGPO { $OutObj | Sort-Object -Property 'GPO Name' | Table @TableParams } + } else { + Write-PscriboMessage "No GPO Computer Startup/Shutdown script information found, disabling section" } } catch { @@ -442,6 +450,8 @@ function Get-AbrADGPO { Text "Remove Unused GPO from Active Directory." } } + } else { + Write-PscriboMessage "No Unlinked Group Policy Objects information found, disabling section" } } catch { @@ -493,6 +503,8 @@ function Get-AbrADGPO { Text "No User and Computer parameters are set: Remove Unused GPO in Active Directory." } } + } else { + Write-PscriboMessage "No Empty GPO information found, disabling section" } } catch { @@ -550,6 +562,8 @@ function Get-AbrADGPO { } } + } else { + Write-PscriboMessage "No Enforced GPO information found, disabling section" } } catch { @@ -649,6 +663,8 @@ function Get-AbrADGPO { } } } + } else { + Write-PscriboMessage "No Orphaned GPO information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADInfrastructureService.ps1 b/Src/Private/Get-AbrADInfrastructureService.ps1 index 94d4728..d516271 100644 --- a/Src/Private/Get-AbrADInfrastructureService.ps1 +++ b/Src/Private/Get-AbrADInfrastructureService.ps1 @@ -80,6 +80,8 @@ function Get-AbrADInfrastructureService { } } } + } else { + Write-PscriboMessage "No Infrastructure Services Status information found, disabling section" } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADKerberosAudit.ps1 b/Src/Private/Get-AbrADKerberosAudit.ps1 index 7a957ae..8821d4e 100644 --- a/Src/Private/Get-AbrADKerberosAudit.ps1 +++ b/Src/Private/Get-AbrADKerberosAudit.ps1 @@ -73,6 +73,8 @@ function Get-AbrADKerberosAudit { Text "Ensure there aren't any unconstrained kerberos delegation in Active Directory." } } + } else { + Write-PscriboMessage "No Unconstrained Kerberos Delegation information found, disabling section" } try { $KRBTGT = $Users | Where-Object {$_.Name -eq 'krbtgt'} @@ -117,6 +119,8 @@ function Get-AbrADKerberosAudit { Text "Microsoft advises changing the krbtgt account password at regular intervals to keep the environment more secure." } } + } else { + Write-PscriboMessage "No KRBTGT Account Audit information found, disabling section" } } catch { @@ -167,6 +171,8 @@ function Get-AbrADKerberosAudit { Text "Microsoft advises changing the administrator account password at regular intervals to keep the environment more secure." } } + } else { + Write-PscriboMessage "No Administrator Account Audit information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADOU.ps1 b/Src/Private/Get-AbrADOU.ps1 index 6d28635..5474cd5 100644 --- a/Src/Private/Get-AbrADOU.ps1 +++ b/Src/Private/Get-AbrADOU.ps1 @@ -144,6 +144,8 @@ function Get-AbrADOU { } } } + } else { + Write-PscriboMessage "No Organizational Units information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADSecurityAssessment.ps1 b/Src/Private/Get-AbrADSecurityAssessment.ps1 index a8ccca1..7a78047 100644 --- a/Src/Private/Get-AbrADSecurityAssessment.ps1 +++ b/Src/Private/Get-AbrADSecurityAssessment.ps1 @@ -145,6 +145,8 @@ function Get-AbrADSecurityAssessment { Text "Ensure there aren't any account with weak security posture."} } } + } else { + Write-PscriboMessage "No Domain users information found, disabling section" } } catch { @@ -200,6 +202,8 @@ function Get-AbrADSecurityAssessment { Text "Ensure there aren't any account with weak security posture." } } + } else { + Write-PscriboMessage "No Privileged User Assessment information found, disabling section" } } catch { @@ -259,6 +263,8 @@ function Get-AbrADSecurityAssessment { Text "Unused or underutilized accounts in highly privileged groups, outside of any break-glass emergency accounts like the default Administrator account, should have their AD Admin privileges removed." } } + } else { + Write-PscriboMessage "No Inactive Privileged Accounts information found, disabling section" } } catch { @@ -323,6 +329,8 @@ function Get-AbrADSecurityAssessment { } } } + } else { + Write-PscriboMessage "No Service Accounts Assessment information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADSite.ps1 b/Src/Private/Get-AbrADSite.ps1 index a515cad..47e23e1 100644 --- a/Src/Private/Get-AbrADSite.ps1 +++ b/Src/Private/Get-AbrADSite.ps1 @@ -5,7 +5,7 @@ function Get-AbrADSite { .DESCRIPTION .NOTES - Version: 0.7.14 + Version: 0.7.15 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -28,7 +28,6 @@ function Get-AbrADSite { if ($Site) { Section -Style Heading3 'Sites' { $OutObj = @() - Write-PscriboMessage "Discovered Active Directory Sites information of forest $ForestInfo" foreach ($Item in $Site) { try { Write-PscriboMessage "Collecting '$($Item.Name)' Site" @@ -84,6 +83,7 @@ function Get-AbrADSite { BlankLine if ($OutObj | Where-Object { $_.'Subnets' -eq 'No subnet assigned'}) { Paragraph { + Write-PscriboMessage "Discovered Active Directory Sites information of forest $ForestInfo" Text -Bold "Corrective Actions:" Text "Ensure Sites have an associated subnet. If subnets are not associated with AD Sites users in the AD Sites might choose a remote domain controller for authentication which in turn might result in excessive use of a remote domain controller."} } @@ -146,6 +146,8 @@ function Get-AbrADSite { } } } + } else { + Write-PscriboMessage "No Connection Objects information found, disabling section" } } catch { @@ -273,6 +275,8 @@ function Get-AbrADSite { BlankLine } } + } else { + Write-PscriboMessage "No Missing Subnets in AD information found, disabling section" } } catch { @@ -280,6 +284,8 @@ function Get-AbrADSite { } } } + } else { + Write-PscriboMessage "No Site Subnets information found, disabling section" } } catch { @@ -370,6 +376,8 @@ function Get-AbrADSite { } } } + } else { + Write-PscriboMessage "No Site Links information found, disabling section" } } catch { @@ -452,12 +460,16 @@ function Get-AbrADSite { BlankLine } } + } else { + Write-PscriboMessage "No Sysvol Replication information found, disabling section" } } catch { Write-PscriboMessage -IsWarning "Sysvol Replication Table Section: $($_.Exception.Message)" } } + } else { + Write-PscriboMessage "No Sites information found, disabling section" } } catch { diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index 2b89ee3..469b29b 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -28,7 +28,6 @@ function Get-AbrADSiteReplication { } process { - Write-PscriboMessage "Collecting AD Domain Sites Replication Summary. (Sites Replication Connection)" $DCs = Invoke-Command -Session $TempPssSession -ScriptBlock {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers} if ($DCs) { Write-PscriboMessage "Discovering Active Directory Sites Replication information on $Domain. (Sites Replication)" @@ -114,6 +113,8 @@ function Get-AbrADSiteReplication { $ReplInfo | Sort-Object -Property 'Replicate From Directory Server' | Table @TableParams } } + } else { + Write-PscriboMessage "No Replication Connection information found, disabling section" } } catch { @@ -172,6 +173,8 @@ function Get-AbrADSiteReplication { BlankLine } } + } else { + Write-PscriboMessage "No Replication Status information found, disabling section" } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADTrust.ps1 b/Src/Private/Get-AbrADTrust.ps1 index c3daebc..b6095de 100644 --- a/Src/Private/Get-AbrADTrust.ps1 +++ b/Src/Private/Get-AbrADTrust.ps1 @@ -87,6 +87,8 @@ function Get-AbrADTrust { $TrustInfo | Table @TableParams } } + } else { + Write-PscriboMessage "No Domain Trust information found, disabling section" } } catch { From e7972f206faf4c570c2ed988f16ff8d55d32b851 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 3 Oct 2023 10:06:25 -0400 Subject: [PATCH 10/13] More verbose loging improvements --- Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 | 1 - Src/Private/Get-AbrADCASubordinate.ps1 | 2 +- Src/Private/Get-AbrADCASummary.ps1 | 1 - Src/Private/Get-AbrADCATemplate.ps1 | 1 - Src/Private/Get-AbrADDFSHealth.ps1 | 1 - Src/Private/Get-AbrADDomainController.ps1 | 6 +----- Src/Private/Get-AbrADInfrastructureService.ps1 | 1 - Src/Private/Get-AbrADOU.ps1 | 2 -- Src/Private/Get-AbrADSiteReplication.ps1 | 1 - Src/Private/Get-AbrADTrust.ps1 | 1 - 10 files changed, 2 insertions(+), 15 deletions(-) diff --git a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 index de3954a..760d92b 100644 --- a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 +++ b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 @@ -31,7 +31,6 @@ function Get-AbrADCAKeyRecoveryAgent { try { $KRA = Get-CAKRACertificate -CertificationAuthority $CA if ($KRA.Certificate) { - Write-PscriboMessage "Collecting Key Recovery Agent Certificate Certificate information of $($KRA.DisplayName)." $inObj = [ordered] @{ 'CA Name' = $KRA.DisplayName 'Server Name' = $KRA.ComputerName.ToString().ToUpper().Split(".")[0] diff --git a/Src/Private/Get-AbrADCASubordinate.ps1 b/Src/Private/Get-AbrADCASubordinate.ps1 index 3226f1a..a5d014a 100644 --- a/Src/Private/Get-AbrADCASubordinate.ps1 +++ b/Src/Private/Get-AbrADCASubordinate.ps1 @@ -24,7 +24,7 @@ function Get-AbrADCASubordinate { process { try { - Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())." + Write-PscriboMessage "Discovering Active Directory CA Enterprise Subordinate information in $($ForestInfo.toUpper())." if ($CAs | Where-Object {$_.IsRoot -like 'False'}) { Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." Section -Style Heading2 "Enterprise Subordinate Certificate Authority" { diff --git a/Src/Private/Get-AbrADCASummary.ps1 b/Src/Private/Get-AbrADCASummary.ps1 index 0da6cb6..ca9e35c 100644 --- a/Src/Private/Get-AbrADCASummary.ps1 +++ b/Src/Private/Get-AbrADCASummary.ps1 @@ -26,7 +26,6 @@ function Get-AbrADCASummary { $OutObj = @() if ($ForestInfo) { foreach ($CA in $CAs) { - Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo." try { Write-PscriboMessage "Collecting AD Certification Authority Summary information of $($CA.DisplayName)." $inObj = [ordered] @{ diff --git a/Src/Private/Get-AbrADCATemplate.ps1 b/Src/Private/Get-AbrADCATemplate.ps1 index 32a8306..e7b1619 100644 --- a/Src/Private/Get-AbrADCATemplate.ps1 +++ b/Src/Private/Get-AbrADCATemplate.ps1 @@ -114,7 +114,6 @@ function Get-AbrADCATemplate { Paragraph "The following section provides registered certificate templates from Active Directory." BlankLine $OutObj = @() - Write-PscriboMessage "Discovered '$(($Templates | Measure-Object).Count)' Certification Authority Template in domain $ForestInfo." foreach ($Template in $Templates) { try { Write-PscriboMessage "Collecting $($Template.DisplayName) Certificate Template In Active Directory." diff --git a/Src/Private/Get-AbrADDFSHealth.ps1 b/Src/Private/Get-AbrADDFSHealth.ps1 index 5d9ca31..426ac94 100644 --- a/Src/Private/Get-AbrADDFSHealth.ps1 +++ b/Src/Private/Get-AbrADDFSHealth.ps1 @@ -41,7 +41,6 @@ function Get-AbrADDFSHealth { $OutObj = @() foreach ($DCStatus in $DFS) { try { - Write-PscriboMessage "Collecting DFS information from $($Domain)." $inObj = [ordered] @{ 'DC Name' = $DCStatus.DomainController 'Replication Status' = $DCStatus.ReplicationState diff --git a/Src/Private/Get-AbrADDomainController.ps1 b/Src/Private/Get-AbrADDomainController.ps1 index 8af831f..6a2a059 100644 --- a/Src/Private/Get-AbrADDomainController.ps1 +++ b/Src/Private/Get-AbrADDomainController.ps1 @@ -86,7 +86,6 @@ function Get-AbrADDomainController { Section -Style Heading4 'Hardware Inventory' { Paragraph "The following section provides detailed Domain Controller hardware information for domain $($Domain.ToString().ToUpper())." BlankLine - Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." $DCHWInfo = @() foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { @@ -182,7 +181,7 @@ function Get-AbrADDomainController { Text "Best Practice:" -Bold Text "Microsoft recommend putting enough RAM 8GB+ to load the entire DIT into memory, plus accommodate the operating system and other installed applications, such as anti-virus, backup software, monitoring, and so on." } - } + } } } } @@ -297,7 +296,6 @@ function Get-AbrADDomainController { Write-PscriboMessage "Collecting AD Domain Controller NTDS information." Section -Style Heading4 'NTDS Information' { $OutObj = @() - Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { try { @@ -343,7 +341,6 @@ function Get-AbrADDomainController { Write-PscriboMessage "Collecting AD Domain Controller Time Source information." Section -Style Heading4 'Time Source Information' { $OutObj = @() - Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { try { @@ -577,7 +574,6 @@ function Get-AbrADDomainController { if ($HealthCheck.DomainController.Software) { try { Write-PscriboMessage "Collecting additional software running on the Domain Controller." - Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain." $DCObj = @() $DCObj += foreach ($DC in $DCs) { if (Test-Connection -ComputerName $DC -Quiet -Count 2) { diff --git a/Src/Private/Get-AbrADInfrastructureService.ps1 b/Src/Private/Get-AbrADInfrastructureService.ps1 index d516271..fa737fc 100644 --- a/Src/Private/Get-AbrADInfrastructureService.ps1 +++ b/Src/Private/Get-AbrADInfrastructureService.ps1 @@ -28,7 +28,6 @@ function Get-AbrADInfrastructureService { } process { - Write-PscriboMessage "Discovering AD Domain Controller Infrastructure Services information for $DC." try { $DCPssSession = New-PSSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllerInfrastructureServices' $Available = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-Service "W32Time" | Select-Object DisplayName, Name, Status} diff --git a/Src/Private/Get-AbrADOU.ps1 b/Src/Private/Get-AbrADOU.ps1 index 5474cd5..2661854 100644 --- a/Src/Private/Get-AbrADOU.ps1 +++ b/Src/Private/Get-AbrADOU.ps1 @@ -30,7 +30,6 @@ function Get-AbrADOU { process { try { $DC = Invoke-Command -Session $TempPssSession -ScriptBlock {Get-ADDomainController -Discover -Domain $using:Domain | Select-Object -ExpandProperty HostName} - Write-PscriboMessage "Discovered Active Directory Organizational Unit information on DC $DC. (Organizational Unit)" $OUs = Invoke-Command -Session $TempPssSession -ScriptBlock {Get-ADOrganizationalUnit -Server $using:DC -Properties * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName -Filter *} if ($OUs) { Section -Style Heading3 "Organizational Units" { @@ -89,7 +88,6 @@ function Get-AbrADOU { try { $OutObj = @() $DC = Invoke-Command -Session $TempPssSession {(Get-ADDomain -Identity $using:Domain).ReplicaDirectoryServers | Select-Object -First 1} - Write-PscriboMessage "Discovered Active Directory Domain Controller $DC in $Domain. (Group Policy Objects)" $OUs = Invoke-Command -Session $TempPssSession -ScriptBlock {Get-ADOrganizationalUnit -Server $using:DC -Filter * | Select-Object -Property DistinguishedName} if ($OUs) { Write-PscriboMessage "Discovered Active Directory Group Policy Objects information on $Domain. (Group Policy Objects)" diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index 469b29b..a9a2df6 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -24,7 +24,6 @@ function Get-AbrADSiteReplication { ) begin { - Write-PscriboMessage "Collecting AD Domain Sites Replication information." } process { diff --git a/Src/Private/Get-AbrADTrust.ps1 b/Src/Private/Get-AbrADTrust.ps1 index b6095de..fdbcd7e 100644 --- a/Src/Private/Get-AbrADTrust.ps1 +++ b/Src/Private/Get-AbrADTrust.ps1 @@ -36,7 +36,6 @@ function Get-AbrADTrust { if ($Trusts) { Section -Style Heading3 'Domain and Trusts' { $TrustInfo = @() - Write-PScriboMessage "Discovered created trusts in domain $Domain" foreach ($Trust in $Trusts) { try { Write-PscriboMessage "Collecting Active Directory Domain Trust information from $($Trust.Name)" From 407617cda6b31667e3084666ecbf73eb9566faba Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 3 Oct 2023 10:10:29 -0400 Subject: [PATCH 11/13] Updated changelog --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a9c6a94..4e0601b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # :arrows_clockwise: Microsoft AD As Built Report Changelog +## [0.7.15] - 2023-10-03 + +### Changed + +- Improved verbose logging +- Improved PKI Section + ## [0.7.14] - 2023-07-25 ### Fixed From 66ceaed55b2e90c08e8125795c4310317abc5368 Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 3 Oct 2023 11:24:08 -0400 Subject: [PATCH 12/13] More verbose logging improvements --- Src/Private/Get-AbrADDCDiag.ps1 | 2 +- Src/Private/Get-AbrADDFSHealth.ps1 | 6 +++--- Src/Private/Get-AbrADDNSZone.ps1 | 12 ++++++------ Src/Private/Get-AbrADDomainLastBackup.ps1 | 2 +- Src/Private/Get-AbrADDuplicateObject.ps1 | 2 +- Src/Private/Get-AbrADDuplicateSPN.ps1 | 2 +- Src/Private/Get-AbrADForest.ps1 | 6 +++--- Src/Private/Get-AbrADGPO.ps1 | 16 ++++++++-------- Src/Private/Get-AbrADInfrastructureService.ps1 | 2 +- Src/Private/Get-AbrADKerberosAudit.ps1 | 6 +++--- Src/Private/Get-AbrADOU.ps1 | 2 +- Src/Private/Get-AbrADSecurityAssessment.ps1 | 8 ++++---- Src/Private/Get-AbrADSite.ps1 | 12 ++++++------ Src/Private/Get-AbrADSiteReplication.ps1 | 4 ++-- Src/Private/Get-AbrADTrust.ps1 | 2 +- 15 files changed, 42 insertions(+), 42 deletions(-) diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1 index 936cbb2..6f3f742 100644 --- a/Src/Private/Get-AbrADDCDiag.ps1 +++ b/Src/Private/Get-AbrADDCDiag.ps1 @@ -90,7 +90,7 @@ function Get-AbrADDCDiag { $OutObj | Sort-Object -Property 'Entity' | Table @TableParams } } else { - Write-PscriboMessage "No DCDiag information found, disabling section" + Write-PscriboMessage -IsWarning "No DCDiag information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADDFSHealth.ps1 b/Src/Private/Get-AbrADDFSHealth.ps1 index 426ac94..8918eed 100644 --- a/Src/Private/Get-AbrADDFSHealth.ps1 +++ b/Src/Private/Get-AbrADDFSHealth.ps1 @@ -96,7 +96,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage "No DFS information found, disabling section" + Write-PscriboMessage -IsWarning "No DFS information found, disabling section." } } catch { @@ -157,7 +157,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage "No SYSVOL folder information found, disabling section" + Write-PscriboMessage -IsWarning "No SYSVOL folder information found, disabling section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession @@ -221,7 +221,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage "No NETLOGON folder information found, disabling section" + Write-PscriboMessage -IsWarning "No NETLOGON folder information found, disabling section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADDNSZone.ps1 b/Src/Private/Get-AbrADDNSZone.ps1 index 5f1acfd..8b13514 100644 --- a/Src/Private/Get-AbrADDNSZone.ps1 +++ b/Src/Private/Get-AbrADDNSZone.ps1 @@ -89,7 +89,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage "No Zone Delegation information found, disabling section" + Write-PscriboMessage -IsWarning "No Zone Delegation information found, disabling section." } } catch { @@ -97,7 +97,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage "No Zone Delegation information found, disabling section" + Write-PscriboMessage -IsWarning "No Zone Delegation information found, disabling section." } if ($OutObj) { @@ -171,7 +171,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage "No Zone Transfer information found, disabling section" + Write-PscriboMessage -IsWarning "No Zone Transfer information found, disabling section." } } catch { @@ -214,7 +214,7 @@ function Get-AbrADDNSZone { $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } } else { - Write-PscriboMessage "No Reverse lookup zone information found, disabling section" + Write-PscriboMessage -IsWarning "No Reverse lookup zone information found, disabling section." } } catch { @@ -254,7 +254,7 @@ function Get-AbrADDNSZone { $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } } else { - Write-PscriboMessage "No Conditional forwarder zone information found, disabling section" + Write-PscriboMessage -IsWarning "No Conditional forwarder zone information found, disabling section." } } catch { @@ -311,7 +311,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage "No Zone Aging property information found, disabling section" + Write-PscriboMessage -IsWarning "No Zone Aging property information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADDomainLastBackup.ps1 b/Src/Private/Get-AbrADDomainLastBackup.ps1 index fef0bdf..e8445f0 100644 --- a/Src/Private/Get-AbrADDomainLastBackup.ps1 +++ b/Src/Private/Get-AbrADDomainLastBackup.ps1 @@ -79,7 +79,7 @@ function Get-AbrADDomainLastBackup { } } } else { - Write-PscriboMessage "No Naming context last backup information found, disabling section" + Write-PscriboMessage -IsWarning "No Naming context last backup information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADDuplicateObject.ps1 b/Src/Private/Get-AbrADDuplicateObject.ps1 index adf74f1..5044bf9 100644 --- a/Src/Private/Get-AbrADDuplicateObject.ps1 +++ b/Src/Private/Get-AbrADDuplicateObject.ps1 @@ -75,7 +75,7 @@ function Get-AbrADDuplicateObject { } } } else { - Write-PscriboMessage "No Duplicate object information found, disabling section" + Write-PscriboMessage -IsWarning "No Duplicate object information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADDuplicateSPN.ps1 b/Src/Private/Get-AbrADDuplicateSPN.ps1 index 6783f88..0bcb964 100644 --- a/Src/Private/Get-AbrADDuplicateSPN.ps1 +++ b/Src/Private/Get-AbrADDuplicateSPN.ps1 @@ -76,7 +76,7 @@ function Get-AbrADDuplicateSPN { } } } else { - Write-PscriboMessage "No Duplicate SPN information found, disabling section" + Write-PscriboMessage -IsWarning "No Duplicate SPN information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADForest.ps1 b/Src/Private/Get-AbrADForest.ps1 index 5a33358..1b3db65 100644 --- a/Src/Private/Get-AbrADForest.ps1 +++ b/Src/Private/Get-AbrADForest.ps1 @@ -167,7 +167,7 @@ function Get-AbrADForest { } } } else { - Write-PscriboMessage "No Certificate Authority Root information found, disabling section" + Write-PscriboMessage -IsWarning "No Certificate Authority Root information found, disabling section." } Write-PscriboMessage "Discovering certificate authority issuers on forest $ForestInfo." $ConfigNCDN = $Data.PartitionsContainer.Split(',') | Select-Object -Skip 1 @@ -201,7 +201,7 @@ function Get-AbrADForest { $OutObj | Sort-Object -Property 'Name' | Table @TableParams } } else { - Write-PscriboMessage "No Certificate Authority Issuer information found, disabling section" + Write-PscriboMessage -IsWarning "No Certificate Authority Issuer information found, disabling section." } } } @@ -262,7 +262,7 @@ function Get-AbrADForest { } } } else { - Write-PscriboMessage "No Optional Feature information found, disabling section" + Write-PscriboMessage -IsWarning "No Optional Feature information found, disabling section." } } } diff --git a/Src/Private/Get-AbrADGPO.ps1 b/Src/Private/Get-AbrADGPO.ps1 index 5dcc73e..336dcc8 100644 --- a/Src/Private/Get-AbrADGPO.ps1 +++ b/Src/Private/Get-AbrADGPO.ps1 @@ -239,7 +239,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage "No WMI Filter information found, disabling section" + Write-PscriboMessage -IsWarning "No WMI Filter information found, disabling section." } } catch { @@ -284,7 +284,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage "No GPO Central Store information found, disabling section" + Write-PscriboMessage -IsWarning "No GPO Central Store information found, disabling section." } } catch { @@ -339,7 +339,7 @@ function Get-AbrADGPO { $OutObj | Sort-Object -Property 'GPO Name' | Table @TableParams } } else { - Write-PscriboMessage "No GPO Logon/Logoff script information found, disabling section" + Write-PscriboMessage -IsWarning "No GPO Logon/Logoff script information found, disabling section." } } catch { @@ -395,7 +395,7 @@ function Get-AbrADGPO { } } else { - Write-PscriboMessage "No GPO Computer Startup/Shutdown script information found, disabling section" + Write-PscriboMessage -IsWarning "No GPO Computer Startup/Shutdown script information found, disabling section." } } catch { @@ -451,7 +451,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage "No Unlinked Group Policy Objects information found, disabling section" + Write-PscriboMessage -IsWarning "No Unlinked Group Policy Objects information found, disabling section." } } catch { @@ -504,7 +504,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage "No Empty GPO information found, disabling section" + Write-PscriboMessage -IsWarning "No Empty GPO information found, disabling section." } } catch { @@ -563,7 +563,7 @@ function Get-AbrADGPO { } } else { - Write-PscriboMessage "No Enforced GPO information found, disabling section" + Write-PscriboMessage -IsWarning "No Enforced GPO information found, disabling section." } } catch { @@ -664,7 +664,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage "No Orphaned GPO information found, disabling section" + Write-PscriboMessage -IsWarning "No Orphaned GPO information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADInfrastructureService.ps1 b/Src/Private/Get-AbrADInfrastructureService.ps1 index fa737fc..61a2de7 100644 --- a/Src/Private/Get-AbrADInfrastructureService.ps1 +++ b/Src/Private/Get-AbrADInfrastructureService.ps1 @@ -80,7 +80,7 @@ function Get-AbrADInfrastructureService { } } } else { - Write-PscriboMessage "No Infrastructure Services Status information found, disabling section" + Write-PscriboMessage -IsWarning "No Infrastructure Services Status information found, disabling section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADKerberosAudit.ps1 b/Src/Private/Get-AbrADKerberosAudit.ps1 index 8821d4e..fdca26d 100644 --- a/Src/Private/Get-AbrADKerberosAudit.ps1 +++ b/Src/Private/Get-AbrADKerberosAudit.ps1 @@ -74,7 +74,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage "No Unconstrained Kerberos Delegation information found, disabling section" + Write-PscriboMessage -IsWarning "No Unconstrained Kerberos Delegation information found, disabling section." } try { $KRBTGT = $Users | Where-Object {$_.Name -eq 'krbtgt'} @@ -120,7 +120,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage "No KRBTGT Account Audit information found, disabling section" + Write-PscriboMessage -IsWarning "No KRBTGT Account Audit information found, disabling section." } } catch { @@ -172,7 +172,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage "No Administrator Account Audit information found, disabling section" + Write-PscriboMessage -IsWarning "No Administrator Account Audit information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADOU.ps1 b/Src/Private/Get-AbrADOU.ps1 index 2661854..38d8542 100644 --- a/Src/Private/Get-AbrADOU.ps1 +++ b/Src/Private/Get-AbrADOU.ps1 @@ -143,7 +143,7 @@ function Get-AbrADOU { } } } else { - Write-PscriboMessage "No Organizational Units information found, disabling section" + Write-PscriboMessage -IsWarning "No Organizational Units information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADSecurityAssessment.ps1 b/Src/Private/Get-AbrADSecurityAssessment.ps1 index 7a78047..d97b6aa 100644 --- a/Src/Private/Get-AbrADSecurityAssessment.ps1 +++ b/Src/Private/Get-AbrADSecurityAssessment.ps1 @@ -146,7 +146,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage "No Domain users information found, disabling section" + Write-PscriboMessage -IsWarning "No Domain users information found, disabling section." } } catch { @@ -203,7 +203,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage "No Privileged User Assessment information found, disabling section" + Write-PscriboMessage -IsWarning "No Privileged User Assessment information found, disabling section." } } catch { @@ -264,7 +264,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage "No Inactive Privileged Accounts information found, disabling section" + Write-PscriboMessage -IsWarning "No Inactive Privileged Accounts information found, disabling section." } } catch { @@ -330,7 +330,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage "No Service Accounts Assessment information found, disabling section" + Write-PscriboMessage -IsWarning "No Service Accounts Assessment information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADSite.ps1 b/Src/Private/Get-AbrADSite.ps1 index 47e23e1..3ee06ad 100644 --- a/Src/Private/Get-AbrADSite.ps1 +++ b/Src/Private/Get-AbrADSite.ps1 @@ -147,7 +147,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Connection Objects information found, disabling section" + Write-PscriboMessage -IsWarning "No Connection Objects information found, disabling section." } } catch { @@ -276,7 +276,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Missing Subnets in AD information found, disabling section" + Write-PscriboMessage -IsWarning "No Missing Subnets in AD information found, disabling section." } } catch { @@ -285,7 +285,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Site Subnets information found, disabling section" + Write-PscriboMessage -IsWarning "No Site Subnets information found, disabling section." } } catch { @@ -377,7 +377,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Site Links information found, disabling section" + Write-PscriboMessage -IsWarning "No Site Links information found, disabling section." } } catch { @@ -461,7 +461,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Sysvol Replication information found, disabling section" + Write-PscriboMessage -IsWarning "No Sysvol Replication information found, disabling section." } } catch { @@ -469,7 +469,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage "No Sites information found, disabling section" + Write-PscriboMessage -IsWarning "No Sites information found, disabling section." } } catch { diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index a9a2df6..8acc987 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -113,7 +113,7 @@ function Get-AbrADSiteReplication { } } } else { - Write-PscriboMessage "No Replication Connection information found, disabling section" + Write-PscriboMessage -IsWarning "No Replication Connection information found, disabling section." } } catch { @@ -173,7 +173,7 @@ function Get-AbrADSiteReplication { } } } else { - Write-PscriboMessage "No Replication Status information found, disabling section" + Write-PscriboMessage -IsWarning "No Replication Status information found, disabling section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADTrust.ps1 b/Src/Private/Get-AbrADTrust.ps1 index fdbcd7e..fcecb19 100644 --- a/Src/Private/Get-AbrADTrust.ps1 +++ b/Src/Private/Get-AbrADTrust.ps1 @@ -87,7 +87,7 @@ function Get-AbrADTrust { } } } else { - Write-PscriboMessage "No Domain Trust information found, disabling section" + Write-PscriboMessage -IsWarning "No Domain Trust information found, disabling section." } } catch { From 9574f434c048181a481807909335e0a97f18b75d Mon Sep 17 00:00:00 2001 From: Jonathan Colon Date: Tue, 3 Oct 2023 11:56:00 -0400 Subject: [PATCH 13/13] Improved logging message in some circumstances --- Src/Private/Get-AbrADDCDiag.ps1 | 2 +- Src/Private/Get-AbrADDFSHealth.ps1 | 6 +++--- Src/Private/Get-AbrADDNSZone.ps1 | 12 ++++++------ Src/Private/Get-AbrADDomainLastBackup.ps1 | 2 +- Src/Private/Get-AbrADDuplicateObject.ps1 | 2 +- Src/Private/Get-AbrADDuplicateSPN.ps1 | 2 +- Src/Private/Get-AbrADForest.ps1 | 6 +++--- Src/Private/Get-AbrADGPO.ps1 | 16 ++++++++-------- Src/Private/Get-AbrADInfrastructureService.ps1 | 2 +- Src/Private/Get-AbrADKerberosAudit.ps1 | 6 +++--- Src/Private/Get-AbrADOU.ps1 | 2 +- Src/Private/Get-AbrADSecurityAssessment.ps1 | 8 ++++---- Src/Private/Get-AbrADSite.ps1 | 12 ++++++------ Src/Private/Get-AbrADSiteReplication.ps1 | 4 ++-- Src/Private/Get-AbrADTrust.ps1 | 2 +- 15 files changed, 42 insertions(+), 42 deletions(-) diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1 index 6f3f742..c65d6ff 100644 --- a/Src/Private/Get-AbrADDCDiag.ps1 +++ b/Src/Private/Get-AbrADDCDiag.ps1 @@ -90,7 +90,7 @@ function Get-AbrADDCDiag { $OutObj | Sort-Object -Property 'Entity' | Table @TableParams } } else { - Write-PscriboMessage -IsWarning "No DCDiag information found, disabling section." + Write-PscriboMessage -IsWarning "No DCDiag information found in $DC, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADDFSHealth.ps1 b/Src/Private/Get-AbrADDFSHealth.ps1 index 8918eed..2fb4eaa 100644 --- a/Src/Private/Get-AbrADDFSHealth.ps1 +++ b/Src/Private/Get-AbrADDFSHealth.ps1 @@ -96,7 +96,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage -IsWarning "No DFS information found, disabling section." + Write-PscriboMessage -IsWarning "No DFS information found in $Domain, disabling the section." } } catch { @@ -157,7 +157,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage -IsWarning "No SYSVOL folder information found, disabling section." + Write-PscriboMessage -IsWarning "No SYSVOL folder information found in $Domain, disabling the section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession @@ -221,7 +221,7 @@ function Get-AbrADDFSHealth { } } } else { - Write-PscriboMessage -IsWarning "No NETLOGON folder information found, disabling section." + Write-PscriboMessage -IsWarning "No NETLOGON folder information found in $Domain, disabling the section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADDNSZone.ps1 b/Src/Private/Get-AbrADDNSZone.ps1 index 8b13514..b90d1df 100644 --- a/Src/Private/Get-AbrADDNSZone.ps1 +++ b/Src/Private/Get-AbrADDNSZone.ps1 @@ -89,7 +89,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage -IsWarning "No Zone Delegation information found, disabling section." + Write-PscriboMessage -IsWarning "No Zone Delegation information found, disabling the section." } } catch { @@ -97,7 +97,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage -IsWarning "No Zone Delegation information found, disabling section." + Write-PscriboMessage -IsWarning "No Zone Delegation information found in $DC, disabling the section." } if ($OutObj) { @@ -171,7 +171,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage -IsWarning "No Zone Transfer information found, disabling section." + Write-PscriboMessage -IsWarning "No Zone Transfer information found in $DC, disabling the section." } } catch { @@ -214,7 +214,7 @@ function Get-AbrADDNSZone { $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } } else { - Write-PscriboMessage -IsWarning "No Reverse lookup zone information found, disabling section." + Write-PscriboMessage -IsWarning "No Reverse lookup zone information found in $DC, disabling the section." } } catch { @@ -254,7 +254,7 @@ function Get-AbrADDNSZone { $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams } } else { - Write-PscriboMessage -IsWarning "No Conditional forwarder zone information found, disabling section." + Write-PscriboMessage -IsWarning "No Conditional forwarder zone information found in $DC, disabling the section." } } catch { @@ -311,7 +311,7 @@ function Get-AbrADDNSZone { } } } else { - Write-PscriboMessage -IsWarning "No Zone Aging property information found, disabling section." + Write-PscriboMessage -IsWarning "No Zone Aging property information found in $DC, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADDomainLastBackup.ps1 b/Src/Private/Get-AbrADDomainLastBackup.ps1 index e8445f0..5cbf876 100644 --- a/Src/Private/Get-AbrADDomainLastBackup.ps1 +++ b/Src/Private/Get-AbrADDomainLastBackup.ps1 @@ -79,7 +79,7 @@ function Get-AbrADDomainLastBackup { } } } else { - Write-PscriboMessage -IsWarning "No Naming context last backup information found, disabling section." + Write-PscriboMessage -IsWarning "No Naming context last backup information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADDuplicateObject.ps1 b/Src/Private/Get-AbrADDuplicateObject.ps1 index 5044bf9..e4c5e76 100644 --- a/Src/Private/Get-AbrADDuplicateObject.ps1 +++ b/Src/Private/Get-AbrADDuplicateObject.ps1 @@ -75,7 +75,7 @@ function Get-AbrADDuplicateObject { } } } else { - Write-PscriboMessage -IsWarning "No Duplicate object information found, disabling section." + Write-PscriboMessage -IsWarning "No Duplicate object information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADDuplicateSPN.ps1 b/Src/Private/Get-AbrADDuplicateSPN.ps1 index 0bcb964..a5c017d 100644 --- a/Src/Private/Get-AbrADDuplicateSPN.ps1 +++ b/Src/Private/Get-AbrADDuplicateSPN.ps1 @@ -76,7 +76,7 @@ function Get-AbrADDuplicateSPN { } } } else { - Write-PscriboMessage -IsWarning "No Duplicate SPN information found, disabling section." + Write-PscriboMessage -IsWarning "No Duplicate SPN information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADForest.ps1 b/Src/Private/Get-AbrADForest.ps1 index 1b3db65..87f6098 100644 --- a/Src/Private/Get-AbrADForest.ps1 +++ b/Src/Private/Get-AbrADForest.ps1 @@ -167,7 +167,7 @@ function Get-AbrADForest { } } } else { - Write-PscriboMessage -IsWarning "No Certificate Authority Root information found, disabling section." + Write-PscriboMessage -IsWarning "No Certificate Authority Root information found in $ForestInfo, disabling the section." } Write-PscriboMessage "Discovering certificate authority issuers on forest $ForestInfo." $ConfigNCDN = $Data.PartitionsContainer.Split(',') | Select-Object -Skip 1 @@ -201,7 +201,7 @@ function Get-AbrADForest { $OutObj | Sort-Object -Property 'Name' | Table @TableParams } } else { - Write-PscriboMessage -IsWarning "No Certificate Authority Issuer information found, disabling section." + Write-PscriboMessage -IsWarning "No Certificate Authority Issuer information found, disabling the section." } } } @@ -262,7 +262,7 @@ function Get-AbrADForest { } } } else { - Write-PscriboMessage -IsWarning "No Optional Feature information found, disabling section." + Write-PscriboMessage -IsWarning "No Optional Feature information found in $ForestInfo, disabling the section." } } } diff --git a/Src/Private/Get-AbrADGPO.ps1 b/Src/Private/Get-AbrADGPO.ps1 index 336dcc8..769a87c 100644 --- a/Src/Private/Get-AbrADGPO.ps1 +++ b/Src/Private/Get-AbrADGPO.ps1 @@ -239,7 +239,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage -IsWarning "No WMI Filter information found, disabling section." + Write-PscriboMessage -IsWarning "No WMI Filter information found in $Domain, disabling the section." } } catch { @@ -284,7 +284,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage -IsWarning "No GPO Central Store information found, disabling section." + Write-PscriboMessage -IsWarning "No GPO Central Store information found in $Domain, disabling the section." } } catch { @@ -339,7 +339,7 @@ function Get-AbrADGPO { $OutObj | Sort-Object -Property 'GPO Name' | Table @TableParams } } else { - Write-PscriboMessage -IsWarning "No GPO Logon/Logoff script information found, disabling section." + Write-PscriboMessage -IsWarning "No GPO Logon/Logoff script information found in $Domain, disabling the section." } } catch { @@ -395,7 +395,7 @@ function Get-AbrADGPO { } } else { - Write-PscriboMessage -IsWarning "No GPO Computer Startup/Shutdown script information found, disabling section." + Write-PscriboMessage -IsWarning "No GPO Computer Startup/Shutdown script information found in $Domain, disabling the section." } } catch { @@ -451,7 +451,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage -IsWarning "No Unlinked Group Policy Objects information found, disabling section." + Write-PscriboMessage -IsWarning "No Unlinked Group Policy Objects information found in $Domain, disabling the section." } } catch { @@ -504,7 +504,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage -IsWarning "No Empty GPO information found, disabling section." + Write-PscriboMessage -IsWarning "No Empty GPO information found in $Domain, disabling the section." } } catch { @@ -563,7 +563,7 @@ function Get-AbrADGPO { } } else { - Write-PscriboMessage -IsWarning "No Enforced GPO information found, disabling section." + Write-PscriboMessage -IsWarning "No Enforced GPO information found in $Domain, disabling the section." } } catch { @@ -664,7 +664,7 @@ function Get-AbrADGPO { } } } else { - Write-PscriboMessage -IsWarning "No Orphaned GPO information found, disabling section." + Write-PscriboMessage -IsWarning "No Orphaned GPO information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADInfrastructureService.ps1 b/Src/Private/Get-AbrADInfrastructureService.ps1 index 61a2de7..25a8e9d 100644 --- a/Src/Private/Get-AbrADInfrastructureService.ps1 +++ b/Src/Private/Get-AbrADInfrastructureService.ps1 @@ -80,7 +80,7 @@ function Get-AbrADInfrastructureService { } } } else { - Write-PscriboMessage -IsWarning "No Infrastructure Services Status information found, disabling section." + Write-PscriboMessage -IsWarning "No Infrastructure Services Status information found in $DC, disabling the section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADKerberosAudit.ps1 b/Src/Private/Get-AbrADKerberosAudit.ps1 index fdca26d..05c3af3 100644 --- a/Src/Private/Get-AbrADKerberosAudit.ps1 +++ b/Src/Private/Get-AbrADKerberosAudit.ps1 @@ -74,7 +74,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage -IsWarning "No Unconstrained Kerberos Delegation information found, disabling section." + Write-PscriboMessage -IsWarning "No Unconstrained Kerberos Delegation information found in $Domain, disabling the section." } try { $KRBTGT = $Users | Where-Object {$_.Name -eq 'krbtgt'} @@ -120,7 +120,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage -IsWarning "No KRBTGT Account Audit information found, disabling section." + Write-PscriboMessage -IsWarning "No KRBTGT Account Audit information found in $Domain, disabling the section." } } catch { @@ -172,7 +172,7 @@ function Get-AbrADKerberosAudit { } } } else { - Write-PscriboMessage -IsWarning "No Administrator Account Audit information found, disabling section." + Write-PscriboMessage -IsWarning "No Administrator Account Audit information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADOU.ps1 b/Src/Private/Get-AbrADOU.ps1 index 38d8542..bec4b4c 100644 --- a/Src/Private/Get-AbrADOU.ps1 +++ b/Src/Private/Get-AbrADOU.ps1 @@ -143,7 +143,7 @@ function Get-AbrADOU { } } } else { - Write-PscriboMessage -IsWarning "No Organizational Units information found, disabling section." + Write-PscriboMessage -IsWarning "No Organizational Units information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADSecurityAssessment.ps1 b/Src/Private/Get-AbrADSecurityAssessment.ps1 index d97b6aa..f9e324c 100644 --- a/Src/Private/Get-AbrADSecurityAssessment.ps1 +++ b/Src/Private/Get-AbrADSecurityAssessment.ps1 @@ -146,7 +146,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage -IsWarning "No Domain users information found, disabling section." + Write-PscriboMessage -IsWarning "No Domain users information found in $Domain, disabling the section." } } catch { @@ -203,7 +203,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage -IsWarning "No Privileged User Assessment information found, disabling section." + Write-PscriboMessage -IsWarning "No Privileged User Assessment information found in $Domain, disabling the section." } } catch { @@ -264,7 +264,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage -IsWarning "No Inactive Privileged Accounts information found, disabling section." + Write-PscriboMessage -IsWarning "No Inactive Privileged Accounts information found in $Domain, disabling the section." } } catch { @@ -330,7 +330,7 @@ function Get-AbrADSecurityAssessment { } } } else { - Write-PscriboMessage -IsWarning "No Service Accounts Assessment information found, disabling section." + Write-PscriboMessage -IsWarning "No Service Accounts Assessment information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADSite.ps1 b/Src/Private/Get-AbrADSite.ps1 index 3ee06ad..d9721af 100644 --- a/Src/Private/Get-AbrADSite.ps1 +++ b/Src/Private/Get-AbrADSite.ps1 @@ -147,7 +147,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Connection Objects information found, disabling section." + Write-PscriboMessage -IsWarning "No Connection Objects information found in $Domain, disabling the section." } } catch { @@ -276,7 +276,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Missing Subnets in AD information found, disabling section." + Write-PscriboMessage -IsWarning "No Missing Subnets in AD information found in $Domain, disabling the section." } } catch { @@ -285,7 +285,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Site Subnets information found, disabling section." + Write-PscriboMessage -IsWarning "No Site Subnets information found in $Domain, disabling the section." } } catch { @@ -377,7 +377,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Site Links information found, disabling section." + Write-PscriboMessage -IsWarning "No Site Links information found in $Domain, disabling the section." } } catch { @@ -461,7 +461,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Sysvol Replication information found, disabling section." + Write-PscriboMessage -IsWarning "No Sysvol Replication information found in $Domain, disabling the section." } } catch { @@ -469,7 +469,7 @@ function Get-AbrADSite { } } } else { - Write-PscriboMessage -IsWarning "No Sites information found, disabling section." + Write-PscriboMessage -IsWarning "No Sites information found in $Domain, disabling the section." } } catch { diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index 8acc987..03bf23c 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -113,7 +113,7 @@ function Get-AbrADSiteReplication { } } } else { - Write-PscriboMessage -IsWarning "No Replication Connection information found, disabling section." + Write-PscriboMessage -IsWarning "No Replication Connection information found in $Domain, disabling the section." } } catch { @@ -173,7 +173,7 @@ function Get-AbrADSiteReplication { } } } else { - Write-PscriboMessage -IsWarning "No Replication Status information found, disabling section." + Write-PscriboMessage -IsWarning "No Replication Status information found in $Domain, disabling the section." } if ($DCPssSession) { Remove-PSSession -Session $DCPssSession diff --git a/Src/Private/Get-AbrADTrust.ps1 b/Src/Private/Get-AbrADTrust.ps1 index fcecb19..751bc32 100644 --- a/Src/Private/Get-AbrADTrust.ps1 +++ b/Src/Private/Get-AbrADTrust.ps1 @@ -87,7 +87,7 @@ function Get-AbrADTrust { } } } else { - Write-PscriboMessage -IsWarning "No Domain Trust information found, disabling section." + Write-PscriboMessage -IsWarning "No Domain Trust information found in $Domain, disabling the section." } } catch {