-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3a37c36
commit 616867d
Showing
7 changed files
with
351 additions
and
129 deletions.
There are no files selected for viewing
154 changes: 154 additions & 0 deletions
154
MEM.Zone-Dashboards/Public/Hardware - Device Information by Collection.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,154 @@ | ||
/* | ||
.SYNOPSIS | ||
Gets the Device Hardware info. | ||
.DESCRIPTION | ||
Gets the Device Hardware info of a device collection. | ||
.NOTES | ||
Requires SQL 2016. | ||
Part of a report should not be run separately.LINK | ||
https://MEM.Zone | ||
.LINK | ||
https://MEMZ.one/Dashboards | ||
.LINK | ||
https://MEMZ.one/Dashboards-HELP | ||
.LINK | ||
https://MEMZ.one/Dashboards-ISSUES | ||
*/ | ||
|
||
/*##=============================================*/ | ||
/*## QUERY BODY */ | ||
/*##=============================================*/ | ||
/* #region QueryBody */ | ||
|
||
/* Testing variables !! Need to be commented for Production !! */ | ||
--DECLARE @UserSIDs AS NVARCHAR(10) = 'Disabled'; | ||
--DECLARE @CollectionID AS NVARCHAR(10) = 'VID0001C'; | ||
--DECLARE @Thresholds AS NVARCHAR(20) = '4,1000,2,64'; | ||
--DECLARE @ExcludeVirtualMachines AS VARCHAR(3) = 'YES' | ||
|
||
/* Initialize memory tables */ | ||
DECLARE @VirtualMachines TABLE (Model NVARCHAR(50)); | ||
DECLARE @ReadinessStates TABLE (BitMask INT, StateName NVARCHAR(250)); | ||
DECLARE @ThresholdVariables TABLE (ID INT IDENTITY(1,1), Threshold INT); | ||
|
||
/* Populate VirtualMachines table */ | ||
INSERT INTO @VirtualMachines (Model) | ||
VALUES | ||
('VMware Virtual Platform') | ||
, ('Virtual Machine') | ||
, ('VMware7,1') | ||
|
||
/* Get compliance data data */ | ||
SELECT | ||
ResourceID = Systems.ResourceID | ||
, Device = ( | ||
IIF( | ||
SystemNames.Resource_Names0 IS NOT NULL, UPPER(SystemNames.Resource_Names0) | ||
, IIF(Systems.Full_Domain_Name0 IS NOT NULL, Systems.Name0 + N'.' + Systems.Full_Domain_Name0, Systems.Name0) | ||
) | ||
) | ||
, OperatingSystem = ( | ||
IIF( | ||
OperatingSystem.Caption0 != N'' | ||
, CONCAT( | ||
REPLACE(OperatingSystem.Caption0, N'Microsoft ', N''), --Remove 'Microsoft ' from OperatingSystem | ||
REPLACE(OperatingSystem.CSDVersion0, N'Service Pack ', N' SP') --Replace 'Service Pack ' with ' SP' in OperatingSystem | ||
) | ||
, Systems.Operating_System_Name_And0 | ||
) | ||
) | ||
, OSVersion = ISNULL(OSInfo.Version, IIF(RIGHT(OperatingSystem.Caption0, 7) = N'Preview', N'Insider Preview', NULL)) | ||
, ProcessorName = ( | ||
CASE | ||
WHEN CHARINDEX('CPU @', Processor.Name0) > 0 THEN LEFT(Processor.Name0, CHARINDEX('CPU @', Processor.Name0)-1) | ||
WHEN CHARINDEX('@', Processor.Name0) > 0 THEN LEFT(Processor.Name0, CHARINDEX('@', Processor.Name0)-1) | ||
ELSE Processor.Name0 | ||
END | ||
) | ||
, ProcessorSpeed = Processor.NormSpeed0 | ||
, ProcessorCores = Processor.NumberOfCores0 | ||
, MemorySize = Memory.Size | ||
, FreeSpace = CONVERT(DECIMAL(10, 2), LogicalDisk.FreeSpace0 / 1024.0) | ||
, Manufacturer = ComputerSystem.Manufacturer0 | ||
, DeviceModel = ComputerSystem.Model0 | ||
, SerialNumber = BIOS.SerialNumber0 | ||
, SecureBoot = ( | ||
CASE | ||
WHEN Firmware.SecureBoot0 = 1 THEN N'Enabled' | ||
WHEN Firmware.SecureBoot0 = 0 THEN N'Disabled' | ||
ELSE NULL | ||
END | ||
) | ||
, BootMode = ( | ||
CASE | ||
WHEN Firmware.UEFI0 = 1 THEN N'UEFI' | ||
WHEN Firmware.UEFI0 = 0 THEN N'BIOS' | ||
ELSE NULL | ||
END | ||
) | ||
, TPMVersion = IIF(TPM.SpecVersion0 = 'Not Supported', 'Not Supported', LEFT(TPM.SpecVersion0, CHARINDEX(',',TPM.SpecVersion0 )-1)) | ||
/* | ||
, TPMEnabled = ( | ||
CASE | ||
WHEN TPM.IsEnabled_InitialValue0 = 1 THEN N'Enabled' | ||
WHEN TPM.IsEnabled_InitialValue0 = 0 THEN N'Disabled' | ||
ELSE NULL | ||
END | ||
) | ||
, TPMActivated = ( | ||
CASE | ||
WHEN TPM.IsActivated_InitialValue0 = 1 THEN N'Yes' | ||
WHEN TPM.IsActivated_InitialValue0 = 0 THEN N'No' | ||
ELSE NULL | ||
END | ||
) | ||
, TPMOwned = ( | ||
CASE | ||
WHEN TPM.IsOwned_InitialValue0 = 1 THEN N'Yes' | ||
WHEN TPM.IsOwned_InitialValue0 = 0 THEN N'No' | ||
ELSE NULL | ||
END | ||
) | ||
*/ | ||
, TPMPhysicalPresence = TPM.PhysicalPresenceVersionInfo0 | ||
, TPMSpecVersion = TPM.SpecVersion0 | ||
, Domain = Systems.User_Domain0 | ||
, UserName = Systems.User_Name0 | ||
, ClientState = IIF(Systems.Client0 = 1, ClientSummary.ClientStateDescription, 'Unmanaged') | ||
, ClientVersion = Systems.Client_Version0 | ||
, ComputerSystem.Model0 | ||
FROM fn_rbac_R_System(@UserSIDs) AS Systems | ||
INNER JOIN fn_rbac_FullCollectionMembership(@UserSIDs) AS CollectionMembers ON CollectionMembers.ResourceID = Systems.ResourceID | ||
LEFT JOIN fn_rbac_GS_PROCESSOR(@UserSIDs) AS Processor ON Processor.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_RA_System_ResourceNames(@UserSIDs) AS SystemNames ON SystemNames.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_OPERATING_SYSTEM(@UserSIDs) AS OperatingSystem ON OperatingSystem.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_COMPUTER_SYSTEM(@UserSIDs) AS ComputerSystem ON ComputerSystem.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_PC_BIOS(@UserSIDs) AS BIOS ON BIOS.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_FIRMWARE(@UserSIDs) AS Firmware ON Firmware.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_TPM(@UserSIDs) AS TPM ON TPM.ResourceID = CollectionMembers.ResourceID | ||
LEFT JOIN fn_rbac_GS_LOGICAL_DISK(@UserSIDs) AS LogicalDisk ON LogicalDisk.ResourceID = CollectionMembers.ResourceID | ||
AND LogicalDisk.DriveType0 = 3 --Local Disk | ||
AND LogicalDisk.Name0 = N'C:' --System Drive Only | ||
LEFT JOIN fn_rbac_CH_ClientSummary(@UserSIDs) AS ClientSummary ON ClientSummary.ResourceID = CollectionMembers.ResourceID | ||
OUTER APPLY ( | ||
SELECT | ||
Version = OSLocalizedNames.Value | ||
, ServicingState = OSServicingStates.State | ||
FROM fn_GetWindowsServicingLocalizedNames() AS OSLocalizedNames | ||
INNER JOIN fn_GetWindowsServicingStates() AS OSServicingStates ON OSServicingStates.Build = Systems.Build01 | ||
WHERE OSLocalizedNames.Name = OSServicingStates.Name | ||
AND Systems.OSBranch01 = OSServicingStates.Branch --Select only the branch of the installed OS | ||
) AS OSInfo | ||
OUTER APPLY ( | ||
SELECT DISTINCT | ||
Size = SUM(Memory.Capacity0) OVER(PARTITION BY Memory.ResourceID) / 1000 | ||
FROM v_GS_PHYSICAL_MEMORY AS Memory | ||
WHERE Memory.ResourceID = CollectionMembers.ResourceID | ||
) AS Memory | ||
WHERE CollectionMembers.CollectionID = @CollectionID | ||
AND ComputerSystem.Model0 NOT IN (SELECT Model FROM @VirtualMachines) | ||
|
||
/* #endregion */ | ||
/*##=============================================*/ | ||
/*## END QUERY BODY */ | ||
/*##=============================================*/ |
144 changes: 144 additions & 0 deletions
144
MEM.Zone-Dashboards/Public/Operating System - User Rights Assigment.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,144 @@ | ||
/* | ||
.SYNOPSIS | ||
Gets the operating system user rights assigment. | ||
.DESCRIPTION | ||
Gets the operating system user rights assigment in Configuration Manager by Collection | ||
.NOTES | ||
Requires SQL 2016. | ||
Part of a report should not be run separately.LINK | ||
https://MEM.Zone | ||
.LINK | ||
https://MEMZ.one/Dashboardsac | ||
.LINK | ||
https://MEMZ.one/Dashboards-HELP | ||
.LINK | ||
https://MEMZ.one/Dashboards-ISSUES | ||
*/ | ||
|
||
/*##=============================================*/ | ||
/*## QUERY BODY */ | ||
/*##=============================================*/ | ||
/* #region QueryBody */ | ||
|
||
/* Testing variables !! Need to be commented for Production !! */ | ||
--DECLARE @UserSIDs AS NVARCHAR(10) = 'Disabled'; | ||
--DECLARE @CollectionID AS NVARCHAR(10) = 'VID00426'; | ||
--DECLARE @Privileges AS BIGINT = 38654705676; | ||
|
||
/* Check for Hwi Extension */ | ||
DECLARE @IsHwiExtended AS INT = 0; | ||
IF OBJECT_ID(N'[dbo].[fn_rbac_GS_USER_RIGHTS_ASSIGNMENT]') IS NOT NULL | ||
SET @IsHwiExtended = 1; | ||
|
||
/* Compute Bitmask from multi-selection dropdown */ | ||
DECLARE @PrivilegeBitMask AS BIGINT = ( | ||
SELECT SUM(CAST(Value AS BIGINT)) FROM STRING_SPLIT( | ||
(SELECT CONCAT_WS(N',', N'0', @Privileges)) | ||
, N',' | ||
) | ||
); | ||
|
||
/* Initialize UserPrivileges table */ | ||
DECLARE @UserPrivilegeFlags TABLE (BitMask BIGINT, Privilege NVARCHAR(50)); | ||
|
||
/* Populate UserPrivileges table */ | ||
INSERT INTO @UserPrivilegeFlags (BitMask, Privilege) | ||
VALUES | ||
(0, N'None') | ||
, (1, N'SeAssignPrimaryTokenPrivilege') | ||
, (2, N'SeAuditPrivilege') | ||
, (4, N'SeBackupPrivilege') | ||
, (8, N'SeBatchLogonRight') | ||
, (16, N'SeChangeNotifyPrivilege') | ||
, (32, N'SeCreateGlobalPrivilege') | ||
, (64, N'SeCreatePagefilePrivilege') | ||
, (128, N'SeCreatePermanentPrivilege') | ||
, (256, N'SeCreateSymbolicLinkPrivilege') | ||
, (512, N'SeCreateTokenPrivilege') | ||
, (1024, N'SeDebugPrivilege') | ||
, (2048, N'SeDelegateSessionUserImpersonatePrivilege') | ||
, (4096, N'SeDenyBatchLogonRight') | ||
, (8192, N'SeDenyInteractiveLogonRight') | ||
, (16384, N'SeDenyNetworkLogonRight') | ||
, (32768, N'SeDenyRemoteInteractiveLogonRight') | ||
, (65536, N'SeDenyServiceLogonRight') | ||
, (131072, N'SeEnableDelegationPrivilege') | ||
, (262144, N'SeImpersonatePrivilege') | ||
, (524288, N'SeIncreaseBasePriorityPrivilege') | ||
, (1048576, N'SeIncreaseQuotaPrivilege') | ||
, (2097152, N'SeIncreaseWorkingSetPrivilege') | ||
, (4194304, N'SeInteractiveLogonRight') | ||
, (8388608, N'SeLoadDriverPrivilege') | ||
, (16777216, N'SeLockMemoryPrivilege') | ||
, (33554432, N'SeMachineAccountPrivilege') | ||
, (67108864, N'SeManageVolumePrivilege') | ||
, (134217728, N'SeNetworkLogonRight') | ||
, (268435456, N'SeProfileSingleProcessPrivilege') | ||
, (536870912, N'SeRelabelPrivilege') | ||
, (1073741824, N'SeRemoteInteractiveLogonRight') | ||
, (2147483648, N'SeRemoteShutdownPrivilege') | ||
, (4294967296, N'SeRestorePrivilege') | ||
, (8589934592, N'SeSecurityPrivilege') | ||
, (17179869184, N'SeServiceLogonRight') | ||
, (34359738368, N'SeShutdownPrivilege') | ||
, (68719476736, N'SeSyncAgentPrivilege') | ||
, (137438953472, N'SeSystemEnvironmentPrivilege') | ||
, (274877906944, N'SeSystemProfilePrivilege') | ||
, (549755813888, N'SeSystemtimePrivilege') | ||
, (1099511627776, N'SeTakeOwnershipPrivilege') | ||
, (2199023255552, N'SeTcbPrivilege') | ||
, (4398046511104, N'SeTimeZonePrivilege') | ||
, (8796093022208, N'SeTrustedCredManAccessPrivilege') | ||
, (17592186044416, N'SeUndockPrivilege') | ||
|
||
/* Get device info */ | ||
IF @IsHwiExtended = 1 | ||
BEGIN | ||
SELECT | ||
DeviceName = ( | ||
IIF( | ||
SystemNames.Resource_Names0 IS NOT NULL, UPPER(SystemNames.Resource_Names0) | ||
, IIF(Systems.Full_Domain_Name0 IS NOT NULL, Systems.Name0 + N'.' + Systems.Full_Domain_Name0, Systems.Name0) | ||
) | ||
) | ||
, OperatingSystem = ( | ||
IIF( | ||
OperatingSystem.Caption0 != N'' | ||
, CONCAT( | ||
REPLACE(OperatingSystem.Caption0, N'Microsoft ', N''), --Remove 'Microsoft ' from OperatingSystem | ||
REPLACE(OperatingSystem.CSDVersion0, N'Service Pack ', N' SP') --Replace 'Service Pack ' with ' SP' in OperatingSystem | ||
) | ||
, Systems.Operating_System_Name_And0 | ||
) | ||
) | ||
, Domain = Systems.Resource_Domain_OR_Workgr0 | ||
, PrincipalName = UserRightsAssignment.PrincipalName0 | ||
, PrincipalSID = UserRightsAssignment.PrincipalSID0 | ||
, Privilege = ( | ||
STUFF( | ||
REPLACE( | ||
( | ||
SELECT N'#!' + LTRIM(RTRIM(UserPrivilegeFlags.Privilege)) AS [data()] | ||
FROM @UserPrivilegeFlags AS UserPrivilegeFlags | ||
WHERE UserPrivilegeFlags.BitMask & CAST(UserRightsAssignment.PrivilegeBitMask0 AS BIGINT) <> 0 | ||
FOR XML PATH(N'') | ||
), | ||
N' #!', N', ' | ||
), | ||
1, 2, N'' | ||
) | ||
) | ||
, LastCollected = CONVERT(NVARCHAR(16), UserRightsAssignment.TimeStamp, 120) | ||
FROM fn_rbac_FullCollectionMembership(@UserSIDs) AS CollectionMembers | ||
LEFT OUTER JOIN fn_rbac_GS_USER_RIGHTS_ASSIGNMENT(@UserSIDs) AS UserRightsAssignment ON UserRightsAssignment.ResourceID = CollectionMembers.ResourceID | ||
LEFT OUTER JOIN fn_rbac_RA_System_ResourceNames(@UserSIDs) AS SystemNames ON SystemNames.ResourceID = CollectionMembers.ResourceID | ||
LEFT OUTER JOIN fn_rbac_GS_OPERATING_SYSTEM(@UserSIDs) AS OperatingSystem ON OperatingSystem.ResourceID = CollectionMembers.ResourceID | ||
LEFT OUTER JOIN fn_rbac_R_System(@UserSIDs) AS Systems ON Systems.ResourceID = CollectionMembers.ResourceID | ||
WHERE CollectionMembers.CollectionID = @CollectionID | ||
AND (@PrivilegeBitMask & CAST(UserRightsAssignment.PrivilegeBitMask0 AS BIGINT) <> 0 OR UserRightsAssignment.PrivilegeBitMask0 IS NULL) | ||
END | ||
|
||
/* #endregion */ | ||
/*##=============================================*/ | ||
/*## END QUERY BODY */ | ||
/*##=============================================*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.