+Table 143 - Certification Authority Summary - PHARMAX.LOCAL
+1.5.1 Enterprise Root Certificate Authority
The following section provides the Enterprise Root CA information.
-CA Name | zenpr-SERVER-DC-01V-CA |
+CA Name | pharmax-SERVER-DC-01V-CA |
Server Name | SERVER-DC-01V |
Type | Enterprise Root CA |
-Config String | Server-DC-01V.zenpr.local\zenpr-SERVER-DC-01V-CA |
+Config String | Server-DC-01V.pharmax.local\pharmax-SERVER-DC-01V-CA |
+Operating System | Microsoft Windows Server 2019 Standard Evaluation |
+Certificate | [Subject] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Serial Number] 5D2E25D9AFFDE4904A05D70BEB7ACBD2
[Not Before] 1/25/2020 7:35:16 PM
[Not After] 1/25/2025 7:45:15 PM
[Thumbprint] 0F6D4D3B8C71290E76B6B6C0661275F6F37B9CE0
|
+Status | Running |
+
+
Table 144 - Enterprise Root CA - PHARMAX.LOCAL
+1.5.2 Enterprise Subordinate Certificate Authority
The following section provides the Enterprise Subordinate CA information.
+
+CA Name | acad-ACADE-DC-01V-CA |
+Server Name | ACADE-DC-01V |
+Type | Enterprise Subordinate CA |
+Config String | acade-dc-01v.acad.pharmax.local\acad-ACADE-DC-01V-CA |
+Operating System | Microsoft Windows Server 2019 Standard Evaluation |
+Certificate | [Subject] CN=acad-ACADE-DC-01V-CA, DC=acad, DC=pharmax, DC=local
[Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Serial Number] 61000000F5B20F8367F4837C6A0000000000F5
[Not Before] 9/22/2021 8:59:36 PM
[Not After] 9/22/2023 9:09:36 PM
[Thumbprint] 89532761827821E1B102CC8B86C529A6D2E92AC6
|
+Status | Running |
+
+
Table 145 - Enterprise Subordinate CA - acad-ACADE-DC-01V-CA
+
+
+CA Name | pharmax-CAYEY-DC-01V-CA |
+Server Name | CAYEY-DC-01V |
+Type | Enterprise Subordinate CA |
+Config String | cayey-dc-01v.pharmax.local\pharmax-CAYEY-DC-01V-CA |
Operating System | Microsoft Windows Server 2019 Standard Evaluation |
-Certificate | [Subject] CN=zenpr-SERVER-DC-01V-CA, DC=zenpr, DC=local
[Issuer] CN=zenpr-SERVER-DC-01V-CA, DC=zenpr, DC=local
[Serial Number] 5D2E25D9AFFDE4904A05D70BEB7ACBD2
[Not Before] 1/25/2020 7:35:16 PM
[Not After] 1/25/2025 7:45:15 PM
[Thumbprint] 0F6D4D3B8C71290E76B6B6C0661275F6F37B9CE0
|
+Certificate | [Subject] CN=pharmax-CAYEY-DC-01V-CA, DC=pharmax, DC=local
[Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Serial Number] 61000000F60DE0C8AB312FB51E0000000000F6
[Not Before] 10/4/2021 10:33:08 AM
[Not After] 10/4/2023 10:43:08 AM
[Thumbprint] CB2AC03DDA5A793DACAFC1EDC048CB1123D94B4B
|
Status | Running |
-
Table 112 - Certification Authority Summary Information - ZENPR.LOCAL
+Table 146 - Enterprise Subordinate CA - pharmax-CAYEY-DC-01V-CA
+1.5.3 Certificate Validity Period
The following section provides the Certification Authority Certificate Validity Period information.
+CA Name | Server Name | Validity Period |
+acad-ACADE-DC-01V-CA | ACADE-DC-01V | 2 Years |
+pharmax-CAYEY-DC-01V-CA | CAYEY-DC-01V | 2 Years |
+pharmax-SERVER-DC-01V-CA | SERVER-DC-01V | 2 Years |
+
+
Table 147 - Certificate Validity Period - PHARMAX.LOCAL
+1.5.3.1 Access Control List (ACL) Summary
+DC Name | Owner | Group |
+acad-ACADE-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
+pharmax-CAYEY-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
+pharmax-SERVER-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
+
+
Table 148 - Access Control List - PHARMAX.LOCAL
+1.5.3.1.1 pharmax-SERVER-DC-01V-CA Rights
+Identity | Access Control Type | Rights |
+BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
+NT AUTHORITY\Authenticated Users | Allow | Enroll |
+PHARMAX\Domain Admins | Allow | ManageCA, ManageCertificates |
+PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
+PHARMAX\jocolon | Allow | ManageCA, ManageCertificates, Read, Enroll |
+
+
Table 149 - ACL Rights - pharmax-SERVER-DC-01V-CA
+1.5.3.1.2 acad-ACADE-DC-01V-CA Rights
+Identity | Access Control Type | Rights |
+ACAD\Domain Admins | Allow | ManageCA, ManageCertificates |
+BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
+NT AUTHORITY\Authenticated Users | Allow | Enroll |
+PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
+
+
Table 150 - ACL Rights - acad-ACADE-DC-01V-CA
+1.5.3.1.3 pharmax-CAYEY-DC-01V-CA Rights
+Identity | Access Control Type | Rights |
+BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
+NT AUTHORITY\Authenticated Users | Allow | Enroll |
+PHARMAX\Domain Admins | Allow | ManageCA, ManageCertificates |
+PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
+
+
Table 151 - ACL Rights - pharmax-CAYEY-DC-01V-CA
+1.5.4 Cryptography Configuration
The following section provides the Certification Authority Cryptography Configuration information.
+
+CA Name | pharmax-SERVER-DC-01V-CA |
+Server Name | SERVER-DC-01V |
+PublicKey Algorithm | RSA |
+Hashing Algorithm | SHA256 |
+Provider Name | Microsoft Software Key Storage Provider |
+Alternate Signature Algorithm | No |
+Provider Is CNG | Yes |
+
+
Table 152 - Cryptography Configuration - PHARMAX.LOCAL
+
+
+CA Name | acad-ACADE-DC-01V-CA |
+Server Name | ACADE-DC-01V |
+PublicKey Algorithm | RSA |
+Hashing Algorithm | SHA256 |
+Provider Name | Microsoft Software Key Storage Provider |
+Alternate Signature Algorithm | No |
+Provider Is CNG | Yes |
+
+
Table 153 - Cryptography Configuration - PHARMAX.LOCAL
+
+
+CA Name | pharmax-CAYEY-DC-01V-CA |
+Server Name | CAYEY-DC-01V |
+PublicKey Algorithm | RSA |
+Hashing Algorithm | SHA256 |
+Provider Name | Microsoft Software Key Storage Provider |
+Alternate Signature Algorithm | No |
+Provider Is CNG | Yes |
+
+
Table 154 - Cryptography Configuration - PHARMAX.LOCAL
+1.5.5 Authority Information Access (AIA) Summary
The following section provides the Certification Authority Authority Information Access information.
1.5.5.1 pharmax-SERVER-DC-01V-CA
+
+Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
+Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | 1 |
+Server Publish | Yes |
+Include To Extension | No |
+OCSP | No |
+
+
Table 155 - Authority Information Access - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
+Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
+Flags | 1, 2 |
+Server Publish | Yes |
+Include To Extension | Yes |
+OCSP | No |
+
+
Table 156 - Authority Information Access - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 157 - Authority Information Access - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 158 - Authority Information Access - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 2:http://acade-dc-01v.acad.pharmax.local/CertData/%1_%3%4.crt |
+Config URI | 2:http://acade-dc-01v.acad.pharmax.local/CertData/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | 2 |
+Server Publish | No |
+Include To Extension | Yes |
+OCSP | No |
+
+
Table 159 - Authority Information Access - pharmax-SERVER-DC-01V-CA
+1.5.5.2 acad-ACADE-DC-01V-CA
+
+Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
+Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | 1 |
+Server Publish | Yes |
+Include To Extension | No |
+OCSP | No |
+
+
Table 160 - Authority Information Access - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
+Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
+Flags | 1, 2 |
+Server Publish | Yes |
+Include To Extension | Yes |
+OCSP | No |
+
+
Table 161 - Authority Information Access - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 162 - Authority Information Access - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 163 - Authority Information Access - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 2:http://acade-dc-01v.acad.pharmax.local/CertEnroll/%1_%3%4.crt |
+Config URI | 2:http://acade-dc-01v.acad.pharmax.local/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | 2 |
+Server Publish | No |
+Include To Extension | Yes |
+OCSP | No |
+
+
Table 164 - Authority Information Access - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 32:http://acade-dc-01v.acad.pharmax.local/ocsp |
+Config URI | 32:http://acade-dc-01v.acad.pharmax.local/ocsp |
+Flags | 32 |
+Server Publish | No |
+Include To Extension | No |
+OCSP | Yes |
+
+
Table 165 - Authority Information Access - acad-ACADE-DC-01V-CA
+1.5.5.3 pharmax-CAYEY-DC-01V-CA
+
+Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
+Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | 1 |
+Server Publish | Yes |
+Include To Extension | No |
+OCSP | No |
+
+
Table 166 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
+Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
+Flags | 1, 2 |
+Server Publish | Yes |
+Include To Extension | Yes |
+OCSP | No |
+
+
Table 167 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 168 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
+Flags | - |
+Server Publish | No |
+Include To Extension | No |
+OCSP | No |
+
+
Table 169 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
+1.5.6 Certificate Revocation List (CRL) Configuration
The following section provides the Certification Authority CRL Distribution Point information.
1.5.6.1 CRL Validity Period
+CA Name | Base CRL | Base CRL Overlap | Delta CRL | Delta CRL Overlap |
+acad-ACADE-DC-01V-CA | 1 Weeks | 0 Hours | 1 Days | 0 Minutes |
+pharmax-CAYEY-DC-01V-CA | 1 Weeks | 0 Hours | 1 Days | 0 Minutes |
+pharmax-SERVER-DC-01V-CA | 50 Weeks | 0 Hours | 0 Days | 0 Minutes |
+
+
Table 170 - CRL Validity Preriod - PHARMAX.LOCAL
+1.5.6.2 CRL Flags Settings
+CA Name | Server Name | CRL Flags |
+acad-ACADE-DC-01V-CA | ACADE-DC-01V | DeleteExpiredCRLs |
+pharmax-CAYEY-DC-01V-CA | CAYEY-DC-01V | DeleteExpiredCRLs |
+pharmax-SERVER-DC-01V-CA | SERVER-DC-01V | DeleteExpiredCRLs |
+
+
Table 171 - CRL Flags - PHARMAX.LOCAL
+1.5.6.3 CRL Distribution Point
The following section provides the Certification Authority CRL Distribution Point information.
1.5.6.3.1 pharmax-SERVER-DC-01V-CA
+
+Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
+Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | Unknown |
+ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-SERVER-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-SERVER-DC-01V-CA+.crl |
+Flags | 1, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 172 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
+Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
+Url Scheme | LDAP |
+ProjectedURI | 79:ldap:///CN=pharmax-SERVER-DC-01V-CA,CN=Server-DC-01V,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
+Flags | 1, 2, 4, 8, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | Yes |
+Add To Fresh est CRL | Yes |
+Add To Crl cdp | Yes |
+
+
Table 173 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | HTTP |
+ProjectedURI | 0:http:///CertEnroll/pharmax-SERVER-DC-01V-CA.crl 0:http:///CertEnroll/pharmax-SERVER-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 174 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | UNC |
+ProjectedURI | 0:file:///CertEnroll/pharmax-SERVER-DC-01V-CA.crl 0:file:///CertEnroll/pharmax-SERVER-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 175 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
+
+
+Reg URI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/%3%8%9.crl |
+Config URI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | HTTP |
+ProjectedURI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/pharmax-SERVER-DC-01V-CA.crl 6:http://acade-dc-01v.acad.pharmax.local/CertData/pharmax-SERVER-DC-01V-CA+.crl |
+Flags | 2, 4 |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | Yes |
+Add To Fresh est CRL | Yes |
+Add To Crl cdp | No |
+
+
Table 176 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
+1.5.6.3.2 acad-ACADE-DC-01V-CA
+
+Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
+Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | Unknown |
+ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\acad-ACADE-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\acad-ACADE-DC-01V-CA+.crl |
+Flags | 1, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 177 - CRL Distribution Point - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
+Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
+Url Scheme | LDAP |
+ProjectedURI | 79:ldap:///CN=acad-ACADE-DC-01V-CA,CN=acade-dc-01v,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
+Flags | 1, 2, 4, 8, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | Yes |
+Add To Fresh est CRL | Yes |
+Add To Crl cdp | Yes |
+
+
Table 178 - CRL Distribution Point - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | HTTP |
+ProjectedURI | 0:http:///CertEnroll/acad-ACADE-DC-01V-CA.crl 0:http:///CertEnroll/acad-ACADE-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 179 - CRL Distribution Point - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | UNC |
+ProjectedURI | 0:file:///CertEnroll/acad-ACADE-DC-01V-CA.crl 0:file:///CertEnroll/acad-ACADE-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 180 - CRL Distribution Point - acad-ACADE-DC-01V-CA
+
+
+Reg URI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/%3%8%9.crl |
+Config URI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | HTTP |
+ProjectedURI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/acad-ACADE-DC-01V-CA.crl 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/acad-ACADE-DC-01V-CA+.crl |
+Flags | 2, 4 |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | Yes |
+Add To Fresh est CRL | Yes |
+Add To Crl cdp | No |
+
+
Table 181 - CRL Distribution Point - acad-ACADE-DC-01V-CA
+1.5.6.3.3 pharmax-CAYEY-DC-01V-CA
+
+Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
+Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | Unknown |
+ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-CAYEY-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-CAYEY-DC-01V-CA+.crl |
+Flags | 1, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 182 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
+Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
+Url Scheme | LDAP |
+ProjectedURI | 79:ldap:///CN=pharmax-CAYEY-DC-01V-CA,CN=cayey-dc-01v,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
+Flags | 1, 2, 4, 8, 64 |
+CRL Publish | - |
+Delta CRL Publish | Yes |
+Add To Cert CDP | Yes |
+Add To Fresh est CRL | Yes |
+Add To Crl cdp | Yes |
+
+
Table 183 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | HTTP |
+ProjectedURI | 0:http:///CertEnroll/pharmax-CAYEY-DC-01V-CA.crl 0:http:///CertEnroll/pharmax-CAYEY-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 184 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
+
+
+Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
+Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
+Url Scheme | UNC |
+ProjectedURI | 0:file:///CertEnroll/pharmax-CAYEY-DC-01V-CA.crl 0:file:///CertEnroll/pharmax-CAYEY-DC-01V-CA+.crl |
+Flags | - |
+CRL Publish | - |
+Delta CRL Publish | No |
+Add To Cert CDP | No |
+Add To Fresh est CRL | No |
+Add To Crl cdp | No |
+
+
Table 185 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
+1.5.7 AIA and CDP Health Status
The following section is intended to perform Certification Authority health status checking by CA certificate chain status and validating all CRL Distribution Point (CDP) and Authority Information Access (AIA) URLs for each certificate in the chain.
+CA Name | Childs | Health |
+acad-ACADE-DC-01V-CA | acad-ACADE-DC-01V-CA pharmax-SERVER-DC-01V-CA | Error |
+pharmax-CAYEY-DC-01V-CA | pharmax-CAYEY-DC-01V-CA pharmax-SERVER-DC-01V-CA | Ok |
+pharmax-SERVER-DC-01V-CA | pharmax-SERVER-DC-01V-CA | Ok |
+
+
Table 186 - Certification Authority Health - PHARMAX.LOCAL
+1.5.8 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.8.1 pharmax-SERVER-DC-01V-CA Certificate Template
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
+Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
+
+
Table 187 - Issued Certificate Template - pharmax-SERVER-DC-01V-CA
+1.5.8.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Authenticated Session | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
+CEP Encryption | 1 | Windows 2000 Server | No |
+Code Signing | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
+Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
+Exchange Signature Only | 1 | Windows 2000 Server | No |
+Exchange User | 1 | Windows 2000 Server | No |
+IPSec | 1 | Windows 2000 Server | No |
+IPSec (Offline request) | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
+Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
+Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Root Certification Authority | 1 | Windows 2000 Server | No |
+Router (Offline request) | 1 | Windows 2000 Server | No |
+Smartcard Logon | 1 | Windows 2000 Server | No |
+Smartcard User | 1 | Windows 2000 Server | No |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+Trust List Signing | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+User Signature Only | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
+Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+
+
Table 188 - Certificate Template in AD - PHARMAX.LOCAL
+1.5.9 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.9.1 acad-ACADE-DC-01V-CA Certificate Template
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+
+
Table 189 - Issued Certificate Template - acad-ACADE-DC-01V-CA
+1.5.9.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Authenticated Session | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
+CEP Encryption | 1 | Windows 2000 Server | No |
+Code Signing | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
+Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
+Exchange Signature Only | 1 | Windows 2000 Server | No |
+Exchange User | 1 | Windows 2000 Server | No |
+IPSec | 1 | Windows 2000 Server | No |
+IPSec (Offline request) | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
+Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
+Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Root Certification Authority | 1 | Windows 2000 Server | No |
+Router (Offline request) | 1 | Windows 2000 Server | No |
+Smartcard Logon | 1 | Windows 2000 Server | No |
+Smartcard User | 1 | Windows 2000 Server | No |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+Trust List Signing | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+User Signature Only | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
+Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+
+
Table 190 - Certificate Template in AD - PHARMAX.LOCAL
+1.5.10 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.10.1 pharmax-CAYEY-DC-01V-CA Certificate Template
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+
+
Table 191 - Issued Certificate Template - pharmax-CAYEY-DC-01V-CA
+1.5.10.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
+Template Name | Schema Version | Supported CA | Autoenrollment |
+Administrator | 1 | Windows 2000 Server | No |
+Authenticated Session | 1 | Windows 2000 Server | No |
+Basic EFS | 1 | Windows 2000 Server | No |
+CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
+CEP Encryption | 1 | Windows 2000 Server | No |
+Code Signing | 1 | Windows 2000 Server | No |
+Computer | 1 | Windows 2000 Server | No |
+ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
+Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Domain Controller | 1 | Windows 2000 Server | No |
+Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+EFS Recovery Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent | 1 | Windows 2000 Server | No |
+Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
+Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
+Exchange Signature Only | 1 | Windows 2000 Server | No |
+Exchange User | 1 | Windows 2000 Server | No |
+IPSec | 1 | Windows 2000 Server | No |
+IPSec (Offline request) | 1 | Windows 2000 Server | No |
+Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
+Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
+Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
+Root Certification Authority | 1 | Windows 2000 Server | No |
+Router (Offline request) | 1 | Windows 2000 Server | No |
+Smartcard Logon | 1 | Windows 2000 Server | No |
+Smartcard User | 1 | Windows 2000 Server | No |
+Subordinate Certification Authority | 1 | Windows 2000 Server | No |
+Trust List Signing | 1 | Windows 2000 Server | No |
+User | 1 | Windows 2000 Server | No |
+User Signature Only | 1 | Windows 2000 Server | No |
+Web Server | 1 | Windows 2000 Server | No |
+Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
+Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
+Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
+
+
Table 192 - Certificate Template in AD - PHARMAX.LOCAL
+1.5.11 Key Recovery Agent Certificate
The following section provides the Key Recovery Agent certificate used to encrypt user's certificate private key and store it in CA database. In the case when user cannot access his or her certificate private key it is possible to recover it by Key Recovery Agent if Key Archival procedure was taken against particular certificate.
+
+CA Name | pharmax-SERVER-DC-01V-CA |
+Server Name | SERVER-DC-01V |
+Certificate | [Subject] CN=Administrator, CN=Users, DC=pharmax, DC=local
[Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Serial Number] 61000001068FABBB1D8B7B986A000000000106
[Not Before] 11/16/2021 8:11:55 PM
[Not After] 11/16/2023 8:11:55 PM
[Thumbprint] 0C65947128A94A0209907127D13F81AD5840CA37
|
+
+
Table 193 - Key Recovery Agent Certificate - pharmax-SERVER-DC-01V-CA
+
+
+CA Name | acad-ACADE-DC-01V-CA |
+Server Name | ACADE-DC-01V |
+Certificate | [Subject] CN=Administrator, CN=Users, DC=pharmax, DC=local
[Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local
[Serial Number] 610000011FC4B5F75727EEAB0800000000011F
[Not Before] 1/23/2022 10:30:44 PM
[Not After] 1/23/2024 10:30:44 PM
[Thumbprint] 4883ED66CAB909725F89D7483E97DBF69C4CDA9B
|
+
+
Table 194 - Key Recovery Agent Certificate - acad-ACADE-DC-01V-CA
diff --git a/Src/Private/Get-AbrADCAAIA.ps1 b/Src/Private/Get-AbrADCAAIA.ps1
index 9ffc3c6..27dff74 100644
--- a/Src/Private/Get-AbrADCAAIA.ps1
+++ b/Src/Private/Get-AbrADCAAIA.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCAAIA {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -23,48 +23,50 @@ function Get-AbrADCAAIA {
}
process {
- try {
+ if ($CAs) {
Section -Style Heading4 "Authority Information Access (AIA) Summary" {
Paragraph "The following section provides the Certification Authority Authority Information Access information."
BlankLine
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
foreach ($CA in $CAs) {
- Section -Style Heading5 "$($CA.Name) AIA" {
- Paragraph "The following section provides the Certification Authority Authority Information Access information."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Collecting AD CA Authority Information Access information on $CA."
- $AIA = Get-AuthorityInformationAccess -CertificationAuthority $CA
- foreach ($URI in $AIA.URI) {
- $inObj = [ordered] @{
- 'Reg URI' = $URI.RegURI
- 'Config URI' = $URI.ConfigURI
- 'Flags' = ConvertTo-EmptyToFiller ($URI.Flags -join ", ")
- 'Server Publish' = ConvertTo-TextYN $URI.ServerPublish
- 'Include To Extension' = ConvertTo-TextYN $URI.IncludeToExtension
- 'OCSP' = ConvertTo-TextYN $URI.OCSP
- }
- $OutObj += [pscustomobject]$inobj
- }
+ try {
+ Section -Style Heading5 "$($CA.Name)" {
+ $OutObj = @()
+ Write-PscriboMessage "Collecting AD CA Authority Information Access information on $($CA.Name)."
+ $AIA = Get-AuthorityInformationAccess -CertificationAuthority $CA
+ foreach ($URI in $AIA.URI) {
+ try {
+ $inObj = [ordered] @{
+ 'Reg URI' = $URI.RegURI
+ 'Config URI' = $URI.ConfigURI
+ 'Flags' = ConvertTo-EmptyToFiller ($URI.Flags -join ", ")
+ 'Server Publish' = ConvertTo-TextYN $URI.ServerPublish
+ 'Include To Extension' = ConvertTo-TextYN $URI.IncludeToExtension
+ 'OCSP' = ConvertTo-TextYN $URI.OCSP
+ }
+ $OutObj = [pscustomobject]$inobj
- $TableParams = @{
- Name = "Authority Information Access - $($CA.Name)"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Authority Information Access - $($CA.Name)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Authority Information Access Item)"
+ }
+ }
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Authority Information Access Table)"
}
}
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Authority Information Access)"
- }
}
end {}
diff --git a/Src/Private/Get-AbrADCACRLSetting.ps1 b/Src/Private/Get-AbrADCACRLSetting.ps1
index e87b2af..fdc6409 100644
--- a/Src/Private/Get-AbrADCACRLSetting.ps1
+++ b/Src/Private/Get-AbrADCACRLSetting.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCACRLSetting {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -28,24 +28,29 @@ function Get-AbrADCACRLSetting {
Paragraph "The following section provides the Certification Authority CRL Distribution Point information."
BlankLine
Section -Style Heading5 "CRL Validity Period" {
- Paragraph "The following section provides the Certification Authority CRL Validity Period information."
- BlankLine
$OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
foreach ($CA in $CAs) {
- Write-PscriboMessage "Collecting AD CA CRL Validity Period information on $CA."
- $CRLs = Get-CRLValidityPeriod -CertificationAuthority $CA
- foreach ($VP in $CRLs) {
- $inObj = [ordered] @{
- 'CA Name' = $VP.Name
- 'Base CRL' = $VP.BaseCRL
- 'Base CRL Overlap' = $VP.BaseCRLOverlap
- 'Delta CRL' = $VP.DeltaCRL
- 'Delta CRL Overlap' = $VP.DeltaCRLOverlap
+ try {
+ Write-PscriboMessage "Collecting AD CA CRL Validity Period information on $($CA.Name)."
+ $CRLs = Get-CRLValidityPeriod -CertificationAuthority $CA
+ foreach ($VP in $CRLs) {
+ try {
+ $inObj = [ordered] @{
+ 'CA Name' = $VP.Name
+ 'Base CRL' = $VP.BaseCRL
+ 'Base CRL Overlap' = $VP.BaseCRLOverlap
+ 'Delta CRL' = $VP.DeltaCRL
+ 'Delta CRL Overlap' = $VP.DeltaCRLOverlap
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
- $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
}
@@ -57,79 +62,99 @@ function Get-AbrADCACRLSetting {
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
+ $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams
}
- Section -Style Heading5 "CRL Flags Settings" {
- Paragraph "The following section provides the Certification Authority CRL Flags information."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
- foreach ($CA in $CAs) {
- Write-PscriboMessage "Collecting AD CA CRL Distribution Point information on $CA."
- $CRLs = Get-CertificateRevocationListFlag -CertificationAuthority $CA
- foreach ($Flag in $CRLs) {
- $inObj = [ordered] @{
- 'CA Name' = $Flag.Name
- 'Server Name' = $Flag.ComputerName.ToString().ToUpper().Split(".")[0]
- 'CRL Flags' = $Flag.CRLFlags
+ try {
+ Section -Style Heading5 "CRL Flags Settings" {
+ $OutObj = @()
+ foreach ($CA in $CAs) {
+ try {
+ Write-PscriboMessage "Collecting AD CA CRL Distribution Point information on $($CA.Name)."
+ $CRLs = Get-CertificateRevocationListFlag -CertificationAuthority $CA
+ foreach ($Flag in $CRLs) {
+ try {
+ $inObj = [ordered] @{
+ 'CA Name' = $Flag.Name
+ 'Server Name' = $Flag.ComputerName.ToString().ToUpper().Split(".")[0]
+ 'CRL Flags' = $Flag.CRLFlags
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
- }
- $TableParams = @{
- Name = "CRL Flags - $($ForestInfo.toUpper())"
- List = $false
- ColumnWidths = 40, 25, 35
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "CRL Flags - $($ForestInfo.toUpper())"
+ List = $false
+ ColumnWidths = 40, 25, 35
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
- Section -Style Heading5 "CRL Distribution Point" {
- Paragraph "The following section provides the Certification Authority CRL Distribution Point information."
- BlankLine
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
- foreach ($CA in $CAs) {
- Section -Style Heading6 "$($CA.Name) Distribution Point" {
- Paragraph "The following section provides the Certification Authority CRL Distribution Point information."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Collecting AD CA CRL Distribution Point information on $CA."
- $CRL = Get-CRLDistributionPoint -CertificationAuthority $CA
- foreach ($URI in $CRL.URI) {
- $inObj = [ordered] @{
- 'Reg URI' = $URI.RegURI
- 'Config URI' = $URI.ConfigURI
- 'Url Scheme' = $URI.UrlScheme
- 'ProjectedURI' = $URI.ProjectedURI
- 'Flags' = ConvertTo-EmptyToFiller ($URI.Flags -join ", ")
- 'CRL Publish' = ConvertTo-TextYN $URI.IncludeToExtension
- 'Delta CRL Publish' = ConvertTo-TextYN $URI.DeltaCRLPublish
- 'Add To Cert CDP' = ConvertTo-TextYN $URI.AddToCertCDP
- 'Add To Fresh est CRL' = ConvertTo-TextYN $URI.AddToFreshestCRL
- 'Add To Crl cdp' = ConvertTo-TextYN $URI.AddToCrlcdp
- }
- $OutObj += [pscustomobject]$inobj
- }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ try {
+ Section -Style Heading5 "CRL Distribution Point" {
+ Paragraph "The following section provides the Certification Authority CRL Distribution Point information."
+ BlankLine
+ foreach ($CA in $CAs) {
+ try {
+ Section -Style Heading6 "$($CA.Name)" {
+ $OutObj = @()
+ Write-PscriboMessage "Collecting AD CA CRL Distribution Point information on $($CA.NAme)."
+ $CRL = Get-CRLDistributionPoint -CertificationAuthority $CA
+ foreach ($URI in $CRL.URI) {
+ try {
+ $inObj = [ordered] @{
+ 'Reg URI' = $URI.RegURI
+ 'Config URI' = $URI.ConfigURI
+ 'Url Scheme' = $URI.UrlScheme
+ 'ProjectedURI' = $URI.ProjectedURI
+ 'Flags' = ConvertTo-EmptyToFiller ($URI.Flags -join ", ")
+ 'CRL Publish' = ConvertTo-TextYN $URI.IncludeToExtension
+ 'Delta CRL Publish' = ConvertTo-TextYN $URI.DeltaCRLPublish
+ 'Add To Cert CDP' = ConvertTo-TextYN $URI.AddToCertCDP
+ 'Add To Fresh est CRL' = ConvertTo-TextYN $URI.AddToFreshestCRL
+ 'Add To Crl cdp' = ConvertTo-TextYN $URI.AddToCrlcdp
+ }
+ $OutObj = [pscustomobject]$inobj
- $TableParams = @{
- Name = "CRL Distribution Point - $($CA.Name)"
- List = $true
- ColumnWidths = 40, 60
+ $TableParams = @{
+ Name = "CRL Distribution Point - $($CA.Name)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ }
+ }
}
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj | Table @TableParams
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
}
catch {
@@ -140,15 +165,13 @@ function Get-AbrADCACRLSetting {
Paragraph "The following section is intended to perform Certification Authority health status checking by CA certificate chain status and validating all CRL Distribution Point (CDP) and Authority Information Access (AIA) URLs for each certificate in the chain."
BlankLine
$OutObj = @()
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority Health information in $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- foreach ($CA in $CAs) {
- Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
- try {
- Write-PscriboMessage "Collecting AD Certification Authority Health information of $CA."
- $CAHealth = Get-EnterprisePKIHealthStatus -CertificateAuthority $CA
- foreach ($Health in $CAHealth) {
+ foreach ($CA in $CAs) {
+ Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
+ try {
+ $CAHealth = Get-EnterprisePKIHealthStatus -CertificateAuthority $CA
+ foreach ($Health in $CAHealth) {
+ try {
+ Write-PscriboMessage "Collecting AIA and CDP Health Status from $($Health.Name)."
$inObj = [ordered] @{
'CA Name' = $Health.Name
'Childs' = ($Health.Childs).Name
@@ -156,10 +179,13 @@ function Get-AbrADCACRLSetting {
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
- catch {
- Write-PscriboMessage -IsWarning $_.Exception.Message
- }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
}
@@ -168,14 +194,14 @@ function Get-AbrADCACRLSetting {
}
$TableParams = @{
- Name = "Certification Authority Health Information - $($ForestInfo.ToString().ToUpper())"
+ Name = "Certification Authority Health - $($ForestInfo.ToString().ToUpper())"
List = $false
ColumnWidths = 40, 40, 20
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
+ $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams
}
}
catch {
diff --git a/Src/Private/Get-AbrADCACryptographyConfig.ps1 b/Src/Private/Get-AbrADCACryptographyConfig.ps1
index 6321fc5..4c05d78 100644
--- a/Src/Private/Get-AbrADCACryptographyConfig.ps1
+++ b/Src/Private/Get-AbrADCACryptographyConfig.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCACryptographyConfig {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -23,43 +23,42 @@ function Get-AbrADCACryptographyConfig {
}
process {
- try {
+ if ($CAs) {
Section -Style Heading4 "Cryptography Configuration" {
Paragraph "The following section provides the Certification Authority Cryptography Configuration information."
BlankLine
$OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
foreach ($CA in $CAs) {
- Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
- $CryptoConfig = Get-CACryptographyConfig -CertificationAuthority $CA
- $inObj = [ordered] @{
- 'CA Name' = $CryptoConfig.Name
- 'Server Name' = $CryptoConfig.ComputerName.ToString().ToUpper().Split(".")[0]
- 'PublicKey Algorithm' = $CryptoConfig.PublicKeyAlgorithm | Select-Object -ExpandProperty FriendlyName
- 'Hashing Algorithm' = ($CryptoConfig.HashingAlgorithm | Select-Object -ExpandProperty FriendlyName).ToUpper()
- 'Provider Name' = $CryptoConfig.ProviderName
- 'Alternate Signature Algorithm' = ConvertTo-TextYN $CryptoConfig.AlternateSignatureAlgorithm
- 'Provider Is CNG' = ConvertTo-TextYN $CryptoConfig.ProviderIsCNG
- }
- $OutObj += [pscustomobject]$inobj
- }
+ try {
+ $CryptoConfig = Get-CACryptographyConfig -CertificationAuthority $CA
+ Write-PscriboMessage "Discovered Cryptography Configuration information from $($CryptoConfig.Name)."
+ $inObj = [ordered] @{
+ 'CA Name' = $CryptoConfig.Name
+ 'Server Name' = $CryptoConfig.ComputerName.ToString().ToUpper().Split(".")[0]
+ 'PublicKey Algorithm' = $CryptoConfig.PublicKeyAlgorithm | Select-Object -ExpandProperty FriendlyName
+ 'Hashing Algorithm' = ($CryptoConfig.HashingAlgorithm | Select-Object -ExpandProperty FriendlyName).ToUpper()
+ 'Provider Name' = $CryptoConfig.ProviderName
+ 'Alternate Signature Algorithm' = ConvertTo-TextYN $CryptoConfig.AlternateSignatureAlgorithm
+ 'Provider Is CNG' = ConvertTo-TextYN $CryptoConfig.ProviderIsCNG
+ }
+ $OutObj = [pscustomobject]$inobj
- $TableParams = @{
- Name = "Cryptography Configuration - $($ForestInfo.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Cryptography Configuration - $($ForestInfo.ToString().ToUpper())"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
- $OutObj | Table @TableParams
}
}
- catch {
- Write-PscriboMessage -IsWarning $_.Exception.Message
- }
}
end {}
diff --git a/Src/Private/Get-AbrADCAForest.ps1 b/Src/Private/Get-AbrADCAForest.ps1
index 60b66f7..42c47ae 100644
--- a/Src/Private/Get-AbrADCAForest.ps1
+++ b/Src/Private/Get-AbrADCAForest.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCAForest {
.DESCRIPTION
.NOTES
- Version: 0.4.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -53,7 +53,7 @@ function Get-AbrADCAForest {
}
$TableParams = @{
- Name = "FSMO Server Information - $($Domain)"
+ Name = "FSMO Server - $($Domain)"
List = $true
ColumnWidths = 40, 60
}
diff --git a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1 b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1
index 5dfd075..5febacd 100644
--- a/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1
+++ b/Src/Private/Get-AbrADCAKeyRecoveryAgent.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCAKeyRecoveryAgent {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -23,43 +23,41 @@ function Get-AbrADCAKeyRecoveryAgent {
}
process {
- try {
+ $OutObj = @()
+ foreach ($CA in $CAs) {
+ try {
+ $KRA = Get-CAKRACertificate -CertificationAuthority $CA
+ if ($KRA.Certificate) {
+ Write-PscriboMessage "Collecting Key Recovery Agent Certificate Certificate information of $($KRA.DisplayName)."
+ $inObj = [ordered] @{
+ 'CA Name' = $KRA.DisplayName
+ 'Server Name' = $KRA.ComputerName.ToString().ToUpper().Split(".")[0]
+ 'Certificate' = $KRA.Certificate
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Key Recovery Agent Certificate Item)"
+ }
+ }
+ if ($OutObj) {
Section -Style Heading4 "Key Recovery Agent Certificate" {
Paragraph "The following section provides the Key Recovery Agent certificate used to encrypt user's certificate private key and store it in CA database. In the case when user cannot access his or her certificate private key it is possible to recover it by Key Recovery Agent if Key Archival procedure was taken against particular certificate."
BlankLine
- $OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in forest $ForestInfo."}
- foreach ($CA in $CAs) {
- Write-PscriboMessage "Collecting AD Certification Authority KRA Certificate information of $CA."
- $KRAs = Get-CAKRACertificate -CertificationAuthority $CA
- foreach ($KRA in $KRAs) {
- if ($KRA.Certificate) {
- $inObj = [ordered] @{
- 'CA Name' = $KRA.DisplayName
- 'Server Name' = $KRA.ComputerName.ToString().ToUpper().Split(".")[0]
- 'Certificate' = $KRA.Certificate
- }
- $OutObj += [pscustomobject]$inobj
- }
+ foreach ($Item in $OutObj) {
+ $TableParams = @{
+ Name = "Key Recovery Agent Certificate - $($Item.'CA Name')"
+ List = $true
+ ColumnWidths = 40, 60
}
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $Item | Table @TableParams
}
-
- $TableParams = @{
- Name = "Key Recovery Agent Certificate - $($ForestInfo.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Key Recovery Agent Certificate)"
- }
}
end {}
diff --git a/Src/Private/Get-AbrADCARoot.ps1 b/Src/Private/Get-AbrADCARoot.ps1
index d21dd59..e950892 100644
--- a/Src/Private/Get-AbrADCARoot.ps1
+++ b/Src/Private/Get-AbrADCARoot.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCARoot {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -32,7 +32,7 @@ function Get-AbrADCARoot {
$CAs = Get-CertificationAuthority -Enterprise | Where-Object {$_.IsRoot -like 'True'}
Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
foreach ($CA in $CAs) {
- Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
+ Write-PscriboMessage "Collecting Enterprise Root Certificate Authority information from $($CA.DisplayName)."
$inObj = [ordered] @{
'CA Name' = $CA.DisplayName
'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
@@ -50,7 +50,7 @@ function Get-AbrADCARoot {
}
$TableParams = @{
- Name = "Enterprise Root CA Information - $($ForestInfo.ToString().ToUpper())"
+ Name = "Enterprise Root CA - $($ForestInfo.ToString().ToUpper())"
List = $true
ColumnWidths = 40, 60
}
diff --git a/Src/Private/Get-AbrADCASecurity.ps1 b/Src/Private/Get-AbrADCASecurity.ps1
index 5a44e4e..701fe6b 100644
--- a/Src/Private/Get-AbrADCASecurity.ps1
+++ b/Src/Private/Get-AbrADCASecurity.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCASecurity {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -23,18 +23,15 @@ function Get-AbrADCASecurity {
}
process {
- Section -Style Heading4 "Certificate Validity Period" {
- Paragraph "The following section provides the Certification Authority Certificate Validity Period information."
- BlankLine
- $OutObj = @()
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
+ if ($CAs) {
+ Section -Style Heading4 "Certificate Validity Period" {
+ Paragraph "The following section provides the Certification Authority Certificate Validity Period information."
+ BlankLine
+ $OutObj = @()
foreach ($CA in $CAs) {
- Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
try {
- Write-PscriboMessage "Collecting AD Certification Authority Certificate Validity Period information of $CA."
$CFP = Get-CertificateValidityPeriod -CertificationAuthority $CA
+ Write-PscriboMessage "Collecting Certificate Validity Period information of $($CFP.Name)."
$inObj = [ordered] @{
'CA Name' = $CFP.Name
'Server Name' = $CFP.ComputerName.ToString().ToUpper().Split(".")[0]
@@ -46,97 +43,93 @@ function Get-AbrADCASecurity {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Validity Period)"
}
}
- }
-
- $TableParams = @{
- Name = "Certificate Validity Period - $($ForestInfo.ToString().ToUpper())"
- List = $false
- ColumnWidths = 40, 40, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- }
- try {
- Section -Style Heading4 "Access Control List (ACL) Summary" {
- Paragraph "The following section provides the Certification Authority Access Control List (ACL) information."
- BlankLine
- $OutObj = @()
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."}
- foreach ($CA in $CAs) {
- try {
- Write-PscriboMessage "Collecting AD Certification Authority Access Control List information of $CA."
- $ACLs = Get-CertificationAuthorityAcl -CertificationAuthority $CA
- foreach ($ACL in $ACLs) {
- $inObj = [ordered] @{
- 'DC Name' = $CA.DisplayName
- 'Owner' = $ACL.Owner
- 'Group' = $ACL.Group
- }
- $OutObj += [pscustomobject]$inobj
- }
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Summary)"
- }
- }
- }
$TableParams = @{
- Name = "Access Control List - $($ForestInfo.ToString().ToUpper())"
+ Name = "Certificate Validity Period - $($ForestInfo.ToString().ToUpper())"
List = $false
- ColumnWidths = 40, 30, 30
+ ColumnWidths = 40, 40, 20
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- if ($CAs) {Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."}
- foreach ($CA in $CAs) {
- try {
- Section -Style Heading5 "$($CA.Name) Rights" {
- Paragraph "The following section provides the Certification Authority Access Control List information on $($CA.Name)."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Collecting AD Certification Authority Access Control List information of $CA."
+ $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams
+ try {
+ Section -Style Heading4 "Access Control List (ACL) Summary" {
+ $OutObj = @()
+ foreach ($CA in $CAs) {
+ try {
$ACLs = Get-CertificationAuthorityAcl -CertificationAuthority $CA
- foreach ($ACL in $ACLs.Access) {
- $inObj = [ordered] @{
- 'Identity' = $ACL.IdentityReference
- 'Access Control Type' = $ACL.AccessControlType
- 'Rights' = $ACL.Rights
+ Write-PscriboMessage "Collecting Certification Authority Access Control List information of $($CA.Name)."
+ foreach ($ACL in $ACLs) {
+ try {
+ $inObj = [ordered] @{
+ 'DC Name' = $CA.DisplayName
+ 'Owner' = $ACL.Owner
+ 'Group' = $ACL.Group
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Summary)"
+ }
+ }
- $TableParams = @{
- Name = "ACL Rights - $($CA.Name)"
- List = $false
- ColumnWidths = 40, 20, 40
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Access Control List - $($ForestInfo.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 40, 30, 30
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
+ foreach ($CA in $CAs) {
+ try {
+ Section -Style Heading5 "$($CA.Name) Rights" {
+ $OutObj = @()
+ Write-PscriboMessage "Collecting AD Certification Authority Access Control List information of $($CA.Name)."
+ $ACLs = Get-CertificationAuthorityAcl -CertificationAuthority $CA
+ foreach ($ACL in $ACLs.Access) {
+ try {
+ $inObj = [ordered] @{
+ 'Identity' = $ACL.IdentityReference
+ 'Access Control Type' = $ACL.AccessControlType
+ 'Rights' = $ACL.Rights
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Item)"
+ }
+ }
+
+ $TableParams = @{
+ Name = "ACL Rights - $($CA.Name)"
+ List = $false
+ ColumnWidths = 40, 20, 40
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Identity' | Table @TableParams
}
- $OutObj | Table @TableParams
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Item)"
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Table)"
+ }
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Section)"
+ }
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Global)"
- }
}
end {}
diff --git a/Src/Private/Get-AbrADCASubordinate.ps1 b/Src/Private/Get-AbrADCASubordinate.ps1
index 0caa823..f37cba9 100644
--- a/Src/Private/Get-AbrADCASubordinate.ps1
+++ b/Src/Private/Get-AbrADCASubordinate.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCASubordinate {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -24,40 +24,47 @@ function Get-AbrADCASubordinate {
process {
try {
- Section -Style Heading4 "Enterprise Subordinate Certificate Authority" {
- Paragraph "The following section provides the Enterprise Subordinate CA information."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise | Where-Object {$_.IsRoot -like 'False'}
- foreach ($CA in $CAs) {
- Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
- Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
- $inObj = [ordered] @{
- 'CA Name' = $CA.DisplayName
- 'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
- 'Type' = $CA.Type
- 'Config String' = $CA.ConfigString
- 'Operating System' = $CA.OperatingSystem
- 'Certificate' = $CA.Certificate
- 'Status' = $CA.ServiceStatus
- }
- $OutObj += [pscustomobject]$inobj
- }
+ Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())."
+ $CAs = Get-CertificationAuthority -Enterprise | Where-Object {$_.IsRoot -like 'False'}
+ if ($CAs) {
+ Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
+ Section -Style Heading4 "Enterprise Subordinate Certificate Authority" {
+ Paragraph "The following section provides the Enterprise Subordinate CA information."
+ BlankLine
+ $OutObj = @()
+ foreach ($CA in $CAs) {
+ try {
+ Write-PscriboMessage "Collecting Enterprise Subordinate Certificate Authority information from $($CA.DisplayName)."
+ $inObj = [ordered] @{
+ 'CA Name' = $CA.DisplayName
+ 'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
+ 'Type' = $CA.Type
+ 'Config String' = $CA.ConfigString
+ 'Operating System' = $CA.OperatingSystem
+ 'Certificate' = $CA.Certificate
+ 'Status' = $CA.ServiceStatus
+ }
+ $OutObj = [pscustomobject]$inobj
- if ($HealthCheck.CA.Status) {
- $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
- }
+ if ($HealthCheck.CA.Status) {
+ $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
+ }
- $TableParams = @{
- Name = "Enterprise Subordinate CA Information - $($ForestInfo.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Enterprise Subordinate CA - $($CA.DisplayName)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ }
}
- $OutObj | Table @TableParams
}
}
catch {
diff --git a/Src/Private/Get-AbrADCASummary.ps1 b/Src/Private/Get-AbrADCASummary.ps1
index ab2d0ab..0f8d78f 100644
--- a/Src/Private/Get-AbrADCASummary.ps1
+++ b/Src/Private/Get-AbrADCASummary.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCASummary {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -19,7 +19,7 @@ function Get-AbrADCASummary {
)
begin {
- Write-PscriboMessage "Collecting AD Certification Authority information."
+ Write-PscriboMessage "Collecting Certification Authority information."
}
process {
@@ -30,7 +30,7 @@ function Get-AbrADCASummary {
foreach ($CA in $CAs) {
Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
try {
- Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
+ Write-PscriboMessage "Collecting AD Certification Authority Summary information of $($CA.DisplayName)."
$inObj = [ordered] @{
'CA Name' = $CA.DisplayName
'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
@@ -43,21 +43,21 @@ function Get-AbrADCASummary {
Write-PscriboMessage -IsWarning $_.Exception.Message
}
}
- }
- if ($HealthCheck.CA.Status) {
- $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
- }
+ if ($HealthCheck.CA.Status) {
+ $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
+ }
- $TableParams = @{
- Name = "Certification Authority Summary Information - $($ForestInfo.ToString().ToUpper())"
- List = $false
- ColumnWidths = 33, 33, 22, 12
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Certification Authority Summary - $($ForestInfo.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 33, 33, 22, 12
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'CA Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
end {}
diff --git a/Src/Private/Get-AbrADCATemplate.ps1 b/Src/Private/Get-AbrADCATemplate.ps1
index 78ab1e8..5d91f87 100644
--- a/Src/Private/Get-AbrADCATemplate.ps1
+++ b/Src/Private/Get-AbrADCATemplate.ps1
@@ -5,7 +5,7 @@ function Get-AbrADCATemplate {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -16,73 +16,64 @@ function Get-AbrADCATemplate {
#>
[CmdletBinding()]
param (
+ [Parameter (
+ Position = 0,
+ Mandatory)]
+ $CA
)
begin {
Write-PscriboMessage "Collecting AD Certification Authority Templates information."
+ $Templates = Get-CATemplate -CertificationAuthority $CA.ComputerName | Select-Object -ExpandProperty Templates
}
process {
- Section -Style Heading4 "Certificate Template Summary" {
- Paragraph "The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates."
- BlankLine
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
- foreach ($CA in $CAs) {
- Section -Style Heading5 "$($CA.Name) Certificate Template" {
- Paragraph "The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates."
- BlankLine
- $OutObj = @()
+ if ($Templates) {
+ Section -Style Heading4 "Certificate Template Summary" {
+ Paragraph "The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates."
+ BlankLine
+ Section -Style Heading5 "$($CA.Name) Certificate Template" {
+ $OutObj = @()
+ foreach ($Template in $Templates) {
+ Write-PscriboMessage "Collecting $($Template.DisplayName) Issued Certificate Template information from $($CA.Name)."
try {
- Write-PscriboMessage "Collecting AD Certification Authority Issued Certificate Template information from $CA."
- $Templates = Get-CATemplate -CertificationAuthority $CA | Select-Object -ExpandProperty Templates
- foreach ($Template in $Templates) {
- $inObj = [ordered] @{
- 'Template Name' = $Template.DisplayName
- 'Schema Version' = $Template.SchemaVersion
- 'Supported CA' = $Template.SupportedCA
- 'Autoenrollment' = ConvertTo-TextYN $Template.AutoenrollmentAllowed
- }
- $OutObj += [pscustomobject]$inobj
+ $inObj = [ordered] @{
+ 'Template Name' = $Template.DisplayName
+ 'Schema Version' = $Template.SchemaVersion
+ 'Supported CA' = $Template.SupportedCA
+ 'Autoenrollment' = ConvertTo-TextYN $Template.AutoenrollmentAllowed
}
+ $OutObj += [pscustomobject]$inobj
}
catch {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (CA Certificate Templates)"
}
+ }
- $TableParams = @{
- Name = "Issued Certificate Template - $($CA.Name)"
- List = $false
- ColumnWidths = 40, 12, 30, 18
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Sort-Object -Property 'Template Name' | Table @TableParams
+ $TableParams = @{
+ Name = "Issued Certificate Template - $($CA.Name)"
+ List = $false
+ ColumnWidths = 40, 12, 30, 18
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
}
- if ($InfoLevel.CA -ge 3) {
+ $OutObj | Sort-Object -Property 'Template Name' | Table @TableParams
+ }
+ if ($InfoLevel.CA -ge 3) {
+ try {
Section -Style Heading5 "Issued Certificate Template ACLs" {
Paragraph "The following section provides the certificate templates Access Control List that are assigned to a specified Certification Authority (CA)."
BlankLine
- if ($ForestInfo) {
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $CAs = Get-CertificationAuthority -Enterprise
- Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
- foreach ($CA in $CAs) {
- Section -Style Heading6 "$($CA.Name) Certificate Template ACL" {
- Paragraph "The following section provides per CA certificate templates Access Control List."
- try {
- Write-PscriboMessage "Collecting AD Certification Authority Issued Certificate Template information from $CA."
- $Templates = Get-CATemplate -CertificationAuthority $CA | Select-Object -ExpandProperty Templates
- foreach ($Template in $Templates) {
- Section -Style Heading6 "$($Template.DisplayName) ACL" {
- Paragraph "The following section provides $($Template.DisplayName) certificate templates Access Control List."
- BlankLine
- $OutObj = @()
- $Rights = Get-CertificateTemplateAcl -Template $Template.Name | Select-Object -ExpandProperty Access
- foreach ($Right in $Rights) {
+ Section -Style Heading6 "$($CA.Name)" {
+ foreach ($Template in $Templates) {
+ try {
+ $Rights = Get-CertificateTemplateAcl -Template $Template.Name | Select-Object -ExpandProperty Access
+ if ($Rights) {
+ Section -Style Heading6 "$($Template.DisplayName)" {
+ $OutObj = @()
+ foreach ($Right in $Rights) {
+ try {
$inObj = [ordered] @{
'Identity' = $Right.IdentityReference
'Access Control Type' = $Right.AccessControlType
@@ -91,68 +82,73 @@ function Get-AbrADCATemplate {
}
$OutObj += [pscustomobject]$inobj
}
- $TableParams = @{
- Name = "Certificate Template ACL - $($Template.DisplayName)"
- List = $false
- ColumnWidths = 40, 12, 30, 18
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Templates ACL Item)"
}
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
+ $TableParams = @{
+ Name = "Certificate Template ACL - $($Template.DisplayName)"
+ List = $false
+ ColumnWidths = 40, 12, 30, 18
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Identity' | Table @TableParams
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Templates ACL)"
- }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Templates ACL Table)"
}
}
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Issued Certificate Template ACLs Section)"
+ }
}
- }
- if ($InfoLevel.CA -ge 2) {
- try {
- Section -Style Heading5 "Certificate Template In Active Directory" {
- Paragraph "The following section provides registered certificate templates from Active Directory."
- BlankLine
- if ($ForestInfo) {
- $OutObj = @()
- Write-PscriboMessage "Discovering Active Directory Certification Authority information on $($ForestInfo.toUpper())."
- $Templates = Get-CertificateTemplate
- Write-PscriboMessage "Discovered '$(($Templates | Measure-Object).Count)' Certification Authority Template in domain $ForestInfo."
- foreach ($Template in $Templates) {
- try {
- Write-PscriboMessage "Collecting AD Certification Authority Certificate Template information from $ForestInfo."
- $inObj = [ordered] @{
- 'Template Name' = $Template.DisplayName
- 'Schema Version' = $Template.SchemaVersion
- 'Supported CA' = $Template.SupportedCA
- 'Autoenrollment' = ConvertTo-TextYN $Template.AutoenrollmentAllowed
+ if ($InfoLevel.CA -ge 2) {
+ try {
+ $Templates = Get-CertificateTemplate
+ if ($Templates) {
+ Section -Style Heading5 "Certificate Template In Active Directory" {
+ Paragraph "The following section provides registered certificate templates from Active Directory."
+ BlankLine
+ $OutObj = @()
+ Write-PscriboMessage "Discovered '$(($Templates | Measure-Object).Count)' Certification Authority Template in domain $ForestInfo."
+ foreach ($Template in $Templates) {
+ try {
+ Write-PscriboMessage "Collecting $($Template.DisplayName) Certificate Template In Active Directory."
+ $inObj = [ordered] @{
+ 'Template Name' = $Template.DisplayName
+ 'Schema Version' = $Template.SchemaVersion
+ 'Supported CA' = $Template.SupportedCA
+ 'Autoenrollment' = ConvertTo-TextYN $Template.AutoenrollmentAllowed
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Template In Active Directory Item)"
}
- $OutObj += [pscustomobject]$inobj
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Templates in AD)"
}
- }
- $TableParams = @{
- Name = "Certificate Template in AD - $($ForestInfo.toUpper())"
- List = $false
- ColumnWidths = 40, 12, 30, 18
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Certificate Template in AD - $($ForestInfo.toUpper())"
+ List = $false
+ ColumnWidths = 40, 12, 30, 18
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Template Name' | Table @TableParams
}
- $OutObj | Sort-Object -Property 'Template Name' | Table @TableParams
}
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Access Control List Global)"
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Certificate Template In Active Directory Table)"
+ }
}
}
}
diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1
index e530cb0..9263fab 100644
--- a/Src/Private/Get-AbrADDCDiag.ps1
+++ b/Src/Private/Get-AbrADDCDiag.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDCDiag {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -36,28 +36,35 @@ function Get-AbrADDCDiag {
try {
Write-PscriboMessage "Discovering Active Directory DCDiag information for DC $DC."
$DCDIAG = Invoke-DcDiag -DomainController $DC
- Write-PscriboMessage "Discovered Active Directory DCDiag information for DC $DC."
- foreach ($Result in $DCDIAG) {
- Write-PscriboMessage "Collecting Active Directory DCDiag test '$($Result.TestName)' for DC $DC."
- $inObj = [ordered] @{
- 'DC Name' = $DC
- 'Test Name' = $Result.TestName
- 'Result' = $Result.TestResult
+ if ($DCDIAG) {
+ Write-PscriboMessage "Discovered Active Directory DCDiag information for DC $DC."
+ foreach ($Result in $DCDIAG) {
+ try {
+ Write-PscriboMessage "Collecting Active Directory DCDiag test '$($Result.TestName)' for DC $DC."
+ $inObj = [ordered] @{
+ 'DC Name' = $DC
+ 'Test Name' = $Result.TestName
+ 'Result' = $Result.TestResult
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
- $OutObj += [pscustomobject]$inobj
- }
- if ($HealthCheck.DomainController.Diagnostic) {
- $OutObj | Where-Object { $_.'Result' -like 'failed'} | Set-Style -Style Critical -Property 'Result'
- }
- $TableParams = @{
- Name = "AD Domain Controller DCDiag Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 35, 35, 30
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ if ($HealthCheck.DomainController.Diagnostic) {
+ $OutObj | Where-Object { $_.'Result' -like 'failed'} | Set-Style -Style Critical -Property 'Result'
+ }
+ $TableParams = @{
+ Name = "Domain Controller DCDiag - $($DC.ToString().split('.')[0].ToUpper())"
+ List = $false
+ ColumnWidths = 35, 35, 30
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Test Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
catch {
Write-PscriboMessage -IsWarning $_.Exception.Message
diff --git a/Src/Private/Get-AbrADDCRoleFeature.ps1 b/Src/Private/Get-AbrADDCRoleFeature.ps1
index 313c19a..821c894 100644
--- a/Src/Private/Get-AbrADDCRoleFeature.ps1
+++ b/Src/Private/Get-AbrADDCRoleFeature.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDCRoleFeature {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -42,17 +42,22 @@ function Get-AbrADDCRoleFeature {
$Features = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-WindowsFeature | Where-Object {$_.installed -eq "True"}}
Remove-PSSession -Session $DCPssSession
foreach ($Feature in $Features) {
- Write-PscriboMessage "Collecting DC Role & Features: $($Feature.DisplayName) on $DC."
- $inObj = [ordered] @{
- 'Name' = $Feature.DisplayName
- 'Parent' = $Feature.FeatureType
- 'InstallState' = $Feature.Description
+ try {
+ Write-PscriboMessage "Collecting DC Role & Features: $($Feature.DisplayName) on $DC."
+ $inObj = [ordered] @{
+ 'Name' = $Feature.DisplayName
+ 'Parent' = $Feature.FeatureType
+ 'InstallState' = $Feature.Description
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Role & Features Item)"
}
- $OutObj += [pscustomobject]$inobj
}
$TableParams = @{
- Name = "Domain Controller Role & Features Information."
+ Name = "Role & Features - $($DC.ToString().split('.')[0].ToUpper())"
List = $false
ColumnWidths = 20, 10, 70
}
@@ -64,7 +69,7 @@ function Get-AbrADDCRoleFeature {
}
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Role & Features)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Role & Features Section)"
}
}
diff --git a/Src/Private/Get-AbrADDHCPInfrastructure.ps1 b/Src/Private/Get-AbrADDHCPInfrastructure.ps1
index fab966b..9eabca0 100644
--- a/Src/Private/Get-AbrADDHCPInfrastructure.ps1
+++ b/Src/Private/Get-AbrADDHCPInfrastructure.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPInfrastructure {
.DESCRIPTION
.NOTES
- Version: 0.6.1
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -31,138 +31,132 @@ function Get-AbrADDHCPInfrastructure {
}
process {
- Section -Style Heading5 'DHCP Servers In Active Directory' {
- Paragraph "The following section provides a summary of the DHCP servers information on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- try {
- $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
- if ($DHCPinDC) {Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."}
- foreach ($DHCPServers in $DHCPinDC) {
- Write-PScriboMessage "Collecting DHCP Server Setting information from $($DHCPServers.DnsName.split(".", 2)[0])"
- $Setting = Invoke-Command -Session $Session { Get-DhcpServerSetting -ComputerName ($using:DHCPServers).DnsName }
- $inObj = [ordered] @{
- 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
- 'IP Address' = $DHCPServers.IPAddress
- 'Domain Name' = $DHCPServers.DnsName.Split(".", 2)[1]
- 'Domain Joined' = ConvertTo-TextYN $Setting.IsDomainJoined
- 'Authorized' = ConvertTo-TextYN $Setting.IsAuthorized
- 'Conflict Detection Attempts' = $Setting.ConflictDetectionAttempts
+ try {
+ $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
+ if ($DHCPinDC) {
+ Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."
+ Section -Style Heading5 'DHCP Servers In Active Directory' {
+ Paragraph "The following section provides a summary of the DHCP servers information on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ foreach ($DHCPServer in $DHCPinDC) {
+ try {
+ Write-PScriboMessage "Collecting DHCP Server Setting information from $($DHCPServer.DnsName.split(".", 2)[0])"
+ $Setting = Invoke-Command -Session $Session { Get-DhcpServerSetting -ComputerName ($using:DHCPServer).DnsName }
+ $inObj = [ordered] @{
+ 'DC Name' = $DHCPServer.DnsName.Split(".", 2)[0]
+ 'IP Address' = $DHCPServer.IPAddress
+ 'Domain Name' = $DHCPServer.DnsName.Split(".", 2)[1]
+ 'Domain Joined' = ConvertTo-TextYN $Setting.IsDomainJoined
+ 'Authorized' = ConvertTo-TextYN $Setting.IsAuthorized
+ 'Conflict Detection Attempts' = $Setting.ConflictDetectionAttempts
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DHCP Servers In Active Directory Item)"
}
- $OutObj += [pscustomobject]$inobj
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DHCP Servers In Active Directory)"
-
+ if ($HealthCheck.DHCP.BP) {
+ $OutObj | Where-Object { $_.'Conflict Detection Attempts' -eq 0} | Set-Style -Style Warning -Property 'Conflict Detection Attempts'
+ $OutObj | Where-Object { $_.'Authorized' -eq 'No'} | Set-Style -Style Warning -Property 'Authorized'
}
- }
-
- if ($HealthCheck.DHCP.BP) {
- $OutObj | Where-Object { $_.'Conflict Detection Attempts' -eq 0} | Set-Style -Style Warning -Property 'Conflict Detection Attempts'
- $OutObj | Where-Object { $_.'Authorized' -eq 'No'} | Set-Style -Style Warning -Property 'Authorized'
- }
- $TableParams = @{
- Name = "DHCP Servers In Active Directory Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 20, 15, 20, 15, 15 ,15
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
-
- Section -Style Heading6 'Service Database' {
- Paragraph "The following section provides a summary of the DHCP servers service database information on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
+ $TableParams = @{
+ Name = "DHCP Servers In Active Directory - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 15, 20, 15, 15 ,15
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
try {
- Write-PscriboMessage "Discovering Active Directory DHCP Servers information on $($Domain)."
- $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
- if ($DHCPinDC) {Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."}
- foreach ($DHCPServers in $DHCPinDC) {
- Write-PScriboMessage "Collecting DHCP Server database information from $($DHCPServers.DnsName.split(".", 2)[0])"
- $Setting = Invoke-Command -Session $Session { Get-DhcpServerDatabase -ComputerName ($using:DHCPServers).DnsName }
- $inObj = [ordered] @{
- 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
- 'File Path' = ConvertTo-EmptyToFiller $Setting.FileName
- 'Backup Path' = ConvertTo-EmptyToFiller $Setting.BackupPath
- 'Backup Interval' = switch ($Setting.BackupInterval) {
- "" {"-"; break}
- $NULL {"-"; break}
- default {"$($Setting.BackupInterval) min"}
+ Section -Style Heading6 'Service Database' {
+ $OutObj = @()
+ foreach ($DHCPServer in $DHCPinDC) {
+ try {
+ Write-PScriboMessage "Collecting DHCP Server database information from $($DHCPServer.DnsName.split(".", 2)[0])"
+ $Setting = Invoke-Command -Session $Session { Get-DhcpServerDatabase -ComputerName ($using:DHCPServer).DnsName }
+ $inObj = [ordered] @{
+ 'DC Name' = $DHCPServer.DnsName.Split(".", 2)[0]
+ 'File Path' = ConvertTo-EmptyToFiller $Setting.FileName
+ 'Backup Path' = ConvertTo-EmptyToFiller $Setting.BackupPath
+ 'Backup Interval' = switch ($Setting.BackupInterval) {
+ "" {"-"; break}
+ $NULL {"-"; break}
+ default {"$($Setting.BackupInterval) min"}
+ }
+ 'Logging Enabled' = Switch ($Setting.LoggingEnabled) {
+ "" {"-"; break}
+ $Null {"-"; break}
+ default {ConvertTo-TextYN $Setting.LoggingEnabled}
+ }
+ }
+ $OutObj += [pscustomobject]$inobj
}
- 'Logging Enabled' = Switch ($Setting.LoggingEnabled) {
- "" {"-"; break}
- $Null {"-"; break}
- default {ConvertTo-TextYN $Setting.LoggingEnabled}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Service Database Item)"
}
}
- $OutObj += [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "DHCP Servers Database - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 28, 28, 12, 12
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
}
catch {
-
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Service Database)"
-
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Service Database Table)"
}
- }
+ try {
+ Section -Style Heading6 'Dynamic DNS credentials' {
+ $OutObj = @()
+ foreach ($DHCPServer in $DHCPinDC) {
+ try{
+ Write-PScriboMessage "Collecting DHCP Server Dynamic DNS Credentials information from $($DHCPServer.DnsName.split(".", 2)[0])"
+ $Setting = Invoke-Command -Session $Session { Get-DhcpServerDnsCredential -ComputerName ($using:DHCPServer).DnsName }
+ $inObj = [ordered] @{
+ 'DC Name' = $DHCPServer.DnsName.Split(".", 2)[0]
+ 'User Name' = ConvertTo-EmptyToFiller $Setting.UserName
+ 'Domain Name' = ConvertTo-EmptyToFiller $Setting.DomainName
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Dynamic DNS credentials Item)"
+ }
+ }
- $TableParams = @{
- Name = "DHCP Servers Database Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 20, 28, 28, 12, 12
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- }
+ if ($HealthCheck.DHCP.BP) {
+ $OutObj | Where-Object { $_.'User Name' -eq "-"} | Set-Style -Style Warning -Property 'User Name','Domain Name'
+ }
- Section -Style Heading6 'Dynamic DNS credentials' {
- Paragraph "The following section provides a summary of the DHCP Servers Dynamic DNS registration credentials information on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- try {
- Write-PscriboMessage "Discovering Active Directory DHCP Servers information on $($Domain)."
- $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
- if ($DHCPinDC) {Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."}
- foreach ($DHCPServers in $DHCPinDC) {
- Write-PScriboMessage "Collecting DHCP Server Dynamic DNS Credentials information from $($DHCPServers.DnsName.split(".", 2)[0])"
- $Setting = Invoke-Command -Session $Session { Get-DhcpServerDnsCredential -ComputerName ($using:DHCPServers).DnsName }
- $inObj = [ordered] @{
- 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
- 'User Name' = ConvertTo-EmptyToFiller $Setting.UserName
- 'Domain Name' = ConvertTo-EmptyToFiller $Setting.DomainName
+ $TableParams = @{
+ Name = "DHCP Servers Dynamic DNS Credentials - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 30, 30, 40
}
- $OutObj += [pscustomobject]$inobj
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
}
catch {
-
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Dynamic DNS credentials)"
-
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Dynamic DNS credentials Table)"
}
}
- if ($HealthCheck.DHCP.BP) {
- $OutObj | Where-Object { $_.'User Name' -eq "-"} | Set-Style -Style Warning -Property 'User Name','Domain Name'
- }
-
- $TableParams = @{
- Name = "DHCP Servers Dynamic DNS Credentials Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 30, 30, 40
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DHCP Servers In Active Directory Section)"
+ }
}
end {}
diff --git a/Src/Private/Get-AbrADDHCPv4PerScopeSetting.ps1 b/Src/Private/Get-AbrADDHCPv4PerScopeSetting.ps1
index 902ee2f..73075da 100644
--- a/Src/Private/Get-AbrADDHCPv4PerScopeSetting.ps1
+++ b/Src/Private/Get-AbrADDHCPv4PerScopeSetting.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv4PerScopeSetting {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -32,15 +32,14 @@ function Get-AbrADDHCPv4PerScopeSetting {
}
process {
- Section -Style Heading6 "$Scope Scope Options Configuration" {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope Server Options information."
- BlankLine
- $OutObj = @()
- if ($Server) {
- try {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4OptionValue -ComputerName $using:Server -ScopeId $using:Scope}
- Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes server opions on $($Server)."
- foreach ($Option in $DHCPScopeOptions) {
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4OptionValue -ComputerName $using:Server -ScopeId $using:Scope}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "$Scope Scope Options" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope Server Options information."
+ BlankLine
+ $OutObj = @()
+ foreach ($Option in $DHCPScopeOptions) {
+ try {
Write-PscriboMessage "Collecting DHCP Server IPv4 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
$inObj = [ordered] @{
'Name' = $Option.Name
@@ -50,24 +49,22 @@ function Get-AbrADDHCPv4PerScopeSetting {
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scope Options Item)"
+ }
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scope Options Configuration)"
+ $TableParams = @{
+ Name = "IPv4 Scopes Options - $Scope"
+ List = $false
+ ColumnWidths = 40, 15, 20, 25
}
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Option Id' | Table @TableParams
}
-
- $TableParams = @{
- Name = "IPv4 Scopes Options Information - $Scope"
- List = $false
- ColumnWidths = 40, 15, 20, 25
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
-
}
end {}
diff --git a/Src/Private/Get-AbrADDHCPv4Scope.ps1 b/Src/Private/Get-AbrADDHCPv4Scope.ps1
index 81b10c6..0437568 100644
--- a/Src/Private/Get-AbrADDHCPv4Scope.ps1
+++ b/Src/Private/Get-AbrADDHCPv4Scope.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv4Scope {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -31,14 +31,14 @@ function Get-AbrADDHCPv4Scope {
}
process {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv4 Scopes" {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope information."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- try {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4Scope -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' DHCP SCopes in $($Server)."
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4Scope -ComputerName $using:Server}
+ Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' DHCP SCopes in $($Server)."
+ if ($DHCPScopes) {
+ Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv4 Scopes" {
+ Paragraph "The following section provides detailed information of the IPv4 Scope configuration."
+ BlankLine
+ $OutObj = @()
foreach ($Scope in $DHCPScopes) {
Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.ScopeId) Scope from $($Server.split(".", 2)[0])"
$SubnetMask = Convert-IpAddressToMaskLength $Scope.SubnetMask
@@ -54,150 +54,154 @@ function Get-AbrADDHCPv4Scope {
}
$OutObj += [pscustomobject]$inobj
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Summary)"
- }
- }
-
- $TableParams = @{
- Name = "IPv4 Scopes Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 20, 20, 35, 15, 10
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- try {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv4 Scope Statistics" {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope Statistics information."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4ScopeStatistics -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' scopes in $($Server)."
- foreach ($Scope in $DHCPScopes) {
- Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.ScopeId) scope statistics from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'Scope Id' = $Scope.ScopeId
- 'Free IP' = $Scope.Free
- 'In Use IP' = $Scope.InUse
- 'Percentage In Use' = [math]::Round($Scope.PercentageInUse, 0)
- 'Reserved IP' = $Scope.Reserved
- }
- $OutObj += [pscustomobject]$inobj
- }
- }
-
- if ($HealthCheck.DHCP.Statistics) {
- $OutObj | Where-Object { $_.'Percentage In Use' -gt '95'} | Set-Style -Style Warning -Property 'Percentage In Use'
- }
$TableParams = @{
- Name = "IPv4 Scope Statistics Information - $($Server.split(".", 2).ToUpper()[0])"
+ Name = "IPv4 Scopes - $($Server.split(".", 2).ToUpper()[0])"
List = $false
- ColumnWidths = 20, 20, 20, 20, 20
+ ColumnWidths = 20, 20, 35, 15, 10
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
- }
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Statistics)"
- }
- try {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv4 Scope Failover" {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope Failover information."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4Failover -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' failover setting in $($Server)."
- foreach ($Scope in $DHCPScopes) {
- Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.ScopeId) scope failover setting from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'DHCP Server' = $Server
- 'Partner DHCP Server' = $Scope.PartnerServer
- 'Mode' = $Scope.Mode
- 'LoadBalance Percent' = ConvertTo-EmptyToFiller ([math]::Round($Scope.LoadBalancePercent, 0))
- 'Server Role' = ConvertTo-EmptyToFiller $Scope.ServerRole
- 'Reserve Percent' = ConvertTo-EmptyToFiller ([math]::Round($Scope.ReservePercent, 0))
- 'Max Client Lead Time' = ConvertTo-EmptyToFiller $Scope.MaxClientLeadTime
- 'State Switch Interval' = ConvertTo-EmptyToFiller $Scope.StateSwitchInterval
- 'Scope Ids' = $Scope.ScopeId
- 'State' = $Scope.State
- 'Auto State Transition' = ConvertTo-TextYN $Scope.AutoStateTransition
- 'Authetication Enable' = ConvertTo-TextYN $Scope.EnableAuth
+ $OutObj | Sort-Object -Property 'Scope Id' | Table @TableParams
+
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4ScopeStatistics -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "IPv4 Scope Statistics" {
+ $OutObj = @()
+ foreach ($Scope in $DHCPScopes) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.ScopeId) scope statistics from $($Server.split(".", 2)[0])"
+ $inObj = [ordered] @{
+ 'Scope Id' = $Scope.ScopeId
+ 'Free IP' = $Scope.Free
+ 'In Use IP' = $Scope.InUse
+ 'Percentage In Use' = [math]::Round($Scope.PercentageInUse, 0)
+ 'Reserved IP' = $Scope.Reserved
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Statistics Item)"
+ }
+ }
+
+ if ($HealthCheck.DHCP.Statistics) {
+ $OutObj | Where-Object { $_.'Percentage In Use' -gt '95'} | Set-Style -Style Warning -Property 'Percentage In Use'
+ }
+
+ $TableParams = @{
+ Name = "IPv4 Scope Statistics - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 20, 20, 20, 20, 20
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Scope Id' | Table @TableParams
}
- $OutObj += [pscustomobject]$inobj
}
}
-
- if ($HealthCheck.DHCP.BP) {
- $OutObj | Where-Object { $_.'Authetication Enable' -eq 'No'} | Set-Style -Style Warning -Property 'Authetication Enable'
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Statistics Table)"
}
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4Failover -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "IPv4 Scope Failover" {
+ $OutObj = @()
+ Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' failover setting in $($Server)."
+ foreach ($Scope in $DHCPScopes) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.ScopeId) scope failover setting from $($Server.split(".", 2)[0])"
+ $inObj = [ordered] @{
+ 'DHCP Server' = $Server
+ 'Partner DHCP Server' = $Scope.PartnerServer
+ 'Mode' = $Scope.Mode
+ 'LoadBalance Percent' = ConvertTo-EmptyToFiller ([math]::Round($Scope.LoadBalancePercent, 0))
+ 'Server Role' = ConvertTo-EmptyToFiller $Scope.ServerRole
+ 'Reserve Percent' = ConvertTo-EmptyToFiller ([math]::Round($Scope.ReservePercent, 0))
+ 'Max Client Lead Time' = ConvertTo-EmptyToFiller $Scope.MaxClientLeadTime
+ 'State Switch Interval' = ConvertTo-EmptyToFiller $Scope.StateSwitchInterval
+ 'Scope Ids' = $Scope.ScopeId
+ 'State' = $Scope.State
+ 'Auto State Transition' = ConvertTo-TextYN $Scope.AutoStateTransition
+ 'Authetication Enable' = ConvertTo-TextYN $Scope.EnableAuth
+ }
+ $OutObj = [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Failover Item)"
+ }
+ if ($HealthCheck.DHCP.BP) {
+ $OutObj | Where-Object { $_.'Authetication Enable' -eq 'No'} | Set-Style -Style Warning -Property 'Authetication Enable'
+ }
- $TableParams = @{
- Name = "IPv4 Scope Failover Cofiguration Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $true
- ColumnWidths = 40, 60
+ $TableParams = @{
+ Name = "IPv4 Scope Failover Cofiguration - $($Server.split(".", 2).ToUpper()[0])"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ }
+ }
}
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Failover Table)"
}
- $OutObj | Table @TableParams
- }
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Failover)"
- }
- try {
- Section -Style Heading6 " $($Server.ToUpper().split(".", 2)[0]) IPv4 Network Interface Binding" {
- Paragraph "The following section provides a summary of the IPv4 Network Interface binding."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv4Binding -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' bindings in $($Server)."
- foreach ($Scope in $DHCPScopes) {
- Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.InterfaceAlias) binding from $($Server.split(".", 2)[0])"
- $SubnetMask = Convert-IpAddressToMaskLength $Scope.SubnetMask
- $inObj = [ordered] @{
- 'Interface Alias' = $Scope.InterfaceAlias
- 'IP Address' = $Scope.IPAddress
- 'Subnet Mask' = $Scope.SubnetMask
- 'State' = Switch ($Scope.BindingState) {
- "" {"-"; break}
- $Null {"-"; break}
- "True" {"Enabled"}
- "False" {"Disabled"}
- default {$Scope.BindingState}
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session {Get-DhcpServerv4Binding -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "IPv4 Network Interface Binding" {
+ $OutObj = @()
+ foreach ($Scope in $DHCPScopes) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv4 $($Scope.InterfaceAlias) binding from $($Server.split(".", 2)[0])"
+ $SubnetMask = Convert-IpAddressToMaskLength $Scope.SubnetMask
+ $inObj = [ordered] @{
+ 'Interface Alias' = $Scope.InterfaceAlias
+ 'IP Address' = $Scope.IPAddress
+ 'Subnet Mask' = $Scope.SubnetMask
+ 'State' = Switch ($Scope.BindingState) {
+ "" {"-"; break}
+ $Null {"-"; break}
+ "True" {"Enabled"}
+ "False" {"Disabled"}
+ default {$Scope.BindingState}
+ }
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Network Interface binding Item)"
+ }
+ }
+ $TableParams = @{
+ Name = "IPv4 Network Interface binding - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 25, 25, 25, 25
}
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
- $OutObj += [pscustomobject]$inobj
}
}
-
- $TableParams = @{
- Name = "IPv4 Network Interface binding Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 25, 25, 25, 25
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Network Interface binding Table)"
}
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Network Interface binding)"
- }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Scope Summary)"
}
}
-
end {}
-
}
\ No newline at end of file
diff --git a/Src/Private/Get-AbrADDHCPv4ScopeServerSetting.ps1 b/Src/Private/Get-AbrADDHCPv4ScopeServerSetting.ps1
index 3de43f7..f67f0a4 100644
--- a/Src/Private/Get-AbrADDHCPv4ScopeServerSetting.ps1
+++ b/Src/Private/Get-AbrADDHCPv4ScopeServerSetting.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv4ScopeServerSetting {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -31,72 +31,79 @@ function Get-AbrADDHCPv4ScopeServerSetting {
}
process {
- $OutObj = @()
- if ($Server) {
- try {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4OptionValue -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes server opions on $($Server)."
- foreach ($Option in $DHCPScopeOptions) {
- Write-PscriboMessage "Collecting DHCP Server IPv4 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'Name' = $Option.Name
- 'Option Id' = $Option.OptionId
- 'Value' = $Option.Value
- 'Policy Name' = ConvertTo-EmptyToFiller $Option.PolicyName
- }
- $OutObj += [pscustomobject]$inobj
- }
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DHCP scopes server opions)"
- }
- }
-
- $TableParams = @{
- Name = "IPv4 Scopes Server Options Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 40, 15, 20, 25
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- try {
- Section -Style Heading6 "Scope DNS Setting" {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope DNS Setting information."
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4OptionValue -ComputerName $using:Server}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "$($DHCPServer.ToUpper().split(".", 2)[0]) IPv4 Scope Server Options" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope Server Options information."
BlankLine
$OutObj = @()
- if ($Server) {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4DnsSetting -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes dns setting from $($Server)."
- foreach ($Option in $DHCPScopeOptions) {
- Write-PscriboMessage "Collecting DHCP Server IPv4 Scope DNS Setting value from $($Server)."
+ Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes server opions on $($Server)."
+ foreach ($Option in $DHCPScopeOptions) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv4 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
$inObj = [ordered] @{
- 'Dynamic Updates' = $Option.DynamicUpdates
- 'Dns Suffix' = ConvertTo-EmptyToFiller $Option.DnsSuffix
- 'Name Protection' = ConvertTo-EmptyToFiller $Option.NameProtection
- 'Update Dns RR For Older Clients' = ConvertTo-EmptyToFiller $Option.UpdateDnsRRForOlderClients
- 'Disable Dns Ptr RR Update' = ConvertTo-EmptyToFiller $Option.DisableDnsPtrRRUpdate
- 'Delete Dns RR On Lease Expiry' = ConvertTo-EmptyToFiller $Option.DeleteDnsRROnLeaseExpiry
+ 'Name' = $Option.Name
+ 'Option Id' = $Option.OptionId
+ 'Value' = $Option.Value
+ 'Policy Name' = ConvertTo-EmptyToFiller $Option.PolicyName
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DHCP scopes server opions item)"
+ }
}
-
$TableParams = @{
- Name = "IPv4 Scopes DNS Setting Information - $($Server.split(".", 2)[0])"
- List = $true
- ColumnWidths = 40, 60
+ Name = "IPv4 Scopes Server Options - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 40, 15, 20, 25
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
+ $OutObj | Sort-Object -Property 'Option Id' | Table @TableParams
+ try {
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv4DnsSetting -ComputerName $using:Server}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "Scope DNS Setting" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv4 Scope DNS Setting information."
+ BlankLine
+ $OutObj = @()
+ foreach ($Option in $DHCPScopeOptions) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv4 Scope DNS Setting value from $($Server)."
+ $inObj = [ordered] @{
+ 'Dynamic Updates' = $Option.DynamicUpdates
+ 'Dns Suffix' = ConvertTo-EmptyToFiller $Option.DnsSuffix
+ 'Name Protection' = ConvertTo-EmptyToFiller $Option.NameProtection
+ 'Update Dns RR For Older Clients' = ConvertTo-EmptyToFiller $Option.UpdateDnsRRForOlderClients
+ 'Disable Dns Ptr RR Update' = ConvertTo-EmptyToFiller $Option.DisableDnsPtrRRUpdate
+ 'Delete Dns RR On Lease Expiry' = ConvertTo-EmptyToFiller $Option.DeleteDnsRROnLeaseExpiry
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scope DNS Setting Item)"
+ }
+ }
+
+ $TableParams = @{
+ Name = "IPv4 Scopes DNS Setting - $($Server.split(".", 2)[0])"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scope DNS Setting Table)"
+ }
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scope DNS Setting)"
- }
}
end {}
diff --git a/Src/Private/Get-AbrADDHCPv4Statistic.ps1 b/Src/Private/Get-AbrADDHCPv4Statistic.ps1
index 701636a..c3dfc74 100644
--- a/Src/Private/Get-AbrADDHCPv4Statistic.ps1
+++ b/Src/Private/Get-AbrADDHCPv4Statistic.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv4Statistic {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -30,46 +30,48 @@ function Get-AbrADDHCPv4Statistic {
process {
try {
- Section -Style Heading6 'IPv4 Service Statistics' {
- Paragraph "The following section provides a summary of the DHCP servers IPv4 Statistics information on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
- if ($DHCPinDC) {Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."}
- foreach ($DHCPServers in $DHCPinDC) {
- Write-PScriboMessage "Collecting DHCP Server IPv4 Statistics from $($DHCPServers.DnsName.split(".", 2)[0])"
- $Setting = Invoke-Command -Session $Session { Get-DhcpServerv4Statistics -ComputerName ($using:DHCPServers).DnsName }
- $inObj = [ordered] @{
- 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
- 'Total Scopes' = ConvertTo-EmptyToFiller $Setting.TotalScopes
- 'Total Addresses' = ConvertTo-EmptyToFiller $Setting.TotalAddresses
- 'Addresses In Use' = ConvertTo-EmptyToFiller $Setting.AddressesInUse
- 'Addresses Available' = ConvertTo-EmptyToFiller $Setting.AddressesAvailable
- 'Percentage In Use' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageInUse, 0))
- 'Percentage Available' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageAvailable, 0))
+ $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
+ if ($DHCPinDC) {
+ Section -Style Heading6 'IPv4 Service Statistics' {
+ Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."
+ $OutObj = @()
+ try {
+ foreach ($DHCPServers in $DHCPinDC) {
+ Write-PScriboMessage "Collecting DHCP Server IPv4 Statistics from $($DHCPServers.DnsName.split(".", 2)[0])"
+ $Setting = Invoke-Command -Session $Session { Get-DhcpServerv4Statistics -ComputerName ($using:DHCPServers).DnsName }
+ $inObj = [ordered] @{
+ 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
+ 'Total Scopes' = ConvertTo-EmptyToFiller $Setting.TotalScopes
+ 'Total Addresses' = ConvertTo-EmptyToFiller $Setting.TotalAddresses
+ 'Addresses In Use' = ConvertTo-EmptyToFiller $Setting.AddressesInUse
+ 'Addresses Available' = ConvertTo-EmptyToFiller $Setting.AddressesAvailable
+ 'Percentage In Use' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageInUse, 0))
+ 'Percentage Available' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageAvailable, 0))
+ }
+ $OutObj += [pscustomobject]$inobj
}
- $OutObj += [pscustomobject]$inobj
}
- }
-
- if ($HealthCheck.DHCP.Statistics) {
- $OutObj | Where-Object { $_.'Percentage In Use' -gt 95} | Set-Style -Style Warning -Property 'Percentage Available','Percentage In Use'
- }
+ catch {
+ Write-PScriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Service Statistics Item)"
+ }
+ if ($HealthCheck.DHCP.Statistics) {
+ $OutObj | Where-Object { $_.'Percentage In Use' -gt 95} | Set-Style -Style Warning -Property 'Percentage Available','Percentage In Use'
+ }
- $TableParams = @{
- Name = "DHCP Server IPv4 Statistics Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 20, 13, 13, 13, 14 ,13, 14
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "DHCP Server IPv4 Statistics - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 13, 13, 13, 14 ,13, 14
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
}
catch {
- Write-PScriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Service Statistics)"
+ Write-PScriboMessage -IsWarning "$($_.Exception.Message) (IPv4 Service Statistics Table)"
}
}
diff --git a/Src/Private/Get-AbrADDHCPv6PerScopeSetting.ps1 b/Src/Private/Get-AbrADDHCPv6PerScopeSetting.ps1
index f64d6ad..f6e0154 100644
--- a/Src/Private/Get-AbrADDHCPv6PerScopeSetting.ps1
+++ b/Src/Private/Get-AbrADDHCPv6PerScopeSetting.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv6PerScopeSetting {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -32,15 +32,14 @@ function Get-AbrADDHCPv6PerScopeSetting {
}
process {
- Section -Style Heading6 "$Scope Scope Options" {
- Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Server Options information."
- BlankLine
- $OutObj = @()
- if ($Server) {
- try {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6OptionValue -ComputerName $using:Server -Prefix $using:Scope}
- Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes server opions on $($Server)."
- foreach ($Option in $DHCPScopeOptions) {
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6OptionValue -ComputerName $using:Server -Prefix $using:Scope}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "$Scope Scope Options" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Server Options information."
+ BlankLine
+ $OutObj = @()
+ foreach ($Option in $DHCPScopeOptions) {
+ try {
Write-PscriboMessage "Collecting DHCP Server IPv6 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
$inObj = [ordered] @{
'Name' = $Option.Name
@@ -50,23 +49,21 @@ function Get-AbrADDHCPv6PerScopeSetting {
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Options Item)"
+ }
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Options Configuration)"
+ $TableParams = @{
+ Name = "IPv6 Scopes Options - $Scope"
+ List = $false
+ ColumnWidths = 40, 15, 20, 25
}
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Option Id' | Table @TableParams
}
-
- $TableParams = @{
- Name = "IPv6 Scopes Options Information - $Scope"
- List = $false
- ColumnWidths = 40, 15, 20, 25
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
-
}
end {}
diff --git a/Src/Private/Get-AbrADDHCPv6Scope.ps1 b/Src/Private/Get-AbrADDHCPv6Scope.ps1
index 463611e..b2cd336 100644
--- a/Src/Private/Get-AbrADDHCPv6Scope.ps1
+++ b/Src/Private/Get-AbrADDHCPv6Scope.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv6Scope {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -31,15 +31,14 @@ function Get-AbrADDHCPv6Scope {
}
process {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv6 Scopes" {
- Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Configuration."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- try {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6Scope -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' DHCP SCopes in $($Server)."
- foreach ($Scope in $DHCPScopes) {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6Scope -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv6 Scopes" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Configuration."
+ BlankLine
+ $OutObj = @()
+ foreach ($Scope in $DHCPScopes) {
+ try {
Write-PscriboMessage "Collecting DHCP Server IPv6 $($Scope.ScopeId) Scope from $($Server.split(".", 2)[0])"
$inObj = [ordered] @{
'Scope Id' = "$($Scope.Prefix)/$($Scope.PrefixLength)"
@@ -52,98 +51,101 @@ function Get-AbrADDHCPv6Scope {
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Item)"
+ }
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope)"
+
+ $TableParams = @{
+ Name = "IPv6 Scopes - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 30, 30, 20, 20
}
- }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Scope Id' | Table @TableParams
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6ScopeStatistics -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "IPv6 Scope Statistics" {
+ $OutObj = @()
+ foreach ($Scope in $DHCPScopes) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv6 $($Scope.ScopeId) scope statistics from $($Server.split(".", 2)[0])"
+ $inObj = [ordered] @{
+ 'Scope Id' = $Scope.Prefix
+ 'Free IP' = $Scope.AddressesFree
+ 'In Use IP' = $Scope.AddressesInUse
+ 'Percentage In Use' = [math]::Round($Scope.PercentageInUse, 0)
+ 'Reserved IP' = $Scope.ReservedAddress
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Statistics Item)"
+ }
+ }
+ if ($HealthCheck.DHCP.Statistics) {
+ $OutObj | Where-Object { $_.'Percentage In Use' -gt '95'} | Set-Style -Style Warning -Property 'Percentage In Use'
+ }
- $TableParams = @{
- Name = "IPv6 Scopes Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 30, 30, 20, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- try {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv6 Scope Statistics" {
- Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Statistics information."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6ScopeStatistics -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' scopes in $($Server)."
- foreach ($Scope in $DHCPScopes) {
- Write-PscriboMessage "Collecting DHCP Server IPv6 $($Scope.ScopeId) scope statistics from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'Scope Id' = $Scope.Prefix
- 'Free IP' = $Scope.AddressesFree
- 'In Use IP' = $Scope.AddressesInUse
- 'Percentage In Use' = [math]::Round($Scope.PercentageInUse, 0)
- 'Reserved IP' = $Scope.ReservedAddress
+ $TableParams = @{
+ Name = "IPv6 Scope Statistics - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 20, 20, 20, 20, 20
}
- $OutObj += [pscustomobject]$inobj
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Scope Id' | Table @TableParams
}
}
-
- if ($HealthCheck.DHCP.Statistics) {
- $OutObj | Where-Object { $_.'Percentage In Use' -gt '95'} | Set-Style -Style Warning -Property 'Percentage In Use'
- }
-
- $TableParams = @{
- Name = "IPv6 Scope Statistics Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 20, 20, 20, 20, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Statistics)"
- }
- try {
- Section -Style Heading6 "$($Server.ToUpper().split(".", 2)[0]) IPv6 Network Interface Binding" {
- Paragraph "The following section provides a summary of the IPv6 Network Interface Binding."
- BlankLine
- $OutObj = @()
- if ($Server -and $Domain) {
- $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6Binding -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopes | Measure-Object).Count)' bindings in $($Server)."
- foreach ($Scope in $DHCPScopes) {
- Write-PscriboMessage "Collecting DHCP Server IPv6 $($Scope.InterfaceAlias) binding from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'Interface Alias' = $Scope.InterfaceAlias
- 'IP Address' = $Scope.IPAddress
- 'State' = Switch ($Scope.BindingState) {
- "" {"-"; break}
- $Null {"-"; break}
- "True" {"Enabled"}
- "False" {"Disabled"}
- default {$Scope.BindingState}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Statistics Table)"
+ }
+ try {
+ $DHCPScopes = Invoke-Command -Session $Session { Get-DhcpServerv6Binding -ComputerName $using:Server}
+ if ($DHCPScopes) {
+ Section -Style Heading6 "IPv6 Network Interface Binding" {
+ $OutObj = @()
+ foreach ($Scope in $DHCPScopes) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv6 $($Scope.InterfaceAlias) binding from $($Server.split(".", 2)[0])"
+ $inObj = [ordered] @{
+ 'Interface Alias' = $Scope.InterfaceAlias
+ 'IP Address' = $Scope.IPAddress
+ 'State' = Switch ($Scope.BindingState) {
+ "" {"-"; break}
+ $Null {"-"; break}
+ "True" {"Enabled"}
+ "False" {"Disabled"}
+ default {$Scope.BindingState}
+ }
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Network Interface binding item)"
}
}
- $OutObj += [pscustomobject]$inobj
- }
- }
- $TableParams = @{
- Name = "IPv6 Network Interface binding Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 30, 40, 30
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "IPv6 Network Interface binding - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 30, 40, 30
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
}
- $OutObj | Table @TableParams
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Network Interface binding)"
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Network Interface binding table)"
+ }
}
}
}
diff --git a/Src/Private/Get-AbrADDHCPv6ScopeServerSetting.ps1 b/Src/Private/Get-AbrADDHCPv6ScopeServerSetting.ps1
index d3fc6cd..5f98537 100644
--- a/Src/Private/Get-AbrADDHCPv6ScopeServerSetting.ps1
+++ b/Src/Private/Get-AbrADDHCPv6ScopeServerSetting.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv6ScopeServerSetting {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -32,68 +32,74 @@ function Get-AbrADDHCPv6ScopeServerSetting {
process {
$OutObj = @()
- if ($Server) {
- try {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6OptionValue -ComputerName $using:Server}
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6OptionValue -ComputerName $using:Server}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "$($DHCPServer.ToUpper().split(".", 2)[0]) IPv6 Scope Server Options" {
+ Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope Server Options information."
+ BlankLine
Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes server opions on $($Server)."
foreach ($Option in $DHCPScopeOptions) {
- Write-PscriboMessage "Collecting DHCP Server IPv6 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
- $inObj = [ordered] @{
- 'Name' = $Option.Name
- 'Option Id' = $Option.OptionId
- 'Type' = ConvertTo-EmptyToFiller $Option.Type
- 'Value' = $Option.Value
- }
- $OutObj += [pscustomobject]$inobj
- }
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Server Option)"
- }
- }
-
- $TableParams = @{
- Name = "IPv6 Scopes Server Options Information - $($Server.split(".", 2).ToUpper()[0])"
- List = $false
- ColumnWidths = 40, 15, 20, 25
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- try {
- Section -Style Heading6 "Scope DNS Settings" {
- Paragraph "The following section provides a summary of the DHCP servers IPv6 Scope DNS Setting information."
- BlankLine
- $OutObj = @()
- if ($Server) {
- $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6DnsSetting -ComputerName $using:Server}
- Write-PScriboMessage "Discovered '$(($DHCPScopeOptions | Measure-Object).Count)' DHCP scopes dns setting from $($Server)."
- foreach ($Option in $DHCPScopeOptions) {
- Write-PscriboMessage "Collecting DHCP Server IPv6 Scope DNS Setting value from $($Server)."
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv6 Scope Server Option value $($Option.OptionId) from $($Server.split(".", 2)[0])"
$inObj = [ordered] @{
- 'Dynamic Updates' = $Option.DynamicUpdates
- 'Name Protection' = ConvertTo-EmptyToFiller $Option.NameProtection
- 'Delete Dns RR On Lease Expiry' = ConvertTo-EmptyToFiller $Option.DeleteDnsRROnLeaseExpiry
+ 'Name' = $Option.Name
+ 'Option Id' = $Option.OptionId
+ 'Type' = ConvertTo-EmptyToFiller $Option.Type
+ 'Value' = $Option.Value
}
$OutObj += [pscustomobject]$inobj
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope Server Option Item)"
+ }
}
$TableParams = @{
- Name = "IPv6 Scopes DNS Setting Information - $($Server.split(".", 2)[0])"
- List = $true
- ColumnWidths = 40, 60
+ Name = "IPv6 Scopes Server Options - $($Server.split(".", 2).ToUpper()[0])"
+ List = $false
+ ColumnWidths = 40, 15, 20, 25
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
+ $OutObj | Sort-Object -Property 'Option Id' | Table @TableParams
+ try {
+ $DHCPScopeOptions = Invoke-Command -Session $Session { Get-DhcpServerv6DnsSetting -ComputerName $using:Server}
+ if ($DHCPScopeOptions) {
+ Section -Style Heading6 "Scope DNS Settings" {
+ $OutObj = @()
+ foreach ($Option in $DHCPScopeOptions) {
+ try {
+ Write-PscriboMessage "Collecting DHCP Server IPv6 Scope DNS Setting value from $($Server)."
+ $inObj = [ordered] @{
+ 'Dynamic Updates' = $Option.DynamicUpdates
+ 'Name Protection' = ConvertTo-EmptyToFiller $Option.NameProtection
+ 'Delete Dns RR On Lease Expiry' = ConvertTo-EmptyToFiller $Option.DeleteDnsRROnLeaseExpiry
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope DNS Setting Item)"
+ }
+ }
+
+ $TableParams = @{
+ Name = "IPv6 Scopes DNS Setting - $($Server.split(".", 2)[0])"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope DNS Setting Table)"
+ }
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Scope DNS Setting)"
- }
}
end {}
diff --git a/Src/Private/Get-AbrADDHCPv6Statistic.ps1 b/Src/Private/Get-AbrADDHCPv6Statistic.ps1
index ce8d399..5c6c19c 100644
--- a/Src/Private/Get-AbrADDHCPv6Statistic.ps1
+++ b/Src/Private/Get-AbrADDHCPv6Statistic.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDHCPv6Statistic {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -29,46 +29,48 @@ function Get-AbrADDHCPv6Statistic {
}
process {
- Section -Style Heading6 'IPv6 Service Statistics' {
- Paragraph "The following section provides a summary of the DHCP servers IPv6 Statistics information on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- try {
- $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
- if ($DHCPinDC) {Write-PScriboMessage "Discovered '$(($DHCPinDC | Measure-Object).Count)' DHCP Servers in forest $($Domain)."}
+ try {
+ $DHCPinDC = Invoke-Command -Session $Session { Get-DhcpServerInDC | Where-Object {$_.DnsName.split(".", 2)[1] -eq $using:Domain} }
+ if ($DHCPinDC) {
+ Section -Style Heading6 'IPv6 Service Statistics' {
+ $OutObj = @()
foreach ($DHCPServers in $DHCPinDC) {
- Write-PScriboMessage "Collecting DHCP Server IPv6 Statistics from $($DHCPServers.DnsName.split(".", 2)[0])"
- $Setting = Invoke-Command -Session $Session { Get-DhcpServerv6Statistics -ComputerName ($using:DHCPServers).DnsName }
- $inObj = [ordered] @{
- 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
- 'Total Scopes' = ConvertTo-EmptyToFiller $Setting.TotalScopes
- 'Total Addresses' = ConvertTo-EmptyToFiller $Setting.TotalAddresses
- 'Addresses In Use' = ConvertTo-EmptyToFiller $Setting.AddressesInUse
- 'Addresses Available' = ConvertTo-EmptyToFiller $Setting.AddressesAvailable
- 'Percentage In Use' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageInUse, 0))
- 'Percentage Available' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageAvailable, 0))
+ try {
+ Write-PScriboMessage "Collecting DHCP Server IPv6 Statistics from $($DHCPServers.DnsName.split(".", 2)[0])"
+ $Setting = Invoke-Command -Session $Session { Get-DhcpServerv6Statistics -ComputerName ($using:DHCPServers).DnsName }
+ $inObj = [ordered] @{
+ 'DC Name' = $DHCPServers.DnsName.Split(".", 2)[0]
+ 'Total Scopes' = ConvertTo-EmptyToFiller $Setting.TotalScopes
+ 'Total Addresses' = ConvertTo-EmptyToFiller $Setting.TotalAddresses
+ 'Addresses In Use' = ConvertTo-EmptyToFiller $Setting.AddressesInUse
+ 'Addresses Available' = ConvertTo-EmptyToFiller $Setting.AddressesAvailable
+ 'Percentage In Use' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageInUse, 0))
+ 'Percentage Available' = ConvertTo-EmptyToFiller ([math]::Round($Setting.PercentageAvailable, 0))
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Service Statistics Item)"
}
- $OutObj += [pscustomobject]$inobj
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Service Statistics Summary)"
- }
- }
- if ($HealthCheck.DHCP.Statistics) {
- $OutObj | Where-Object { $_.'Percentage In Use' -gt 95} | Set-Style -Style Warning -Property 'Percentage Available','Percentage In Use'
- }
- $TableParams = @{
- Name = "DHCP Server IPv6 Statistics Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 20, 13, 13, 13, 14 ,13, 14
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ if ($HealthCheck.DHCP.Statistics) {
+ $OutObj | Where-Object { $_.'Percentage In Use' -gt 95} | Set-Style -Style Warning -Property 'Percentage Available','Percentage In Use'
+ }
+ $TableParams = @{
+ Name = "DHCP Server IPv6 Statistics - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 13, 13, 13, 14 ,13, 14
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
+ }
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (IPv6 Service Statistics Table)"
}
}
diff --git a/Src/Private/Get-AbrADDNSInfrastructure.ps1 b/Src/Private/Get-AbrADDNSInfrastructure.ps1
index 289be88..57001e2 100644
--- a/Src/Private/Get-AbrADDNSInfrastructure.ps1
+++ b/Src/Private/Get-AbrADDNSInfrastructure.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDNSInfrastructure {
.DESCRIPTION
.NOTES
- Version: 0.6.1
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -30,151 +30,158 @@ function Get-AbrADDNSInfrastructure {
process {
try {
- Section -Style Heading5 "Infrastructure Summary" {
- Paragraph "The following section provides a summary of the DNS Infrastructure configuration."
- BlankLine
- if ($Domain) {
+ $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers}
+ if ($DCs) {
+ Section -Style Heading5 "Infrastructure Summary" {
+ Paragraph "The following section provides a summary of the DNS Infrastructure configuration."
+ BlankLine
$OutObj = @()
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
- foreach ($DC in $DCs) {
- Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)'."
- try {
- $DNSSetting = Invoke-Command -Session $Session {Get-DnsServerSetting -ComputerName $using:DC}
- $inObj = [ordered] @{
- 'DC Name' = $($DC.ToString().ToUpper().Split(".")[0])
- 'Build Number' = ConvertTo-EmptyToFiller $DNSSetting.BuildNumber
- 'IPv6' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.EnableIPv6)
- 'DnsSec' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.EnableDnsSec)
- 'ReadOnly DC' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.IsReadOnlyDC)
- 'Listening IP' = $DNSSetting.ListeningIPAddress
- }
- $OutObj += [pscustomobject]$inobj
- }
- catch {
- Write-PscriboMessage -IsWarning " $($_.Exception.Message) (Infrastructure Summary)"
+ Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"
+ foreach ($DC in $DCs) {
+ Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)'."
+ try {
+ $DNSSetting = Invoke-Command -Session $Session {Get-DnsServerSetting -ComputerName $using:DC}
+ $inObj = [ordered] @{
+ 'DC Name' = $($DC.ToString().ToUpper().Split(".")[0])
+ 'Build Number' = ConvertTo-EmptyToFiller $DNSSetting.BuildNumber
+ 'IPv6' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.EnableIPv6)
+ 'DnsSec' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.EnableDnsSec)
+ 'ReadOnly DC' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $DNSSetting.IsReadOnlyDC)
+ 'Listening IP' = $DNSSetting.ListeningIPAddress
}
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning " $($_.Exception.Message) (Infrastructure Summary)"
}
}
$TableParams = @{
- Name = "DNS Infrastructure Setting Information."
+ Name = "Infrastructure Setting -$($Domain.ToString().ToUpper())"
List = $false
ColumnWidths = 30, 10, 9, 10, 11, 30
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
- }
-
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Domain Controller DNS IP Configuration" {
- Paragraph "The following section provides information of the DNS IP Configuration."
- BlankLine
- if ($Domain) {
- $OutObj = @()
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
- foreach ($DC in $DCs) {
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- Write-PscriboMessage "Collecting DNS IP Configuration information from '$($DC)'."
- try {
- $DNSSettings = Invoke-Command -Session $DCPssSession {Get-NetAdapter | Get-DnsClientServerAddress -AddressFamily IPv4}
- foreach ($DNSSetting in $DNSSettings) {
- $inObj = [ordered] @{
- 'DC Name' = $DC.ToString().ToUpper().Split(".")[0]
- 'Interface' = $DNSSetting.InterfaceAlias
- 'DNS IP 1' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[0]
- 'DNS IP 2' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[1]
- 'DNS IP 3' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[2]
- 'DNS IP 4' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[3]
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
+ #---------------------------------------------------------------------------------------------#
+ # DNS IP Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Domain Controller DNS IP Configuration" {
+ $OutObj = @()
+ Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"
+ foreach ($DC in $DCs) {
+ $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
+ Write-PscriboMessage "Collecting DNS IP Configuration information from $($DC)."
+ try {
+ $DNSSettings = Invoke-Command -Session $DCPssSession {Get-NetAdapter | Get-DnsClientServerAddress -AddressFamily IPv4}
+ Remove-PSSession -Session $DCPssSession
+ foreach ($DNSSetting in $DNSSettings) {
+ try {
+ $inObj = [ordered] @{
+ 'DC Name' = $DC.ToString().ToUpper().Split(".")[0]
+ 'Interface' = $DNSSetting.InterfaceAlias
+ 'DNS IP 1' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[0]
+ 'DNS IP 2' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[1]
+ 'DNS IP 3' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[2]
+ 'DNS IP 4' = ConvertTo-EmptyToFiller $DNSSetting.ServerAddresses[3]
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
- $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DNS IP Configuration Item)"
}
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DNS IP Configuration)"
- }
- }
- if ($HealthCheck.DNS.DP) {
- $OutObj | Where-Object { $_.'DNS IP 1' -eq "127.0.0.1"} | Set-Style -Style Warning -Property 'DNS IP 1'
- }
+ if ($HealthCheck.DNS.DP) {
+ $OutObj | Where-Object { $_.'DNS IP 1' -eq "127.0.0.1"} | Set-Style -Style Warning -Property 'DNS IP 1'
+ }
- $TableParams = @{
- Name = "DNS IP Configuration information."
- List = $false
- ColumnWidths = 20, 20, 15, 15, 15, 15
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "IP Configuration -$($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 20, 15, 15, 15, 15
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DNS IP Configuration Table)"
}
}
- }
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Application Directory Partition" {
- Paragraph "The following section provides a summary of the DNS Application Directory Partition information."
- BlankLine
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ #---------------------------------------------------------------------------------------------#
+ # DNS Aplication Partitions Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Application Directory Partition" {
foreach ($DC in $DCs) {
- Section -Style Heading7 "$($DC.ToString().ToUpper().Split(".")[0]) Directory Partition" {
+ Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Directory Partition" {
Paragraph "The following section provides $($DC.ToString().ToUpper().Split(".")[0]) Directory Partition information."
BlankLine
$OutObj = @()
- Write-PscriboMessage "Collecting Domain Name System Directory Partition information on '$($DC)'."
+ Write-PscriboMessage "Collecting Directory Partition information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerDirectoryPartition -ComputerName $using:DC}
foreach ($Partition in $DNSSetting) {
- $inObj = [ordered] @{
- 'Name' = $Partition.DirectoryPartitionName
- 'State' = ConvertTo-EmptyToFiller $Partition.State
- 'Flags' = $Partition.Flags
- 'Zone Count' = $Partition.ZoneCount
+ try {
+ $inObj = [ordered] @{
+ 'Name' = $Partition.DirectoryPartitionName
+ 'State' = ConvertTo-EmptyToFiller $Partition.State
+ 'Flags' = $Partition.Flags
+ 'Zone Count' = $Partition.ZoneCount
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Directory Partitions Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Directory Partitions Item)"
}
if ($HealthCheck.DNS.DP) {
$OutObj | Where-Object { $_.'State' -ne 0 -and $_.'State' -ne "-"} | Set-Style -Style Warning -Property 'Name','State','Flags','Zone Count'
}
$TableParams = @{
- Name = "DNS Directory Partitions information."
+ Name = "Directory Partitions - $($Domain.ToString().ToUpper())"
List = $false
ColumnWidths = 50, 15, 25, 10
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Sort-Object -Property Name | Table @TableParams
+ $OutObj | Sort-Object -Property 'Name' | Table @TableParams
}
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Directory Partitions Table)"
+ }
}
- }
-
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Response Rate Limiting (RRL)" {
- Paragraph "The following section provides a summary of the DNS Response Rate Limiting configuration."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ #---------------------------------------------------------------------------------------------#
+ # DNS RRL Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Response Rate Limiting (RRL)" {
+ $OutObj = @()
foreach ($DC in $DCs) {
- Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)'."
+ Write-PscriboMessage "Collecting Response Rate Limiting (RRL) information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerResponseRateLimiting -ComputerName $using:DC}
$inObj = [ordered] @{
@@ -190,34 +197,34 @@ function Get-AbrADDNSInfrastructure {
$OutObj += [pscustomobject]$inobj
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Response Rate Limiting (RRL) Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Response Rate Limiting (RRL) Item)"
}
}
- }
- $TableParams = @{
- Name = "DNS Response Rate Limiting configuration."
- List = $false
- ColumnWidths = 30, 10, 12, 12, 12, 12, 12
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Response Rate Limiting - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 30, 10, 12, 12, 12, 12, 12
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Response Rate Limiting (RRL) Table)"
}
}
- }
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Scavenging Options" {
- Paragraph "The following section provides a summary of the DNS Scavenging configuration."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ #---------------------------------------------------------------------------------------------#
+ # DNS Scanvenging Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Scavenging Options" {
+ $OutObj = @()
foreach ($DC in $DCs) {
- Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)'."
+ Write-PscriboMessage "Collecting Scavenging Options information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerScavenging -ComputerName $using:DC}
$inObj = [ordered] @{
@@ -239,34 +246,33 @@ function Get-AbrADDNSInfrastructure {
$OutObj += [pscustomobject]$inobj
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scavenging Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scavenging Item)"
}
}
- }
- $TableParams = @{
- Name = "DNS Scavenging configuration."
- List = $false
- ColumnWidths = 25, 15, 15, 15, 15, 15
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Scavenging - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 15, 15, 15, 15, 15
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Scavenging Table)"
}
}
- }
-
- Section -Style Heading6 "Forwarder Options" {
- Paragraph "The following section provides a summary of the DNS Forwarder configuration."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ #---------------------------------------------------------------------------------------------#
+ # DNS Forwarder Section #
+ #---------------------------------------------------------------------------------------------#
+ try {
+ Section -Style Heading6 "Forwarder Options" {
+ $OutObj = @()
foreach ($DC in $DCs) {
- Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)' (Forwarder Summary)."
+ Write-PscriboMessage "Collecting Forwarder Options information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerForwarder -ComputerName $using:DC}
$Recursion = Invoke-Command -Session $Session {Get-DnsServerRecursion -ComputerName $using:DC | Select-Object -ExpandProperty Enable}
@@ -280,76 +286,80 @@ function Get-AbrADDNSInfrastructure {
$OutObj += [pscustomobject]$inobj
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Forwarder Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Forwarder Item)"
}
}
+ $TableParams = @{
+ Name = "Forwarders - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 35, 15, 15, 15, 20
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
-
- $TableParams = @{
- Name = "DNS Infrastructure Forwarder configuration."
- List = $false
- ColumnWidths = 35, 15, 15, 15, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
- }
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Root Hints" {
- Paragraph "The following section provides a summary of the DNS Root Hints information."
- BlankLine
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Forwarder Table)"
+ }
+ #---------------------------------------------------------------------------------------------#
+ # DNS Root Hints Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Root Hints" {
foreach ($DC in $DCs) {
- Section -Style Heading7 "$($DC.ToString().ToUpper().Split(".")[0]) Root Hints" {
+ Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Root Hints" {
Paragraph "The following section provides $($DC.ToString().ToUpper().Split(".")[0]) Root Hints information."
BlankLine
$OutObj = @()
- Write-PscriboMessage "Collecting Domain Name System Root Hint information on '$($DC)'."
+ Write-PscriboMessage "Collecting Root Hint information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerRootHint -ComputerName $using:DC | Select-Object @{Name="Name"; E={$_.NameServer.RecordData.Nameserver}},@{Name="IPAddress"; E={$_.IPAddress.RecordData.IPv6Address.IPAddressToString,$_.IPAddress.RecordData.IPv4Address.IPAddressToString} }}
foreach ($Hints in $DNSSetting) {
- $inObj = [ordered] @{
- 'Name' = $Hints.Name
- 'IP Address' = (($Hints.IPAddress).Where({ $_ -ne $Null })) -join ", "
+ try {
+ $inObj = [ordered] @{
+ 'Name' = $Hints.Name
+ 'IP Address' = (($Hints.IPAddress).Where({ $_ -ne $Null })) -join ", "
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Root Hints Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Root Hints Item)"
}
$TableParams = @{
- Name = "DNS Root Hints information."
+ Name = "Root Hints - $($Domain.ToString().ToUpper())"
List = $false
ColumnWidths = 50, 50
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Sort-Object -Property Name | Table @TableParams
+ $OutObj | Sort-Object -Property 'Name' | Table @TableParams
}
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Root Hints Table)"
+ }
}
- }
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "Zone Scope Recursion" {
- Paragraph "The following section provides a summary of the DNS Zone Scope Recursion configuration."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- if ($DCs) {Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller on $Domain"}
+ #---------------------------------------------------------------------------------------------#
+ # DNS Zone Scope Section #
+ #---------------------------------------------------------------------------------------------#
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ Section -Style Heading6 "Zone Scope Recursion" {
+ $OutObj = @()
foreach ($DC in $DCs) {
- Write-PscriboMessage "Collecting Domain Name System Infrastructure information on '$($DC)'."
+ Write-PscriboMessage "Collecting Zone Scope Recursion information from $($DC)."
try {
$DNSSetting = Invoke-Command -Session $Session {Get-DnsServerRecursionScope -ComputerName $using:DC}
$inObj = [ordered] @{
@@ -364,27 +374,30 @@ function Get-AbrADDNSInfrastructure {
$OutObj += [pscustomobject]$inobj
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Recursion Summary)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Recursion Item)"
}
}
- }
- $TableParams = @{
- Name = "DNS Zone Scope Recursion configuration."
- List = $false
- ColumnWidths = 35, 25, 20, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Zone Scope Recursion - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 35, 25, 20, 20
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Recursion Table)"
}
}
}
}
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Global DNS Infrastructure)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (DNS Infrastructure Section)"
}
}
diff --git a/Src/Private/Get-AbrADDNSZone.ps1 b/Src/Private/Get-AbrADDNSZone.ps1
index 559fa18..49b17ea 100644
--- a/Src/Private/Get-AbrADDNSZone.ps1
+++ b/Src/Private/Get-AbrADDNSZone.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDNSZone {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -33,16 +33,14 @@ function Get-AbrADDNSZone {
process {
try {
- Section -Style Heading5 "$($DC.ToString().ToUpper().Split(".")[0]) DNS Zone Configuration" {
- Paragraph "The following section provides a summary of the DNS Zone Configuration information."
- BlankLine
- $OutObj = @()
- if ($DC) {
- try {
- Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)"
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -notlike "Forwarder"}}
- foreach ($Zones in $DNSSetting) {
+ $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
+ $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -notlike "Forwarder"}}
+ if ($DNSSetting) {
+ Section -Style Heading5 "$($DC.ToString().ToUpper().Split(".")[0]) DNS Zone Configuration" {
+ $OutObj = @()
+ Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)"
+ foreach ($Zones in $DNSSetting) {
+ try {
Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zones.ZoneName)' on $DC"
$inObj = [ordered] @{
'Zone Name' = ConvertTo-EmptyToFiller $Zones.ZoneName
@@ -55,237 +53,246 @@ function Get-AbrADDNSZone {
}
$OutObj += [pscustomobject]$inobj
}
- Remove-PSSession -Session $DCPssSession
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Name System Zone)"
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Name System Zone Item)"
+ }
}
$TableParams = @{
- Name = "DNS Zone Information."
+ Name = "Zones - $($Domain.ToString().ToUpper())"
List = $false
ColumnWidths = 25, 15, 12, 12, 12, 12, 12
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
- }
-
- if ($InfoLevel.DNS -ge 2) {
- try {
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)"
- $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and ($_.ZoneName -ne "_msdcs.pharmax.local" -and $_.ZoneName -ne "TrustAnchors") -and ($_.ZoneType -like "Primary" -or $_.ZoneType -like "Secondary")} | Select-Object -ExpandProperty ZoneName }
- if ($DNSSetting) {
- Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Zone Delegation" {
- Paragraph "The following section provides a summary of the DNS Zone Delegation information."
- BlankLine
+ $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and ($_.ZoneName -ne "_msdcs.pharmax.local" -and $_.ZoneName -ne "TrustAnchors") -and ($_.ZoneType -like "Primary" -or $_.ZoneType -like "Secondary")} | Select-Object -ExpandProperty ZoneName }
+ if ($DNSSetting) {
$OutObj = @()
foreach ($Zone in $DNSSetting) {
- $Delegations = Invoke-Command -Session $DCPssSession {Get-DnsServerZoneDelegation -Name $using:Zone}
- if ($Delegations) {
- foreach ($Delegation in $Delegations) {
- Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Delegation.ZoneName)' on $DC"
- $inObj = [ordered] @{
- 'Zone Name' = $Delegation.ZoneName
- 'Child Zone' = $Delegation.ChildZoneName
- 'Name Server' = $Delegation.NameServer.RecordData.NameServer
- 'IP Address' = $Delegation.IPaddress.RecordData.IPv4Address.ToString()
+ try {
+ $Delegations = Invoke-Command -Session $DCPssSession {Get-DnsServerZoneDelegation -Name $using:Zone}
+ if ($Delegations) {
+ foreach ($Delegation in $Delegations) {
+ try {
+ Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Delegation.ZoneName)' on $DC"
+ $inObj = [ordered] @{
+ 'Zone Name' = $Delegation.ZoneName
+ 'Child Zone' = $Delegation.ChildZoneName
+ 'Name Server' = $Delegation.NameServer.RecordData.NameServer
+ 'IP Address' = $Delegation.IPaddress.RecordData.IPv4Address.ToString()
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $($_.Exception.Message)
+ }
}
- $OutObj += [pscustomobject]$inobj
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Delegation Item)"
+ }
}
- Remove-PSSession -Session $DCPssSession
-
- $TableParams = @{
- Name = "DNS Zone Delegation Information."
- List = $false
- ColumnWidths = 25, 25, 32, 18
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj | Table @TableParams
+
+ if ($OutObj) {
+ Section -Style Heading6 "Zone Delegation" {
+
+ $TableParams = @{
+ Name = "Zone Delegations - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 25, 32, 18
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams
+ }
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Delegation Table)"
+ }
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Delegation)"
- }
- }
- if ($InfoLevel.DNS -ge 2) {
+ if ($InfoLevel.DNS -ge 2) {
+ try {
+ $DNSSetting = Invoke-Command -Session $DCPssSession {Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones\*" | Get-ItemProperty | Where-Object {$_ -match 'SecondaryServers'}}
+ if ($DNSSetting) {
+ Section -Style Heading6 "Zone Transfers" {
+ $OutObj = @()
+ foreach ($Zone in $DNSSetting) {
+ try {
+ Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zone.PSChildName)' on $DC"
+ $inObj = [ordered] @{
+ 'Zone Name' = $Zone.PSChildName
+ 'Secondary Servers' = ConvertTo-EmptyToFiller ($Zone.SecondaryServers -join ", ")
+ 'Notify Servers' = ConvertTo-EmptyToFiller $Zone.NotifyServers
+ 'Secure Secondaries' = Switch ($Zone.SecureSecondaries) {
+ "0" {"Send zone transfers to all secondary servers that request them."}
+ "1" {"Send zone transfers only to name servers that are authoritative for the zone."}
+ "2" {"Send zone transfers only to servers you specify in Secondary Servers."}
+ "3" {"Do not send zone transfers."}
+ default {$Zone.SecureSecondaries}
+ }
+ }
+ $OutObj = [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "Zone Transfers - $($Zone.PSChildName)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Transfers Item)"
+ }
+ }
+ }
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Transfers Table)"
+ }
+ }
try {
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)"
- $DNSSetting = Invoke-Command -Session $DCPssSession {Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones\*" | Get-ItemProperty | Where-Object {$_ -match 'SecondaryServers'}}
+ $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "True"}}
if ($DNSSetting) {
- Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Zone Transfers" {
- Paragraph "The following section provides a summary of the DNS Zone Transfer information."
- BlankLine
+ Section -Style Heading6 "Reverse Lookup Zone Configuration" {
$OutObj = @()
- foreach ($Zone in $DNSSetting) {
- Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zone.PSChildName)' on $DC"
- $inObj = [ordered] @{
- 'Zone Name' = $Zone.PSChildName
- 'Secondary Servers' = ConvertTo-EmptyToFiller $Zone.SecondaryServers
- 'Notify Servers' = ConvertTo-EmptyToFiller $Zone.NotifyServers
- 'Secure Secondaries' = Switch ($Zone.SecureSecondaries) {
- "0" {"Send zone transfers to all secondary servers that request them."}
- "1" {"Send zone transfers only to name servers that are authoritative for the zone."}
- "2" {"Send zone transfers only to servers you specify in Secondary Servers."}
- "3" {"Do not send zone transfers."}
- default {$Zone.SecureSecondaries}
+ Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC (Domain Name System Zone)"
+ foreach ($Zones in $DNSSetting) {
+ try {
+ Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zones.ZoneName)' on $DC"
+ $inObj = [ordered] @{
+ 'Zone Name' = ConvertTo-EmptyToFiller $Zones.ZoneName
+ 'Zone Type' = ConvertTo-EmptyToFiller $Zones.ZoneType
+ 'Replication Scope' = ConvertTo-EmptyToFiller $Zones.ReplicationScope
+ 'Dynamic Update' = ConvertTo-EmptyToFiller $Zones.DynamicUpdate
+ 'DS Integrated' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsDsIntegrated)
+ 'Read Only' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsReadOnly)
+ 'Signed' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsSigned)
}
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Reverse Lookup Zone Configuration Item)"
}
- $OutObj += [pscustomobject]$inobj
}
- Remove-PSSession -Session $DCPssSession
- $TableParams = @{
- Name = "DNS Zone Transfer Information."
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
+ $TableParams = @{
+ Name = "Zones - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 15, 12, 12, 12, 12, 12
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams
}
}
- Remove-PSSession -Session $DCPssSession
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Transfers)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Reverse Lookup Zone Configuration Table)"
}
- }
- Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Reverse Lookup Zone Configuration" {
- Paragraph "The following section provides a summary of the DNS Reverse Lookup Zone Configuration information."
- BlankLine
- $OutObj = @()
- if ($DC) {
- try {
- Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC (Domain Name System Zone)"
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "True"}}
- foreach ($Zones in $DNSSetting) {
- Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zones.ZoneName)' on $DC"
- $inObj = [ordered] @{
- 'Zone Name' = ConvertTo-EmptyToFiller $Zones.ZoneName
- 'Zone Type' = ConvertTo-EmptyToFiller $Zones.ZoneType
- 'Replication Scope' = ConvertTo-EmptyToFiller $Zones.ReplicationScope
- 'Dynamic Update' = ConvertTo-EmptyToFiller $Zones.DynamicUpdate
- 'DS Integrated' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsDsIntegrated)
- 'Read Only' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsReadOnly)
- 'Signed' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Zones.IsSigned)
+ try {
+ $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -like "Forwarder"}}
+ if ($DNSSetting) {
+ Section -Style Heading5 "Conditional Forwarder" {
+ $OutObj = @()
+ Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Conditional Forwarder )"
+ foreach ($Zones in $DNSSetting) {
+ try {
+ Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zones.ZoneName)' on $DC"
+ $inObj = [ordered] @{
+ 'Zone Name' = $Zones.ZoneName
+ 'Zone Type' = $Zones.ZoneType
+ 'Replication Scope' = $Zones.ReplicationScope
+ 'Master Servers' = $Zones.MasterServers
+ 'DS Integrated' = $Zones.IsDsIntegrated
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Conditional Forwarder Item)"
+ }
}
- $OutObj += [pscustomobject]$inobj
- }
- Remove-PSSession -Session $DCPssSession
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Reverse Lookup Zone Configuration)"
- }
- $TableParams = @{
- Name = "DNS Zone Information."
- List = $false
- ColumnWidths = 25, 15, 12, 12, 12, 12, 12
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- }
- }
-
- Section -Style Heading5 "$($DC.ToString().ToUpper().Split(".")[0]) Conditional Forwarder" {
- Paragraph "The following section provides a summary of the DNS Conditional Forwarder information."
- BlankLine
- $OutObj = @()
- if ($DC) {
- try {
- Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Conditional Forwarder )"
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -like "Forwarder"}}
- foreach ($Zones in $DNSSetting) {
- Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Zones.ZoneName)' on $DC"
- $inObj = [ordered] @{
- 'Zone Name' = $Zones.ZoneName
- 'Zone Type' = $Zones.ZoneType
- 'Replication Scope' = $Zones.ReplicationScope
- 'Master Servers' = $Zones.MasterServers
- 'DS Integrated' = $Zones.IsDsIntegrated
+ $TableParams = @{
+ Name = "Conditional Forwarders - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 20, 20, 20, 15
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
}
- $OutObj += [pscustomobject]$inobj
+ $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams
}
- Remove-PSSession -Session $DCPssSession
}
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Conditional Forwarder)"
- }
-
- $TableParams = @{
- Name = "DNS Conditional Forwarder Information."
- List = $false
- ColumnWidths = 25, 20, 20, 20, 15
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
- Remove-PSSession -Session $DCPssSession
- }
- if ($InfoLevel.DNS -ge 2) {
- Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) Zone Scope Aging Properties" {
- Paragraph "The following section provides a summary of the DNS Zone Aging properties information."
- BlankLine
- $OutObj = @()
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Conditional Forwarder Table)"
+ }
+ if ($InfoLevel.DNS -ge 2) {
try {
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
Write-PscriboMessage "Discovered Actve Directory Domain Controller: $DC. (Domain Name System Zone)"
$DNSSetting = Invoke-Command -Session $DCPssSession {Get-DnsServerZone | Where-Object {$_.IsReverseLookupZone -like "False" -and $_.ZoneType -eq "Primary"} | Select-Object -ExpandProperty ZoneName }
$Zones = Invoke-Command -Session $DCPssSession {Get-DnsServerZoneAging -Name $using:DNSSetting}
- foreach ($Settings in $Zones) {
- Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Settings.ZoneName)' on $DC"
- $inObj = [ordered] @{
- 'Zone Name' = ConvertTo-EmptyToFiller $Settings.ZoneName
- 'Aging Enabled' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Settings.AgingEnabled)
- 'Refresh Interval' = ConvertTo-EmptyToFiller $Settings.RefreshInterval
- 'NoRefresh Interval' = ConvertTo-EmptyToFiller $Settings.NoRefreshInterval
- 'Available For Scavenge' = Switch ($Settings.AvailForScavengeTime) {
- "" {"-"; break}
- $Null {"-"; break}
- default {(ConvertTo-EmptyToFiller ($Settings.AvailForScavengeTime).ToUniversalTime().toString("r")); break}
+ if ($Zones) {
+ Section -Style Heading6 "Zone Scope Aging Properties" {
+ $OutObj = @()
+ foreach ($Settings in $Zones) {
+ try {
+ Write-PscriboMessage "Collecting Actve Directory DNS Zone: '$($Settings.ZoneName)' on $DC"
+ $inObj = [ordered] @{
+ 'Zone Name' = ConvertTo-EmptyToFiller $Settings.ZoneName
+ 'Aging Enabled' = ConvertTo-EmptyToFiller (ConvertTo-TextYN $Settings.AgingEnabled)
+ 'Refresh Interval' = ConvertTo-EmptyToFiller $Settings.RefreshInterval
+ 'NoRefresh Interval' = ConvertTo-EmptyToFiller $Settings.NoRefreshInterval
+ 'Available For Scavenge' = Switch ($Settings.AvailForScavengeTime) {
+ "" {"-"; break}
+ $Null {"-"; break}
+ default {(ConvertTo-EmptyToFiller ($Settings.AvailForScavengeTime).ToUniversalTime().toString("r")); break}
+ }
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Aging Item)"
+ }
+ }
+
+ if ($HealthCheck.DNS.Aging) {
+ $OutObj | Where-Object { $_.'Aging Enabled' -ne 'Yes'} | Set-Style -Style Warning -Property 'Aging Enabled'
+ }
+
+ $TableParams = @{
+ Name = "Zone Aging Properties - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 10, 15, 15, 35
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
}
+ $OutObj | Sort-Object -Property 'Zone Name' | Table @TableParams
}
- $OutObj += [pscustomobject]$inobj
}
- Remove-PSSession -Session $DCPssSession
}
catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Aging)"
- }
-
- if ($HealthCheck.DNS.Aging) {
- $OutObj | Where-Object { $_.'Aging Enabled' -ne 'Yes'} | Set-Style -Style Warning -Property 'Aging Enabled'
- }
-
- $TableParams = @{
- Name = "DNS Zone Aging properties Information."
- List = $false
- ColumnWidths = 25, 10, 15, 15, 35
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Zone Scope Aging Table)"
}
- $OutObj | Table @TableParams
}
}
}
+ Remove-PSSession -Session $DCPssSession
}
catch {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Global DNS Zone Information)"
diff --git a/Src/Private/Get-AbrADDomain.ps1 b/Src/Private/Get-AbrADDomain.ps1
index 79dd36b..d3442e7 100644
--- a/Src/Private/Get-AbrADDomain.ps1
+++ b/Src/Private/Get-AbrADDomain.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDomain {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -33,45 +33,43 @@ function Get-AbrADDomain {
process {
$OutObj = @()
if ($Domain) {
- foreach ($Item in $Domain) {
- try {
- $DomainInfo = Invoke-Command -Session $Session {Get-ADDomain $using:Item -ErrorAction Stop}
- Write-PscriboMessage "Discovered Active Directory Domain information of domain $Domain."
- if ($DomainInfo) {
- Write-PscriboMessage "Collectin Domain information of '$($DomainInfo.Name)'."
- $inObj = [ordered] @{
- 'Domain Name' = $DomainInfo.Name
- 'NetBIOS Name' = $DomainInfo.NetBIOSName
- 'Domain SID' = $DomainInfo.DomainSID
- 'Domain Functional Level' = $DomainInfo.DomainMode
- 'Domains' = ConvertTo-EmptyToFiller $DomainInfo.Domains
- 'Forest' = $DomainInfo.Forest
- 'Parent Domain' = ConvertTo-EmptyToFiller $DomainInfo.ParentDomain
- 'Replica Directory Servers' = $DomainInfo.ReplicaDirectoryServers
- 'Child Domains' = ConvertTo-EmptyToFiller $DomainInfo.ChildDomains
- 'Domain Path' = ConvertTo-ADCanonicalName -DN $DomainInfo.DistinguishedName -Credential $Cred -Domain $Item
- 'Computers Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.ComputersContainer -Credential $Cred -Domain $Item
- 'Domain Controllers Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.DomainControllersContainer -Credential $Cred -Domain $Item
- 'Systems Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.SystemsContainer -Credential $Cred -Domain $Item
- 'Users Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.UsersContainer -Credential $Cred -Domain $Item
- 'ReadOnly Replica Directory Servers' = ConvertTo-EmptyToFiller $DomainInfo.ReadOnlyReplicaDirectoryServers
- }
- $OutObj += [pscustomobject]$inobj
+ try {
+ $DomainInfo = Invoke-Command -Session $Session {Get-ADDomain $using:Domain -ErrorAction Stop}
+ Write-PscriboMessage "Discovered Active Directory Domain information of domain $Domain."
+ if ($DomainInfo) {
+ Write-PscriboMessage "Collecting Domain information of '$($DomainInfo)'."
+ $inObj = [ordered] @{
+ 'Domain Name' = $DomainInfo.Name
+ 'NetBIOS Name' = $DomainInfo.NetBIOSName
+ 'Domain SID' = $DomainInfo.DomainSID
+ 'Domain Functional Level' = $DomainInfo.DomainMode
+ 'Domains' = ConvertTo-EmptyToFiller $DomainInfo.Domains
+ 'Forest' = $DomainInfo.Forest
+ 'Parent Domain' = ConvertTo-EmptyToFiller $DomainInfo.ParentDomain
+ 'Replica Directory Servers' = $DomainInfo.ReplicaDirectoryServers
+ 'Child Domains' = ConvertTo-EmptyToFiller $DomainInfo.ChildDomains
+ 'Domain Path' = ConvertTo-ADCanonicalName -DN $DomainInfo.DistinguishedName -Credential $Cred -Domain $Domain
+ 'Computers Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.ComputersContainer -Credential $Cred -Domain $Domain
+ 'Domain Controllers Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.DomainControllersContainer -Credential $Cred -Domain $Domain
+ 'Systems Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.SystemsContainer -Credential $Cred -Domain $Domain
+ 'Users Container' = ConvertTo-ADCanonicalName -DN $DomainInfo.UsersContainer -Credential $Cred -Domain $Domain
+ 'ReadOnly Replica Directory Servers' = ConvertTo-EmptyToFiller $DomainInfo.ReadOnlyReplicaDirectoryServers
}
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (AD Domain Summary)"
- }
+ $OutObj += [pscustomobject]$inobj
- $TableParams = @{
- Name = "AD Domain Summary Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Domain Summary - $($Domain.ToString().ToUpper())"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
- if ($OutObj) {$OutObj | Table @TableParams}
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (AD Domain Summary)"
}
}
}
diff --git a/Src/Private/Get-AbrADDomainController.ps1 b/Src/Private/Get-AbrADDomainController.ps1
index 9cda877..ec112e8 100644
--- a/Src/Private/Get-AbrADDomainController.ps1
+++ b/Src/Private/Get-AbrADDomainController.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDomainController {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -31,11 +31,11 @@ function Get-AbrADDomainController {
}
process {
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
+ try {
+ $OutObj = @()
+ Write-PscriboMessage "Discovering Active Directory Domain Controller information from $Domain."
+ $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers}
+ if ($DCs) {
foreach ($DC in $DCs) {
Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller in domain $Domain."
try {
@@ -57,30 +57,31 @@ function Get-AbrADDomainController {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Controller Summary)"
}
}
- }
- $TableParams = @{
- Name = "AD Domain Controller Summary Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 25, 25, 15, 10, 10, 15
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Domain Controller Summary - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 25, 25, 15, 10, 10, 15
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Controller Summary)"
}
if ($InfoLevel.Domain -ge 2) {
- Write-PscriboMessage "Collecting AD Domain Controller Hardware information for domain $Domain"
- Section -Style Heading6 'Hardware Inventory' {
- Paragraph "The following section provides a summary of the Domain Controller Hardware for $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller in domain $Domain."
+ try {
+ Write-PscriboMessage "Collecting AD Domain Controller Hardware information for domain $Domain"
+ Section -Style Heading6 'Hardware Inventory' {
+ Paragraph "The following section provides a summary of the Domain Controller Hardware for $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
+ if ($DCs) {
foreach ($DC in $DCs) {
try {
Write-PscriboMessage "Collecting AD Domain Controller Hardware information for $DC."
@@ -116,7 +117,17 @@ function Get-AbrADDomainController {
'Number of Logical Cores' = $HWCPU[0].NumberOfLogicalProcessors
'Physical Memory (GB)' = ConvertTo-FileSizeString $HW.CsTotalPhysicalMemory
}
- $OutObj += [pscustomobject]$inobj
+ $OutObj = [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "Domain Controller Hardware - $($HW.CsDNSHostName.ToString().ToUpper())"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
}
catch {
@@ -124,29 +135,20 @@ function Get-AbrADDomainController {
}
}
}
-
- $TableParams = @{
- Name = "AD Domain Controller Hardware Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Controller Summary)"
+ }
}
- Write-PscriboMessage "Collecting AD Domain Controller NTDS information."
- Section -Style Heading6 'NTDS Information' {
- Paragraph "The following section provides a summary of the Domain Controller NTDS file size on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller in domain $Domain."
+ try {
+ Write-PscriboMessage "Collecting AD Domain Controller NTDS information."
+ Section -Style Heading6 'NTDS Information' {
+ Paragraph "The following section provides a summary of the Domain Controller NTDS file size on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
+ if ($DCs) {
foreach ($DC in $DCs) {
try {
Write-PscriboMessage "Collecting AD Domain Controller NTDS information for $DC."
@@ -171,29 +173,30 @@ function Get-AbrADDomainController {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (NTDS Summary)"
}
}
- }
- $TableParams = @{
- Name = "Domain Controller NTDS Database File Usage Information - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 20, 22, 14, 22, 22
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "NTDS Database File Usage - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 20, 22, 14, 22, 22
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
}
-
- Write-PscriboMessage "Collecting AD Domain Controller Time Source information."
- Section -Style Heading6 'Time Source Information' {
- Paragraph "The following section provides a summary of the Domain Controller Time Source configuration on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (NTDS Summary)"
+ }
+ try {
+ Write-PscriboMessage "Collecting AD Domain Controller Time Source information."
+ Section -Style Heading6 'Time Source Information' {
+ Paragraph "The following section provides a summary of the Domain Controller Time Source configuration on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
+ if ($DCs) {
Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller in domain $Domain."
foreach ($DC in $DCs) {
try {
@@ -203,79 +206,90 @@ function Get-AbrADDomainController {
$SourceType = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\W32Time\Parameters | Select-Object -ExpandProperty 'Type'}
Remove-PSSession -Session $DCPssSession
if ( $NtpServer -and $SourceType ) {
- $inObj = [ordered] @{
- 'Name' = $DC.ToString().ToUpper().Split(".")[0]
- 'Time Server' = Switch ($NtpServer) {
- 'time.windows.com,0x8' {"Domain Hierarchy"}
- 'time.windows.com' {"Domain Hierarchy"}
- '0x8' {"Domain Hierarchy"}
- default {$NtpServer}
- }
- 'Type' = Switch ($SourceType) {
- 'NTP' {"MANUAL (NTP)"}
- 'NT5DS' {"DOMHIER"}
- default {$SourceType}
+ try {
+ $inObj = [ordered] @{
+ 'Name' = $DC.ToString().ToUpper().Split(".")[0]
+ 'Time Server' = Switch ($NtpServer) {
+ 'time.windows.com,0x8' {"Domain Hierarchy"}
+ 'time.windows.com' {"Domain Hierarchy"}
+ '0x8' {"Domain Hierarchy"}
+ default {$NtpServer}
+ }
+ 'Type' = Switch ($SourceType) {
+ 'NTP' {"MANUAL (NTP)"}
+ 'NT5DS' {"DOMHIER"}
+ default {$SourceType}
+ }
}
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
}
catch {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Time Source)"
}
}
- }
- $TableParams = @{
- Name = "Domain Controller Time Source Configuration - $($Domain.ToString().ToUpper())"
- List = $false
- ColumnWidths = 30, 50, 20
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "Time Source Configuration - $($Domain.ToString().ToUpper())"
+ List = $false
+ ColumnWidths = 30, 50, 20
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'DC Name' | Table @TableParams
}
- $OutObj | Table @TableParams
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Time Source)"
+ }
if ($HealthCheck.DomainController.Software) {
- Write-PscriboMessage "Collecting additional software running on the Domain Controller ."
- Section -Style Heading6 'HealthCheck - Installed Software on DC' {
- Paragraph "The following section provides a summary of additional software running on $($Domain.ToString().ToUpper())."
- BlankLine
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
- $DCs = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty ReplicaDirectoryServers}
- Write-PscriboMessage "Discovered '$(($DCs | Measure-Object).Count)' Active Directory Domain Controller in domain $Domain."
+ try {
+ Write-PscriboMessage "Collecting additional software running on the Domain Controller."
+ Section -Style Heading6 'HealthCheck - Installed Software on DC' {
+ Paragraph "The following section provides a summary of additional software running on $($Domain.ToString().ToUpper())."
+ BlankLine
+ Write-PscriboMessage "Discovering Active Directory Domain Controller information in $Domain."
+ if ($DCs) {
foreach ($DC in $DCs) {
try {
- Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) additional software" {
- Paragraph "The following section provides a summary of additional software running on $($DC.ToString().ToUpper().Split(".")[0])."
- BlankLine
- $OutObj = @()
- Write-PscriboMessage "Collecting AD Domain Controller installed software information for $DC."
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $Software = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object {($_.Publisher -notlike "Microsoft*" -and $_.DisplayName -notlike "VMware*") -and ($Null -ne $_.Publisher -or $Null -ne $_.DisplayName)} | Select-Object -Property DisplayName,Publisher,InstallDate | Sort-Object -Property DisplayName}
- Remove-PSSession -Session $DCPssSession
- if ( $Software ) {
+ $OutObj = @()
+ Write-PscriboMessage "Collecting AD Domain Controller installed software information for $DC."
+ $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
+ $Software = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object {($_.Publisher -notlike "Microsoft*" -and $_.DisplayName -notlike "VMware*") -and ($Null -ne $_.Publisher -or $Null -ne $_.DisplayName)} | Select-Object -Property DisplayName,Publisher,InstallDate | Sort-Object -Property DisplayName}
+ Remove-PSSession -Session $DCPssSession
+ if ( $Software ) {
+ Section -Style Heading6 "$($DC.ToString().ToUpper().Split(".")[0]) additional software" {
+ Paragraph "The following section provides a summary of additional software running on $($DC.ToString().ToUpper().Split(".")[0])."
+ BlankLine
foreach ($APP in $Software) {
- $inObj = [ordered] @{
- 'Name' = $APP.DisplayName
- 'Publisher' = $APP.Publisher
- 'Install Date' = $APP.InstallDate
+ try {
+ $inObj = [ordered] @{
+ 'Name' = $APP.DisplayName
+ 'Publisher' = $APP.Publisher
+ 'Install Date' = $APP.InstallDate
+ }
+ $OutObj = [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
+ $TableParams = @{
+ Name = "Installed Software - $($DC.ToString().ToUpper().Split(".")[0])"
+ List = $false
+ ColumnWidths = 34, 33, 33
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Name' | Table @TableParams
}
- $TableParams = @{
- Name = "Installed Software - $($DC.ToString().ToUpper().Split(".")[0])"
- List = $false
- ColumnWidths = 34, 33, 33
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
}
}
catch {
@@ -285,6 +299,9 @@ function Get-AbrADDomainController {
}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning $($_.Exception.Message)
+ }
}
}
diff --git a/Src/Private/Get-AbrADDomainObject.ps1 b/Src/Private/Get-AbrADDomainObject.ps1
index fb95480..8215d01 100644
--- a/Src/Private/Get-AbrADDomainObject.ps1
+++ b/Src/Private/Get-AbrADDomainObject.ps1
@@ -5,7 +5,7 @@ function Get-AbrADDomainObject {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -32,21 +32,21 @@ function Get-AbrADDomainObject {
process {
if ($InfoLevel.Domain -ge 2) {
- Section -Style Heading5 'Domain Object Count' {
- Paragraph "The following section provides a summary of the Active Directory Object Count on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Collecting the Active Directory Object Count of domain $Item."
+ try {
+ Section -Style Heading5 'Domain Object Count' {
+ Paragraph "The following section provides a summary of the Active Directory Object Count on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ if ($Domain) {
+ Write-PscriboMessage "Collecting the Active Directory Object Count of domain $Domain."
try {
$DC = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Select-Object -First 1}
$DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $Computers = Invoke-Command -Session $DCPssSession {(Get-ADComputer -Filter * -Searchbase (Get-ADDomain -Identity $using:Item).distinguishedName) | Measure-Object}
- $Servers = Invoke-Command -Session $DCPssSession {(Get-ADComputer -Filter { OperatingSystem -like "Windows Ser*"} -Property OperatingSystem -Searchbase (Get-ADDomain -Identity $using:Item).distinguishedName) | Measure-Object}
- $Users = Invoke-Command -Session $DCPssSession {(Get-ADUser -filter * -Searchbase (Get-ADDomain -Identity $using:Item).distinguishedName) | Measure-Object}
- $PrivilegedUsers = Invoke-Command -Session $DCPssSession {(Get-ADUser -filter {AdminCount -eq "1"} -Properties AdminCount -Searchbase (Get-ADDomain -Identity $using:Item).distinguishedName) | Measure-Object}
- $Group = Invoke-Command -Session $DCPssSession {(Get-ADGroup -filter * -Searchbase (Get-ADDomain -Identity $using:Item).distinguishedName) | Measure-Object}
+ $Computers = Invoke-Command -Session $DCPssSession {(Get-ADComputer -Filter * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName) | Measure-Object}
+ $Servers = Invoke-Command -Session $DCPssSession {(Get-ADComputer -Filter { OperatingSystem -like "Windows Ser*"} -Property OperatingSystem -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName) | Measure-Object}
+ $Users = Invoke-Command -Session $DCPssSession {(Get-ADUser -filter * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName) | Measure-Object}
+ $PrivilegedUsers = Invoke-Command -Session $DCPssSession {(Get-ADUser -filter {AdminCount -eq "1"} -Properties AdminCount -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName) | Measure-Object}
+ $Group = Invoke-Command -Session $DCPssSession {(Get-ADGroup -filter * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName) | Measure-Object}
$DomainController = Invoke-Command -Session $DCPssSession {(Get-ADDomainController -filter *) | Select-Object name | Measure-Object}
$GC = Invoke-Command -Session $DCPssSession {(Get-ADDomainController -filter {IsGlobalCatalog -eq "True"}) | Select-Object name | Measure-Object}
Remove-PSSession -Session $DCPssSession
@@ -60,111 +60,126 @@ function Get-AbrADDomainObject {
'Groups' = $Group.Count
}
$OutObj += [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "Object Count - $($Domain.ToString().ToUpper())"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
catch {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Object Count)"
}
}
-
- $TableParams = @{
- Name = "Active Directory Object Count Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- if ($OutObj) {$OutObj | Table @TableParams}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Domain Object Count)"
+ }
}
- Section -Style Heading5 'Default Domain Password Policy' {
- Paragraph "The following section provides a summary of the Default Domain Password Policy on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
+ try {
+ Section -Style Heading5 'Default Domain Password Policy' {
+ Paragraph "The following section provides a summary of the Default Domain Password Policy on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ if ($Domain) {
Write-PscriboMessage "Collecting the Active Directory Default Domain Password Policy of domain $Item."
try {
- $PasswordPolicy = Invoke-Command -Session $Session {Get-ADDefaultDomainPasswordPolicy -Identity $using:Item}
- $inObj = [ordered] @{
- 'Domain Name' = $Item
- 'Complexity Enabled' = ConvertTo-TextYN $PasswordPolicy.ComplexityEnabled
- 'Path' = ConvertTo-ADCanonicalName -DN $PasswordPolicy.DistinguishedName -Credential $Cred -Domain $Domain
- 'Lockout Duration' = $PasswordPolicy.LockoutDuration.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Lockout Threshold' = $PasswordPolicy.LockoutThreshold
- 'Lockout Observation Window' = $PasswordPolicy.LockoutObservationWindow.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Max Password Age' = $PasswordPolicy.MaxPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Min Password Age' = $PasswordPolicy.MinPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Min Password Length' = $PasswordPolicy.MinPasswordLength
- 'Password History Count' = $PasswordPolicy.PasswordHistoryCount
- 'Reversible Encryption Enabled' = ConvertTo-TextYN $PasswordPolicy.ReversibleEncryptionEnabled
+ $PasswordPolicy = Invoke-Command -Session $Session {Get-ADDefaultDomainPasswordPolicy -Identity $using:Domain}
+ if ($PasswordPolicy) {
+ $inObj = [ordered] @{
+ 'Domain Name' = $Item
+ 'Complexity Enabled' = ConvertTo-TextYN $PasswordPolicy.ComplexityEnabled
+ 'Path' = ConvertTo-ADCanonicalName -DN $PasswordPolicy.DistinguishedName -Credential $Cred -Domain $Domain
+ 'Lockout Duration' = $PasswordPolicy.LockoutDuration.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Lockout Threshold' = $PasswordPolicy.LockoutThreshold
+ 'Lockout Observation Window' = $PasswordPolicy.LockoutObservationWindow.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Max Password Age' = $PasswordPolicy.MaxPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Min Password Age' = $PasswordPolicy.MinPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Min Password Length' = $PasswordPolicy.MinPasswordLength
+ 'Password History Count' = $PasswordPolicy.PasswordHistoryCount
+ 'Reversible Encryption Enabled' = ConvertTo-TextYN $PasswordPolicy.ReversibleEncryptionEnabled
+ }
+ $OutObj += [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "Default Domain Password Policy - $($Domain.ToString().ToUpper())"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
- $OutObj += [pscustomobject]$inobj
}
catch {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Default Domain Password Policy)"
}
}
-
- $TableParams = @{
- Name = "Default Domain Password Policy Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- if ($OutObj) {$OutObj | Table @TableParams}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning $($_.Exception.Message)
+ }
if ($InfoLevel.Domain -ge 2) {
try {
- Section -Style Heading5 'Fined Grained Password Policies' {
- Paragraph "The following section provides a summary of the Fined Grained Password Policies on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- foreach ($Item in $Domain) {
- Write-PscriboMessage "Collecting the Active Directory Fined Grained Password Policies of domain $Item."
- $DC = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty PDCEmulator}
- $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
- $PasswordPolicy = Invoke-Command -Session $DCPssSession {Get-ADFineGrainedPasswordPolicy -Filter {Name -like "*"} -Properties * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName}
- foreach ($FGPP in $PasswordPolicy) {
- $Accounts = @()
- foreach ($ADObject in $FGPP.AppliesTo) {
- $Accounts += Invoke-Command -Session $DCPssSession {Get-ADObject $using:ADObject -Properties * | Select-Object -ExpandProperty sAMAccountName }
- }
- $inObj = [ordered] @{
- 'Password Setting Name' = $FGPP.Name
- 'Domain Name' = $Item
- 'Complexity Enabled' = ConvertTo-TextYN $FGPP.ComplexityEnabled
- 'Path' = ConvertTo-ADCanonicalName -DN $FGPP.DistinguishedName -Credential $Cred -Domain $Domain
- 'Lockout Duration' = $FGPP.LockoutDuration.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Lockout Threshold' = $FGPP.LockoutThreshold
- 'Lockout Observation Window' = $FGPP.LockoutObservationWindow.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Max Password Age' = $FGPP.MaxPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Min Password Age' = $FGPP.MinPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
- 'Min Password Length' = $FGPP.MinPasswordLength
- 'Password History Count' = $FGPP.PasswordHistoryCount
- 'Reversible Encryption Enabled' = ConvertTo-TextYN $FGPP.ReversibleEncryptionEnabled
- 'Precedence' = $FGPP.Precedence
- 'Applies To' = $Accounts -join ", "
+ if ($Domain) {
+ foreach ($Item in $Domain) {
+ Write-PscriboMessage "Collecting the Active Directory Fined Grained Password Policies of domain $Item."
+ $DC = Invoke-Command -Session $Session {Get-ADDomain -Identity $using:Item | Select-Object -ExpandProperty PDCEmulator}
+ $DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
+ $PasswordPolicy = Invoke-Command -Session $DCPssSession {Get-ADFineGrainedPasswordPolicy -Filter {Name -like "*"} -Properties * -Searchbase (Get-ADDomain -Identity $using:Domain).distinguishedName}
+ if ($PasswordPolicy) {
+ Section -Style Heading5 'Fined Grained Password Policies' {
+ Paragraph "The following section provides a summary of the Fined Grained Password Policies on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ foreach ($FGPP in $PasswordPolicy) {
+ try {
+ $Accounts = @()
+ foreach ($ADObject in $FGPP.AppliesTo) {
+ $Accounts += Invoke-Command -Session $DCPssSession {Get-ADObject $using:ADObject -Properties * | Select-Object -ExpandProperty sAMAccountName }
+ }
+ $inObj = [ordered] @{
+ 'Password Setting Name' = $FGPP.Name
+ 'Domain Name' = $Item
+ 'Complexity Enabled' = ConvertTo-TextYN $FGPP.ComplexityEnabled
+ 'Path' = ConvertTo-ADCanonicalName -DN $FGPP.DistinguishedName -Credential $Cred -Domain $Domain
+ 'Lockout Duration' = $FGPP.LockoutDuration.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Lockout Threshold' = $FGPP.LockoutThreshold
+ 'Lockout Observation Window' = $FGPP.LockoutObservationWindow.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Max Password Age' = $FGPP.MaxPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Min Password Age' = $FGPP.MinPasswordAge.toString("dd' days 'hh' hours 'mm' minutes 'ss' seconds'")
+ 'Min Password Length' = $FGPP.MinPasswordLength
+ 'Password History Count' = $FGPP.PasswordHistoryCount
+ 'Reversible Encryption Enabled' = ConvertTo-TextYN $FGPP.ReversibleEncryptionEnabled
+ 'Precedence' = $FGPP.Precedence
+ 'Applies To' = $Accounts -join ", "
+ }
+ $OutObj = [pscustomobject]$inobj
+
+ $TableParams = @{
+ Name = "Fined Grained Password Policies - $($FGPP.Name)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $($_.Exception.Message)
+ }
}
- $OutObj += [pscustomobject]$inobj
}
- Remove-PSSession -Session $DCPssSession
- }
-
- $TableParams = @{
- Name = "Fined Grained Password Policies Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
}
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- if ($OutObj) {$OutObj | Table @TableParams}
+ Remove-PSSession -Session $DCPssSession
}
}
}
@@ -173,10 +188,7 @@ function Get-AbrADDomainObject {
}
}
if ($InfoLevel.Domain -ge 2) {
- Section -Style Heading5 'Group Managed Service Accounts (GMSA)' {
- Paragraph "The following section provides a summary of the Group Managed Service Accounts on $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
+ try {
if ($Domain) {
foreach ($Item in $Domain) {
Write-PScriboMessage "Collecting the Active Directory Group Managed Service Accounts for $Item."
@@ -185,23 +197,49 @@ function Get-AbrADDomainObject {
$DCPssSession = New-PSSession $DC -Credential $Cred -Authentication Default
Write-PScriboMessage "Collecting the Active Directory Group Managed Service Accounts from DC $DC."
$GMSA = Invoke-Command -Session $DCPssSession {Get-ADServiceAccount -Filter * -Properties *}
- foreach ($Account in $GMSA) {
- $inObj = [ordered] @{
- 'Name' = $Account.Name
- 'SamAccountName' = $Account.SamAccountName
- 'Created' = $Account.Created
- 'Enabled' = ConvertTo-TextYN $Account.Enabled
- 'DNS Host Name' = $Account.DNSHostName
- 'Host Computers' = (ConvertTo-ADObjectName -DN $Account.HostComputers -Session $DCPssSession) -join ", "
- 'Retrieve Managed Password' = (ConvertTo-ADObjectName $Account.PrincipalsAllowedToRetrieveManagedPassword -Session $DCPssSession) -join ", "
- 'Primary Group' = (ConvertTo-ADObjectName $Account.PrimaryGroup -Session $DCPssSession) -join ", "
- 'Last Logon Date' = $Account.LastLogonDate
- 'Locked Out' = ConvertTo-TextYN $Account.LockedOut
- 'Logon Count' = $Account.logonCount
- 'Password Expired' = ConvertTo-TextYN $Account.PasswordExpired
- 'Password Last Set' = $Account.PasswordLastSet
+ if ($GMSA) {
+ Section -Style Heading5 'Group Managed Service Accounts (GMSA)' {
+ Paragraph "The following section provides a summary of the Group Managed Service Accounts on $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ foreach ($Account in $GMSA) {
+ try {
+ $inObj = [ordered] @{
+ 'Name' = $Account.Name
+ 'SamAccountName' = $Account.SamAccountName
+ 'Created' = $Account.Created
+ 'Enabled' = ConvertTo-TextYN $Account.Enabled
+ 'DNS Host Name' = $Account.DNSHostName
+ 'Host Computers' = (ConvertTo-ADObjectName -DN $Account.HostComputers -Session $DCPssSession) -join ", "
+ 'Retrieve Managed Password' = (ConvertTo-ADObjectName $Account.PrincipalsAllowedToRetrieveManagedPassword -Session $DCPssSession) -join ", "
+ 'Primary Group' = (ConvertTo-ADObjectName $Account.PrimaryGroup -Session $DCPssSession) -join ", "
+ 'Last Logon Date' = $Account.LastLogonDate
+ 'Locked Out' = ConvertTo-TextYN $Account.LockedOut
+ 'Logon Count' = $Account.logonCount
+ 'Password Expired' = ConvertTo-TextYN $Account.PasswordExpired
+ 'Password Last Set' = $Account.PasswordLastSet
+ }
+ $OutObj = [pscustomobject]$inobj
+
+ if ($HealthCheck.Domain.GMSA) {
+ $OutObj | Where-Object { $_.'Enabled' -notlike 'Yes'} | Set-Style -Style Warning -Property 'Enabled'
+ }
+
+ $TableParams = @{
+ Name = "Group Managed Service Accounts - $($Account.Name)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Group Managed Service Accounts)"
+ }
+ }
}
- $OutObj += [pscustomobject]$inobj
}
Remove-PSSession -Session $DCPssSession
}
@@ -209,22 +247,11 @@ function Get-AbrADDomainObject {
Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Group Managed Service Accounts)"
}
}
-
- if ($HealthCheck.Domain.GMSA) {
- $OutObj | Where-Object { $_.'Enabled' -notlike 'Yes'} | Set-Style -Style Warning -Property 'Enabled'
- }
-
- $TableParams = @{
- Name = "Group Managed Service Accounts Information - $($Domain.ToString().ToUpper())"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- if ($OutObj) {$OutObj | Table @TableParams}
}
}
+ catch {
+ Write-PscriboMessage -IsWarning $($_.Exception.Message)
+ }
}
}
diff --git a/Src/Private/Get-AbrADFSMO.ps1 b/Src/Private/Get-AbrADFSMO.ps1
index b3d1c90..49e5cd8 100644
--- a/Src/Private/Get-AbrADFSMO.ps1
+++ b/Src/Private/Get-AbrADFSMO.ps1
@@ -5,7 +5,7 @@ function Get-AbrADFSMO {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -29,39 +29,44 @@ function Get-AbrADFSMO {
}
process {
- Section -Style Heading5 'Flexible Single Master Operations (FSMO)' {
- Paragraph "The following section provides a summary of the Active Directory FSMO for Domain $($Domain.ToString().ToUpper())."
- BlankLine
- $OutObj = @()
- if ($Domain) {
- try {
- $DomainData = Invoke-Command -Session $Session {Get-ADDomain $using:Domain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator}
- $ForestData = Invoke-Command -Session $Session {Get-ADForest $using:Domain | Select-Object DomainNamingMaster, SchemaMaster}
- Write-PscriboMessage "Discovered Active Directory FSMO information of domain $Domain."
- $inObj = [ordered] @{
- 'Infrastructure Master Server' = $DomainData.InfrastructureMaster
- 'RID Master Server' = $DomainData.RIDMaster
- 'PDC Emulator Name' = $DomainData.PDCEmulator
- 'Domain Naming Master Server' = $ForestData.DomainNamingMaster
- 'Schema Master Server' = $ForestData.SchemaMaster
+ try {
+ $DomainData = Invoke-Command -Session $Session {Get-ADDomain $using:Domain | Select-Object InfrastructureMaster, RIDMaster, PDCEmulator}
+ $ForestData = Invoke-Command -Session $Session {Get-ADForest $using:Domain | Select-Object DomainNamingMaster, SchemaMaster}
+ if ($DomainData -and $ForestData) {
+ Section -Style Heading5 'Flexible Single Master Operations (FSMO)' {
+ Paragraph "The following section provides a summary of the Active Directory FSMO for Domain $($Domain.ToString().ToUpper())."
+ BlankLine
+ $OutObj = @()
+ try {
+ Write-PscriboMessage "Discovered Active Directory FSMO information of domain $Domain."
+ $inObj = [ordered] @{
+ 'Infrastructure Master Server' = $DomainData.InfrastructureMaster
+ 'RID Master Server' = $DomainData.RIDMaster
+ 'PDC Emulator Name' = $DomainData.PDCEmulator
+ 'Domain Naming Master Server' = $ForestData.DomainNamingMaster
+ 'Schema Master Server' = $ForestData.SchemaMaster
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Flexible Single Master Operations)"
}
- $OutObj += [pscustomobject]$inobj
- }
- catch {
- Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Flexible Single Master Operations)"
- }
- $TableParams = @{
- Name = "FSMO Server Information - $($Domain)"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
+ $TableParams = @{
+ Name = "FSMO Server - $($Domain)"
+ List = $true
+ ColumnWidths = 40, 60
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Table @TableParams
}
- $OutObj | Table @TableParams
}
}
+ catch {
+ Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Flexible Single Master Operations)"
+ }
}
end {}
diff --git a/Src/Private/Get-AbrADForest.ps1 b/Src/Private/Get-AbrADForest.ps1
index 2ea88ed..cfec281 100644
--- a/Src/Private/Get-AbrADForest.ps1
+++ b/Src/Private/Get-AbrADForest.ps1
@@ -5,7 +5,7 @@ function Get-AbrADForest {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -27,72 +27,49 @@ function Get-AbrADForest {
}
process {
- $Data = Invoke-Command -Session $Session {Get-ADForest}
- $ForestInfo = $Data.RootDomain.toUpper()
- Write-PscriboMessage "Discovered Active Directory information of forest $ForestInfo."
- $DomainDN = Invoke-Command -Session $Session {(Get-ADDomain -Identity (Get-ADForest | Select-Object -ExpandProperty RootDomain )).DistinguishedName}
- $TombstoneLifetime = Invoke-Command -Session $Session {Get-ADObject "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,$using:DomainDN" -Properties tombstoneLifetime | Select-Object -ExpandProperty tombstoneLifetime}
- $ADVersion = Invoke-Command -Session $Session {Get-ADObject (Get-ADRootDSE).schemaNamingContext -property objectVersion | Select-Object -ExpandProperty objectVersion}
- If ($ADVersion -eq '88') {$server = 'Windows Server 2019'}
- ElseIf ($ADVersion -eq '87') {$server = 'Windows Server 2016'}
- ElseIf ($ADVersion -eq '69') {$server = 'Windows Server 2012 R2'}
- ElseIf ($ADVersion -eq '56') {$server = 'Windows Server 2012'}
- ElseIf ($ADVersion -eq '47') {$server = 'Windows Server 2008 R2'}
- ElseIf ($ADVersion -eq '44') {$server = 'Windows Server 2008'}
- ElseIf ($ADVersion -eq '31') {$server = 'Windows Server 2003 R2'}
- ElseIf ($ADVersion -eq '30') {$server = 'Windows Server 2003'}
- $OutObj = @()
- if ($Data) {
- Write-PscriboMessage "Collecting Active Directory information of forest $ForestInfo."
- foreach ($Item in $Data) {
- $inObj = [ordered] @{
- 'Forest Name' = $Item.RootDomain
- 'Forest Functional Level' = $Item.ForestMode
- 'Schema Version' = "ObjectVersion $ADVersion, Correspond to $server"
- 'Tombstone Lifetime (days)' = $TombstoneLifetime
- 'Domains' = $Item.Domains -join '; '
- 'Global Catalogs' = $Item.GlobalCatalogs -join '; '
- 'Application Partitions' = $Item.ApplicationPartitions
- 'PartitionsContainer' = [string]$Item.PartitionsContainer
- 'SPN Suffixes' = ConvertTo-EmptyToFiller $Item.SPNSuffixes
- 'UPN Suffixes' = ConvertTo-EmptyToFiller $Item.UPNSuffixes
- }
- $OutObj += [pscustomobject]$inobj
- }
-
- $TableParams = @{
- Name = "AD Forest Summary Information - $($ForestInfo)"
- List = $true
- ColumnWidths = 40, 60
- }
- if ($Report.ShowTableCaptions) {
- $TableParams['Caption'] = "- $($TableParams.Name)"
- }
- $OutObj | Table @TableParams
- }
- Section -Style Heading5 'Optional Features' {
- Paragraph "The following section provides a summary of the enabled Optional Features."
- BlankLine
- Write-PscriboMessage "Discovering Optional Features enabled on forest $ForestInfo."
- $Data = Invoke-Command -Session $Session {Get-ADOptionalFeature -Filter *}
+ try {
+ $Data = Invoke-Command -Session $Session {Get-ADForest}
+ $ForestInfo = $Data.RootDomain.toUpper()
+ Write-PscriboMessage "Discovered Active Directory information of forest $ForestInfo."
+ $DomainDN = Invoke-Command -Session $Session {(Get-ADDomain -Identity (Get-ADForest | Select-Object -ExpandProperty RootDomain )).DistinguishedName}
+ $TombstoneLifetime = Invoke-Command -Session $Session {Get-ADObject "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,$using:DomainDN" -Properties tombstoneLifetime | Select-Object -ExpandProperty tombstoneLifetime}
+ $ADVersion = Invoke-Command -Session $Session {Get-ADObject (Get-ADRootDSE).schemaNamingContext -property objectVersion | Select-Object -ExpandProperty objectVersion}
+ If ($ADVersion -eq '88') {$server = 'Windows Server 2019'}
+ ElseIf ($ADVersion -eq '87') {$server = 'Windows Server 2016'}
+ ElseIf ($ADVersion -eq '69') {$server = 'Windows Server 2012 R2'}
+ ElseIf ($ADVersion -eq '56') {$server = 'Windows Server 2012'}
+ ElseIf ($ADVersion -eq '47') {$server = 'Windows Server 2008 R2'}
+ ElseIf ($ADVersion -eq '44') {$server = 'Windows Server 2008'}
+ ElseIf ($ADVersion -eq '31') {$server = 'Windows Server 2003 R2'}
+ ElseIf ($ADVersion -eq '30') {$server = 'Windows Server 2003'}
$OutObj = @()
if ($Data) {
- Write-PscriboMessage "Discovered Optional Features enabled on forest $ForestInfo."
+ Write-PscriboMessage "Collecting Active Directory information of forest $ForestInfo."
foreach ($Item in $Data) {
- Write-PscriboMessage "Collecting Optional Features '$($Item.Name)'"
- $Forest = Invoke-Command -Session $Session {Get-ADForest}
- $inObj = [ordered] @{
- 'Name' = $Item.Name
- 'Required Forest Mode' = $Item.RequiredForestMode
- 'Forest' = $Forest.RootDomain.toUpper()
+ try {
+ $inObj = [ordered] @{
+ 'Forest Name' = $Item.RootDomain
+ 'Forest Functional Level' = $Item.ForestMode
+ 'Schema Version' = "ObjectVersion $ADVersion, Correspond to $server"
+ 'Tombstone Lifetime (days)' = $TombstoneLifetime
+ 'Domains' = $Item.Domains -join '; '
+ 'Global Catalogs' = $Item.GlobalCatalogs -join '; '
+ 'Application Partitions' = $Item.ApplicationPartitions
+ 'PartitionsContainer' = [string]$Item.PartitionsContainer
+ 'SPN Suffixes' = ConvertTo-EmptyToFiller $Item.SPNSuffixes
+ 'UPN Suffixes' = ConvertTo-EmptyToFiller $Item.UPNSuffixes
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
}
- $OutObj += [pscustomobject]$inobj
}
$TableParams = @{
- Name = "Active Directory Enabled Optional Features Information - $($ForestInfo)"
- List = $false
- ColumnWidths = 40, 30, 30
+ Name = "Forest Summary - $($ForestInfo)"
+ List = $true
+ ColumnWidths = 40, 60
}
if ($Report.ShowTableCaptions) {
$TableParams['Caption'] = "- $($TableParams.Name)"
@@ -100,6 +77,47 @@ function Get-AbrADForest {
$OutObj | Table @TableParams
}
}
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ try {
+ Section -Style Heading5 'Optional Features' {
+ Write-PscriboMessage "Discovering Optional Features enabled on forest $ForestInfo."
+ $Data = Invoke-Command -Session $Session {Get-ADOptionalFeature -Filter *}
+ $OutObj = @()
+ if ($Data) {
+ Write-PscriboMessage "Discovered Optional Features enabled on forest $ForestInfo."
+ foreach ($Item in $Data) {
+ try {
+ Write-PscriboMessage "Collecting Optional Features '$($Item.Name)'"
+ $Forest = Invoke-Command -Session $Session {Get-ADForest}
+ $inObj = [ordered] @{
+ 'Name' = $Item.Name
+ 'Required Forest Mode' = $Item.RequiredForestMode
+ 'Forest' = $Forest.RootDomain.toUpper()
+ }
+ $OutObj += [pscustomobject]$inobj
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
+ }
+
+ $TableParams = @{
+ Name = "Optional Features - $($ForestInfo)"
+ List = $false
+ ColumnWidths = 40, 30, 30
+ }
+ if ($Report.ShowTableCaptions) {
+ $TableParams['Caption'] = "- $($TableParams.Name)"
+ }
+ $OutObj | Sort-Object -Property 'Name' | Table @TableParams
+ }
+ }
+ }
+ catch {
+ Write-PscriboMessage -IsWarning $_.Exception.Message
+ }
}
end {}
diff --git a/Src/Private/Get-AbrADGPO.ps1 b/Src/Private/Get-AbrADGPO.ps1
index 8c4aa65..36432c5 100644
--- a/Src/Private/Get-AbrADGPO.ps1
+++ b/Src/Private/Get-AbrADGPO.ps1
@@ -5,7 +5,7 @@ function Get-AbrADGPO {
.DESCRIPTION
.NOTES
- Version: 0.5.0
+ Version: 0.6.2
Author: Jonathan Colon
Twitter: @jcolonfzenpr
Github: rebelinux
@@ -35,122 +35,168 @@ function Get-AbrADGPO {
Paragraph "The following section provides a summary of the Group Policy Objects for domain $($Domain.ToString().ToUpper())."
BlankLine
$OutObj = @()
- if ($Domain) {
- try {
- $GPOs = Invoke-Command -Session $Session -ScriptBlock {Get-GPO -Domain $using:Domain -All}
- Write-PscriboMessage "Discovered Active Directory Group Policy Objects information on $Domain. (Group Policy Objects)"
- foreach ($GPO in $GPOs) {
- Write-PscriboMessage "Collecting Active Directory Group Policy Objects '$($GPO.DisplayName)'. (Group Policy Objects)"
- $inObj = [ordered] @{
- 'GPO Name' = $GPO.DisplayName
- 'GPO Status' = ($GPO.GpoStatus -creplace '([A-Z\W_]|\d+)(?