├── .github └── FUNDING.yml ├── ADReportingTools.psd1 ├── ADReportingTools.psm1 ├── ADReportingToolsManual.pdf ├── Changelog.md ├── LICENSE.txt ├── Preview-Changelog.md ├── README.md ├── configurations └── aduser-categories.json ├── docs ├── Get-ADBackupStatus.md ├── Get-ADBranch.md ├── Get-ADCanonicalUser.md ├── Get-ADComputerReport.md ├── Get-ADDepartment.md ├── Get-ADDomainControllerHealth.md ├── Get-ADFSMO.md ├── Get-ADGroupReport.md ├── Get-ADGroupUser.md ├── Get-ADManager.md ├── Get-ADReportingTools.md ├── Get-ADReportingToolsOptions.md ├── Get-ADSiteDetail.md ├── Get-ADSiteSummary.md ├── Get-ADSummary.md ├── Get-ADUserAudit.md ├── Get-ADUserCategory.md ├── Get-NTDSInfo.md ├── New-ADChangeReport.md ├── New-ADDomainReport.md ├── New-ADGroupReport.md ├── Open-ADReportingToolsHelp.md ├── Set-ADReportingToolsOptions.md ├── Show-DomainTree.md └── Split-DistinguishedName.md ├── en-US └── ADReportingTools-help.xml ├── formats ├── adaudittrail.format.ps1xml ├── adbackup.format.ps1xml ├── adbranchmember.format.ps1xml ├── adcomputerreport.format.ps1xml ├── addchealth.format.ps1xml ├── addepartmentmember.format.ps1xml ├── adfsmorole.format.ps1xml ├── adgroup.format.ps1xml ├── adgroupreport.format.ps1xml ├── adgroupuser.format.ps1xml ├── admanager.format.ps1xml ├── adntds.format.ps1xml ├── adreportingtool.format.ps1xml ├── adsitesummary.format.ps1xml ├── adsummary.format.ps1xml └── aduser.format.ps1xml ├── functions ├── ADChangeReport.ps1 ├── Get-ADDepartmentMember.ps1 ├── Open-ADReportingHelp.ps1 ├── Show-Domain.ps1 ├── Split-DN.ps1 ├── adreportingtoolsoptions.ps1 ├── get-adbackupstatus.ps1 ├── get-adcanonicaluser.ps1 ├── get-adcomputerreport.ps1 ├── get-adcontainer.ps1 ├── get-addchealth.ps1 ├── get-adfsmo.ps1 ├── get-adgroupreport.ps1 ├── get-adgroupuser.ps1 ├── get-adlog.ps1 ├── get-admanager.ps1 ├── get-adreportingtools.ps1 ├── get-adsitesubnet.ps1 ├── get-adsummary.ps1 ├── get-adusercategory.ps1 ├── get-ntdsinfo.ps1 ├── new-adgroupreport.ps1 ├── new-domainreport.ps1 └── private.ps1 ├── images ├── 2PopulatedDomain01.png ├── Collection_DomainGroup01.png ├── ComputerAccount01.png ├── Folder_FolderOpenWithDocumentWriting01.png ├── Users01.png ├── adbackup-age.png ├── adbackup-status.png ├── adgroup-format.png ├── admanager-direct.png ├── admanager-managed.png ├── adreportinghash.png ├── get-adbranch.png ├── get-adcanonicaluser.png ├── get-adcomputerreport-properties.png ├── get-adcomputerreport.png ├── get-addept-manager.png ├── get-addept.png ├── get-addomaincontrollerhealth-info.png ├── get-addomaincontrollerhealth-services.png ├── get-addomaincontrollerhealth.png ├── get-adfsmo.png ├── get-adgroup.png ├── get-adgroupreport-age.png ├── get-adgroupreport.png ├── get-adgroupuser-list.png ├── get-adgroupuser.png ├── get-adreportingtools.png ├── get-adreportingtoolsoptions.png ├── get-adsitedetail.png ├── get-adsitesummary.png ├── get-adsummary.png ├── get-aduser-names.png ├── get-aduseraudit.png ├── get-adusercategory.png ├── get-ntdsinfo.png ├── octocat.png ├── open-adreportingtoolshelp.png ├── samplechangereport.png ├── samplegroupreport.png ├── samplereport.png └── show-domaintree.png ├── reports ├── changereport.css ├── domainreport.css ├── groupreport.css ├── samplechange.html ├── sampledomain.html └── samplegroup.html ├── tests └── ADReportingTools.tests.ps1 └── types ├── adgroupreport.types.ps1xml └── aduser.types.ps1xml /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] 4 | patreon: # Replace with a single Patreon username 5 | open_collective: # Replace with a single Open Collective username 6 | ko_fi: # Replace with a single Ko-fi username 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry 9 | liberapay: # Replace with a single Liberapay username 10 | issuehunt: # Replace with a single IssueHunt username 11 | otechie: # Replace with a single Otechie username 12 | custom: https://paypal.me/jdhitsolutions?locale.x=en_US 13 | -------------------------------------------------------------------------------- /ADReportingTools.psd1: -------------------------------------------------------------------------------- 1 | # 2 | # Module manifest for module 'ADReportingTools' 3 | # 4 | 5 | @{ 6 | 7 | # Script module or binary module file associated with this manifest. 8 | RootModule = 'ADReportingTools.psm1' 9 | 10 | # Version number of this module. 11 | ModuleVersion = '1.4.0' 12 | 13 | # Supported PSEditions 14 | CompatiblePSEditions = @("Desktop","Core") 15 | 16 | # ID used to uniquely identify this module 17 | GUID = '1e812b1f-dbe7-4d21-b4ea-7aff65d854ba' 18 | 19 | # Author of this module 20 | Author = 'Jeff Hicks' 21 | 22 | # Company or vendor of this module 23 | CompanyName = 'JDH Information Technology Solutions, Inc.' 24 | 25 | # Copyright statement for this module 26 | Copyright = '(c)2021 JDH Information Technology Solutions, Inc.' 27 | 28 | # Description of the functionality provided by this module 29 | Description = 'A set of PowerShell commands to gather information and create reports from Active Directory.' 30 | 31 | # Minimum version of the PowerShell engine required by this module 32 | PowerShellVersion = '5.1' 33 | 34 | # Minimum version of the PowerShell host required by this module 35 | PowerShellHostVersion = '5.1' 36 | 37 | # Modules that must be imported into the global environment prior to importing this module 38 | RequiredModules = @("ThreadJob") 39 | 40 | # Type files (.ps1xml) to be loaded when importing this module 41 | TypesToProcess = @( 42 | 'types\aduser.types.ps1xml', 43 | 'types\adgroupreport.types.ps1xml' 44 | ) 45 | 46 | # Format files (.ps1xml) to be loaded when importing this module 47 | FormatsToProcess = @( 48 | 'formats\adaudittrail.format.ps1xml', 49 | 'formats\adfsmorole.format.ps1xml', 50 | 'formats\adsitesummary.format.ps1xml', 51 | 'formats\adgroupuser.format.ps1xml', 52 | 'formats\adbranchmember.format.ps1xml', 53 | 'formats\adsummary.format.ps1xml', 54 | 'formats\addchealth.format.ps1xml', 55 | 'formats\adreportingtool.format.ps1xml', 56 | 'formats\aduser.format.ps1xml', 57 | 'formats\adgroup.format.ps1xml', 58 | 'formats\adgroupreport.format.ps1xml', 59 | 'formats\addepartmentmember.format.ps1xml', 60 | 'formats\adcomputerreport.format.ps1xml', 61 | 'formats\adntds.format.ps1xml', 62 | 'formats\adbackup.format.ps1xml', 63 | 'formats\admanager.format.ps1xml' 64 | ) 65 | 66 | # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. 67 | FunctionsToExport = 'Show-DomainTree','Get-ADUserAudit','Get-ADSummary','Get-ADFSMO','Get-ADSiteSummary','Get-ADSiteDetail', 68 | 'Get-ADGroupUser','Get-ADBranch','Get-ADDomainControllerHealth','New-ADDomainReport','Get-ADReportingTools','Get-ADCanonicalUser', 69 | 'Get-ADUserCategory','Get-ADGroupReport','Split-DistinguishedName','New-ADChangeReport', 70 | 'Get-ADReportingToolsOptions','Set-ADReportingToolsOptions','Get-ADDepartment','Get-ADComputerReport', 'Get-NTDSInfo', 71 | 'Get-ADBackupStatus','Open-ADReportingToolsHelp','New-ADGroupReport','Get-ADManager' 72 | 73 | # Variables to export from this module 74 | VariablesToExport = 'ADUserReportingConfiguration','ADReportingToolsOptions','ADReportingDepartments' 75 | 76 | # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. 77 | AliasesToExport = 'dt','fsmo','Get-ADCnUser','Parse-DN' 78 | 79 | # Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell. 80 | PrivateData = @{ 81 | 82 | PSData = @{ 83 | 84 | # Tags applied to this module. These help with module discovery in online galleries. 85 | Tags = @("ActiveDirectory","html","reporting") 86 | 87 | # A URL to the license for this module. 88 | LicenseUri = 'https://github.com/jdhitsolutions/ADReportingTools/blob/main/LICENSE.txt' 89 | 90 | # A URL to the main website for this project. 91 | ProjectUri = 'https://github.com/jdhitsolutions/ADReportingTools' 92 | 93 | # A URL to an icon representing this module. 94 | IconUri = 'https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/main/images/2PopulatedDomain01.png' 95 | 96 | # ReleaseNotes of this module 97 | ReleaseNotes = 'See the changelog at https://github.com/jdhitsolutions/ADReportingTools/blob/main/Changelog.md' 98 | 99 | # Prerelease string of this module 100 | # Prerelease = '' 101 | 102 | # Flag to indicate whether the module requires explicit user acceptance for install/update/save 103 | RequireLicenseAcceptance = $false 104 | 105 | # External dependent modules of this module 106 | ExternalModuleDependencies = @("ActiveDirectory","DNSClient") 107 | 108 | } # End of PSData hashtable 109 | 110 | } # End of PrivateData hashtable 111 | 112 | # HelpInfo URI of this module 113 | # HelpInfoURI = '' 114 | 115 | # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix. 116 | # DefaultCommandPrefix = '' 117 | 118 | } 119 | 120 | -------------------------------------------------------------------------------- /ADReportingToolsManual.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/ADReportingToolsManual.pdf -------------------------------------------------------------------------------- /Changelog.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | This is a summary of major changes in the ADReportingTools module since it was released as a 1.0 product. 4 | 5 | ## 1.4.0 6 | 7 | + Added missing online help links. 8 | + Cleaned up module manifest 9 | + Fixed typo. ([Issue #27](https://github.com/jdhitsolutions/ADReportingTools/issues/27)) 10 | + Updated `README.md`. 11 | 12 | ## 1.3.0 13 | 14 | + Added `ThreadJob` as a required module. ([Issue #25](https://github.com/jdhitsolutions/ADReportingTools/issues/25)) 15 | + Changed `$ADReportingToolsOptions` to an `[ordered]` hashtable and added the ANSI reset sequence at the end. Now, if you look at $ADReportingToolsOptions`, your console will reset. 16 | + Modified `Get-ADReportingToolsOptions` to filter out keys I'm using for reference information when users access `$ADReportingToolsOptions` directly. 17 | + Added function `Get-ADManager` and custom format file `admanager.format.ps1xml`. 18 | + Modified `Get-ADComputerReport` to include `Enabled` and `ManagedBy` properties. 19 | + Added a table view called `Managed` to `adcomputerreport.format.ps1xml`. 20 | + Added missing online help links. 21 | + Updated `README.md`. 22 | 23 | ## 1.2.0 24 | 25 | + Revised help for `Show-DomainTree` to indicate it must be run in a console session and not the PowerShell ISE. (([Issue #23](https://github.com/jdhitsolutions/ADReportingTools/issues/23))) 26 | + Add function `New-ADGroupReport` and CSS file `groupreport.css`. 27 | + Added missing help for `Get-ADComputerReport`. 28 | + Added argument completer for `SERVER` parameter on all commands in this module and the `Get` commands from the ActiveDirectory module. 29 | + Updated `README.md`. 30 | 31 | ## 1.1.0 32 | 33 | + Fix typo in `$ADReportingHash` Note. ([Issue #22](https://github.com/jdhitsolutions/ADReportingTools/issues/22)) 34 | + Added `Open-ADReportingToolsHelp` to launch a PDF with module documentation. ([Issue #2](https://github.com/jdhitsolutions/ADReportingTools/issues/2)) 35 | + Fixed bad parameter in `New-ADChangeReport`. ([Issue #24](https://github.com/jdhitsolutions/ADReportingTools/issues/24)) 36 | + Modified CSS parameter in `New-DomainReport`. 37 | + Modified `Show-DomainTree` to test for ConsoleHost as a match and not equal to. ([Issue #23](https://github.com/jdhitsolutions/ADReportingTools/issues/23)) 38 | + Updated `README.md`. 39 | + Help updates. 40 | 41 | ## 1.0.0 42 | 43 | + First stable release. 44 | + Updated `README.md`. 45 | + Added command `Get-ADDepartment` and format file `addepartmentmember.format.ps1xml`. 46 | + Exporting a global variable called `$ADReportingHash` which is used as an argument completer for `Get-ADDepartment`. 47 | + Moved ANSI colors from `Show-DomainTree` to `$ADReportingToolsOptions`. ([Issue #17](https://github.com/jdhitsolutions/ADReportingTools/issues/17)) 48 | + Added class coloring to ADBranch output. 49 | + Modified ADBranch output to show disabled user accounts in red. 50 | + Added command `Get-ADComputerReport` and format file `adcomputerreport.format.ps1xml`. 51 | + Modified `adgroupreport.format.ps1xml` to add member count to the default output. ([Issue #21](https://github.com/jdhitsolutions/ADReportingTools/issues/21)) 52 | + Added a view called `summary` to `adgroupreport.format.ps1xml`. 53 | + Added command `Get-NTDSInfo` and format file `adntds.format.ps1xml`. ([Discussion #18](https://github.com/jdhitsolutions/ADReportingTools/discussions/18)) 54 | + Modified `Get-ADSummary` to better display PSBoundParameters with Verbose output in the PowerShell ISE. 55 | + Updated format files to ensure ANSI formatting only happens in a Console host. 56 | + Added command `Get-ADBackupStatus` and format file `adbackupstatus.format.ps1xml`. 57 | + Help updates. 58 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2021-2023 JDH Information Technology Solutions, Inc. 2 | 3 | 4 | Permission is hereby granted, free of charge, to any person obtaining a copy 5 | of this software and associated documentation files (the "Software"), to deal 6 | in the Software without restriction, including without limitation the rights 7 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 8 | copies of the Software, and to permit persons to whom the Software is 9 | furnished to do so, subject to the following conditions: 10 | 11 | 12 | The above copyright notice and this permission notice shall be included in 13 | all copies or substantial portions of the Software. 14 | 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 | THE SOFTWARE. 23 | -------------------------------------------------------------------------------- /Preview-Changelog.md: -------------------------------------------------------------------------------- 1 | # Preview Changelog for ADReportingTools 2 | 3 | ## 0.8.0-preview 4 | 5 | + Updated `README.md`. 6 | + Added `New-ADChangeReport`. ([Issue #15](https://github.com/jdhitsolutions/ADReportingTools/issues/15)) 7 | + Added sample CSS file `changereport.css`. 8 | + Added sample HTML report `samplechange.html`. 9 | + Added private function `_convertObjects`. 10 | + Added variable `ADReportingToolsOptions` and functions `Get-ADReportingToolsOptions` and `Set-ADReportingToolsOptions`. ([Issue #16](https://github.com/jdhitsolutions/ADReportingTools/issues/16)) 11 | + Modified format files to use values from `$ADReportingToolsOptions`. 12 | + Added `Universal` to $ADReportingToolsOptions` to highlight Universal groups. 13 | + Added `DomainLocal` to $ADReportingToolsOptions` to highlight DomainLocal groups. 14 | 15 | ## 0.7.0-preview 16 | 17 | + Fixed typo in `adbranchmember.format.ps1xml`. 18 | + Added custom table view called `group` for ADGroup objects in `adgroup.format.ps1xml`. 19 | + Added command `Split-DistinguisedName`. 20 | + Added command `Get-ADGroupReport` with a custom format file `adgroupreport.format.ps1ml` and a custom type file `adgroupreport.types.ps1xml`. ([Issue #3](https://github.com/jdhitsolutions/ADReportingTools/issues/3)) 21 | + Removed `About_ADReportingTools`. 22 | + Updated `README.md`. 23 | 24 | ## 0.6.1-preview 25 | 26 | + Fixed pre-release tag in the module. 27 | 28 | ## 0.6.0-preview 29 | 30 | + Added online help links. 31 | + Help updates. 32 | + Modified `Get-ADSiteSummary` and `Get-ADSiteDetail` to allow getting site by name. ([Issue #14](https://github.com/jdhitsolutions/ADReportingTools/issues/14)) 33 | + Modified `Get-ADBranch` to allow filter of users, groups, or computers, and to exclude containers. ([Issue #13](https://github.com/jdhitsolutions/ADReportingTools/issues/13) 34 | + Published pre-release module to the PowerShell Gallery. 35 | + Added category `Basic` to `adusers-categories.json` with properties `DisplayName`,`Name`,`SamAccountname`,`UserPrincipalName`,`Enabled`,`WhenCreated`, and `WhenChanged`. 36 | + Updated `README.md`. 37 | 38 | ## 0.5.0 39 | 40 | + Minor file organization. 41 | + Added type file `aduser.types.ps1xml`. 42 | + Added custom view called `names` defined in `formats\aduser.format.ps1xml`. 43 | + Added function `Get-ADUserCategory`. 44 | + Help updates. 45 | 46 | ## 0.4.0 47 | 48 | + Moved `_formatDN` to `private.ps1`. 49 | + Updated module manifest with private data. 50 | + Added command help. ([Issue #1](https://github.com/jdhitsolutions/ADReportingTools/issues/1)) 51 | + Modified `New-ADDomainReport` to fix bug converting file path. ([Issue #4](https://github.com/jdhitsolutions/ADReportingTools/issues/4)) 52 | + Added `Get-ADReportingTools` command. ([Issue #5](https://github.com/jdhitsolutions/ADReportingTools/issues/5)) 53 | + Modified default view for `Get-ADFSMO` to be a list. ([Issue #6](https://github.com/jdhitsolutions/ADReportingTools/issues/6)) 54 | + Added a view for `ADDomainControllerService` type to `addchealth.format.ps1xml`. ([Issue #7](https://github.com/jdhitsolutions/ADReportingTools/issues/7)) 55 | + Added alias `fsmo` for `Get-ADFSMO`. ([Issue #8](https://github.com/jdhitsolutions/ADReportingTools/issues/8)) 56 | + Modified `Get-ADDomainControllerHealth` to include computer name in the `Services` property. ([Issue #9](https://github.com/jdhitsolutions/ADReportingTools/issues/9)) 57 | + Modified `Get-ADGroupUser` to fix a bug that was not getting the user's Title. ([Issue #10](https://github.com/jdhitsolutions/ADReportingTools/issues/10)) 58 | + Added `Get-ADCanonicalUser` with an alias of `Get-ADCNUser`. ([Issue #11](https://github.com/jdhitsolutions/ADReportingTools/issues/11)) 59 | 60 | ## 0.3.0 61 | 62 | + Updated `Get-ADGroupUser` to get member detail depending on the class. 63 | + Modified `Get-ADBranch` to include an `Enabled` property. 64 | + Added private helper functions `_inserttoggle` and `_getpopData`. 65 | + Added `New-ADDomainReport`. 66 | 67 | ## 0.2.0 68 | 69 | + Added a default List view to `adgroupuser.format.ps1xml`.dir 70 | + Added format file `adsummary.format.ps1xml`. 71 | + Added `Get-ADDCHealth` and format file `addchealth.format.ps1xml`. 72 | 73 | ## 0.0.1 74 | 75 | + Initial files 76 | -------------------------------------------------------------------------------- /configurations/aduser-categories.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "Name": "Department", 4 | "Properties": [ 5 | "DisplayName", 6 | "Name", 7 | "Title", 8 | "Department", 9 | "Manager" 10 | ] 11 | }, 12 | { 13 | "Name": "Basic", 14 | "Properties": [ 15 | "DisplayName", 16 | "Name", 17 | "SamAccountname", 18 | "UserPrincipalName", 19 | "Enabled", 20 | "WhenCreated", 21 | "WhenChanged" 22 | ] 23 | }, 24 | { 25 | "Name": "Address", 26 | "Properties": [ 27 | "DisplayName", 28 | "Name", 29 | "TelephoneNumber", 30 | "Office", 31 | "StreetAddress", 32 | "POBox", 33 | "City", 34 | "State", 35 | "PostalCode" 36 | ] 37 | }, 38 | { 39 | "Name": "Organization", 40 | "Properties": [ 41 | "DisplayName", 42 | "Name", 43 | "Title", 44 | "Department", 45 | "Manager", 46 | "Company", 47 | "Office" 48 | ] 49 | }, 50 | { 51 | "Name": "Pwinfo", 52 | "Properties": [ 53 | "DisplayName", 54 | "Name", 55 | "PasswordExpired", 56 | "PasswordLastSet", 57 | "PasswordNeverExpires" 58 | ] 59 | } 60 | ] -------------------------------------------------------------------------------- /docs/Get-ADBackupStatus.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: http://bit.ly/3fPV1AE 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADBackupStatus 9 | 10 | ## SYNOPSIS 11 | 12 | Get an Active Directory backup status 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADBackupStatus [-DomainController] [-Credential ] 18 | [] 19 | ``` 20 | 21 | ## DESCRIPTION 22 | 23 | There aren't any explicit PowerShell commands to tell if Active Directory has been backed up. One indirect approach is to use the command-line tool repadmin.exe. This command has a /showbackup parameter which will indicate when the different Active Directory partitions have been backed up. This command is a PowerShell wrapper for repadmin.exe that runs on the specified domain controller in a PowerShell remoting session. 24 | 25 | If running in a console host, the date value may be shown in red, if the date is beyond the backup limit of 3 days. This is a user-customizable value in $ADReportingHash. 26 | 27 | $ADReportinghash.BackupLimit = 5 28 | 29 | If you want a limit like this all the time, in your PowerShell profile script import the module and add this line. 30 | 31 | ## EXAMPLES 32 | 33 | ### Example 1 34 | 35 | ```powershell 36 | PS C:\> Get-ADBackupStatus dom1 37 | 38 | DomainController: Dom1.Company.Pri 39 | 40 | Partition LocalUSN OriginUSN Date 41 | --------- -------- --------- ---- 42 | DC=ForestDnsZones,DC=Company,DC=Pri 13777 13777 01/25/2021 14:27:01 43 | DC=DomainDnsZones,DC=Company,DC=Pri 13776 13776 01/25/2021 14:27:01 44 | CN=Schema,CN=Configuration,DC=Comp.... 13775 13775 01/25/2021 14:27:01 45 | CN=Configuration,DC=Company,DC=Pri 13774 13774 01/25/2021 14:27:01 46 | DC=Company,DC=Pri 13773 13773 01/25/2021 14:27:01 47 | ``` 48 | 49 | Any date that is beyond the number of days that is beyond $ADReportingHash.BackupLimit, will be displaySed in red, if running in a console host. 50 | 51 | ## PARAMETERS 52 | 53 | ### -Credential 54 | 55 | Specify an alternate credential 56 | 57 | ```yaml 58 | Type: PSCredential 59 | Parameter Sets: (All) 60 | Aliases: 61 | 62 | Required: False 63 | Position: Named 64 | Default value: None 65 | Accept pipeline input: False 66 | Accept wildcard characters: False 67 | ``` 68 | 69 | ### -DomainController 70 | 71 | Specify the name of a domain controller 72 | 73 | ```yaml 74 | Type: String[] 75 | Parameter Sets: (All) 76 | Aliases: 77 | 78 | Required: True 79 | Position: 0 80 | Default value: None 81 | Accept pipeline input: False 82 | Accept wildcard characters: False 83 | ``` 84 | 85 | ### CommonParameters 86 | 87 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 88 | 89 | ## INPUTS 90 | 91 | ### None 92 | 93 | ## OUTPUTS 94 | 95 | ### System.Object 96 | 97 | ## NOTES 98 | 99 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 100 | 101 | ## RELATED LINKS 102 | 103 | [Get-NTDSInfo](Get-NTDSInfo.md) 104 | 105 | [repadmin.exe]() 106 | -------------------------------------------------------------------------------- /docs/Get-ADBranch.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: http://bit.ly/3tbCeDc 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADBranch 9 | 10 | ## SYNOPSIS 11 | 12 | Get a listing of members in an AD branch. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADBranch [-SearchBase] [-ObjectClass ] 18 | [-IncludeDeletedObjects] [-ExcludeContainers] [-Server ] 19 | [-Credential ] [] 20 | ``` 21 | 22 | ## DESCRIPTION 23 | 24 | This command will get all users, groups, and computers from a given Active Directory organizational unit or container and display a hierarchical report. The search is recursive from the starting search base. 25 | 26 | ## EXAMPLES 27 | 28 | ### Example 1 29 | 30 | ```dos 31 | PS C:\> Get-ADBranch "OU=IT,DC=company,DC=pri" 32 | 33 | DistinguishedName Name Description 34 | ----------------- ---- ----------- 35 | CN=AprilS,OU=IT,DC=Company,DC=Pri AprilS PowerShell Guru 36 | 37 | 38 | Branch: OU=It,DC=Company,DC=Pri [User] 39 | 40 | DistinguishedName Name Description 41 | ----------------- ---- ----------- 42 | CN=ArtD,OU=IT,DC=Company,DC=Pri ArtD PowerShell Engineer 43 | CN=GladysK,OU=IT,DC=Company,DC=Pri GladysK Senior AD and Ide... 44 | CN=MaryL,OU=IT,DC=Company,DC=Pri MaryL Main IT 45 | CN=MikeS,OU=IT,DC=Company,DC=Pri MikeS Backup IT 46 | 47 | 48 | Branch: OU=It,DC=Company,DC=Pri [Group] 49 | 50 | DistinguishedName Name Description 51 | ----------------- ---- ----------- 52 | CN=IT,OU=IT,DC=Company,DC=Pri IT 53 | CN=Web Servers,OU=IT,DC=Company,DC=Pri Web Servers 54 | ... 55 | ``` 56 | 57 | Get members of the IT organizational unit. There is a formatting bug where the first item isn't properly grouped. 58 | 59 | ### Example 2 60 | 61 | ```dos 62 | PS C:\> Get-ADBranch "Ou=accounting,Dc=company,dc=pri" -objectclass group 63 | 64 | DistinguishedName Name Description 65 | ----------------- ---- ----------- 66 | CN=Accounting,OU=Accounting, Accounting Company Accounting DC=Company,DC=Pri 67 | 68 | 69 | Branch: OU=Corp Investment,OU=Finance,OU=Accounting,DC=Company,DC=Pri [Group] 70 | 71 | DistinguishedName Name Description 72 | ----------------- ---- ----------- 73 | CN=StrategyDL,OU=Corp StrategyDL Strategic plann... Investment,OU=Finance,OU=Accounting, 74 | DC=Company,DC=Pri 75 | 76 | 77 | Branch: OU=Payroll,OU=Accounting,DC=Company,DC=Pri [Group] 78 | 79 | DistinguishedName Name Description 80 | ----------------- ---- ----------- 81 | CN=Payroll Managers,OU=Payroll, Payroll Managers 82 | OU=Accounting,DC=Company,DC=Pri 83 | ``` 84 | 85 | Get only groups in the Accounting OU tree. 86 | 87 | ## PARAMETERS 88 | 89 | ### -Credential 90 | 91 | Specify an alternate credential. 92 | 93 | ```yaml 94 | Type: PSCredential 95 | Parameter Sets: (All) 96 | Aliases: RunAs 97 | 98 | Required: False 99 | Position: Named 100 | Default value: None 101 | Accept pipeline input: False 102 | Accept wildcard characters: False 103 | ``` 104 | 105 | ### -IncludeDeletedObjects 106 | 107 | Show deleted objects. This parameter has no effect unless you are searching from the domain root. 108 | 109 | ```yaml 110 | Type: SwitchParameter 111 | Parameter Sets: (All) 112 | Aliases: 113 | 114 | Required: False 115 | Position: Named 116 | Default value: None 117 | Accept pipeline input: False 118 | Accept wildcard characters: False 119 | ``` 120 | 121 | ### -SearchBase 122 | 123 | Enter the distinguished name of the top-level container or organizational unit. 124 | 125 | ```yaml 126 | Type: String 127 | Parameter Sets: (All) 128 | Aliases: 129 | 130 | Required: True 131 | Position: 0 132 | Default value: None 133 | Accept pipeline input: False 134 | Accept wildcard characters: False 135 | ``` 136 | 137 | ### -Server 138 | 139 | Specify a domain controller to query. 140 | 141 | ```yaml 142 | Type: String 143 | Parameter Sets: (All) 144 | Aliases: dc, domaincontroller 145 | 146 | Required: False 147 | Position: Named 148 | Default value: None 149 | Accept pipeline input: False 150 | Accept wildcard characters: False 151 | ``` 152 | 153 | ### -ExcludeContainers 154 | 155 | Exclude containers like USERS. This will only have no effect unless your search base is the domain root. 156 | 157 | ```yaml 158 | Type: SwitchParameter 159 | Parameter Sets: (All) 160 | Aliases: 161 | 162 | Required: False 163 | Position: Named 164 | Default value: None 165 | Accept pipeline input: False 166 | Accept wildcard characters: False 167 | ``` 168 | 169 | ### -ObjectClass 170 | 171 | Only show objects of the matching classes. Valid choices are user, group, and computer. 172 | 173 | ```yaml 174 | Type: String[] 175 | Parameter Sets: (All) 176 | Aliases: 177 | 178 | Required: False 179 | Position: Named 180 | Default value: None 181 | Accept pipeline input: False 182 | Accept wildcard characters: False 183 | ``` 184 | 185 | ### CommonParameters 186 | 187 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 188 | 189 | ## INPUTS 190 | 191 | ### None 192 | 193 | ## OUTPUTS 194 | 195 | ### ADBranchMember 196 | 197 | ## NOTES 198 | 199 | Learn more about PowerShell: 200 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 201 | 202 | ## RELATED LINKS 203 | 204 | [Show-Domain](Show-Domain.md) 205 | -------------------------------------------------------------------------------- /docs/Get-ADCanonicalUser.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/38yrc2R 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADCanonicalUser 9 | 10 | ## SYNOPSIS 11 | 12 | Get an AD user account using a canonical name. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADCanonicalUser [-Name] [-Properties ] 18 | -IncludeDeletedObjects] [-Server ] [-Credential ] 19 | [] 20 | ``` 21 | 22 | ## DESCRIPTION 23 | 24 | Often you will find user names in the form domain\username. This command makes it easier to find the Active Directory user account using this value. If you have enabled the Active Directory Recycle Bin feature, you can use the IncludeDeletedObjects parameter to search for the user account if it can't be found with the initial search. 25 | 26 | There is an assumption that you will know the domain controller responsible for the given domain component. Or that all accounts are in your current user domain. 27 | 28 | ## EXAMPLES 29 | 30 | ### Example 1 31 | 32 | ```dos 33 | PS C:\> Get-ADCanonicalUser company\gladysk -Properties title,description,department 34 | 35 | 36 | Department : IT 37 | Description : Senior AD and Identity Goddess 38 | DistinguishedName : CN=GladysK,OU=IT,DC=Company,DC=Pri 39 | Enabled : True 40 | GivenName : Gladys 41 | Name : GladysK 42 | ObjectClass : user 43 | ObjectGUID : 445c8817-3c53-4861-9221-407b5af8bdc6 44 | SamAccountName : GladysK 45 | SID : S-1-5-21-493037332-564925384-1585924867-1105 46 | Surname : Kravitz 47 | Title : AD Operations Lead 48 | UserPrincipalName : gladysk@Company.Pri 49 | ``` 50 | 51 | Get the Active Directory user account for Company\Gladysk and some select properties. 52 | 53 | ### Example 2 54 | 55 | ```dos 56 | PS C:\> $a = Get-ADUserAudit -Since "2/1/2021" -Events Disabled 57 | PS C:\> $a.targets | Get-Unique | Get-ADCanonicalUser | 58 | Select-Object DistinguishedName 59 | 60 | DistinguishedName 61 | ----------------- 62 | CN=MaryL,OU=IT,DC=Company,DC=Pri 63 | CN=E.Ratti,OU=Employees,DC=Company,DC=Pri 64 | CN=Roy Biv,OU=Accounting,DC=Company,DC=Pri 65 | CN=D.Monroy,OU=Employees,DC=Company,DC=Pri 66 | CN=MaryL,OU=IT,DC=Company,DC=Pri 67 | CN=S.Montbriand,OU=Employees,DC=Company,DC=Pri 68 | CN=R.Freil,OU=Employees,DC=Company,DC=Pri 69 | CN=N.Wobser,OU=Employees,DC=Company,DC=Pri 70 | CN=Y.Graffney,OU=Employees,DC=Company,DC=Pri 71 | CN=D.Waldow,OU=Employees,DC=Company,DC=Pri 72 | ``` 73 | 74 | The first command is using the Get-ADUserAudit command to find all user accounts disabled since February 1. The resulting targets in the canonical name format. These values are piped to Get-ADCanonicalUser to retrieve the corresponding distinguished name values. 75 | 76 | ## PARAMETERS 77 | 78 | ### -Credential 79 | 80 | Specify an alternate credential. 81 | 82 | ```yaml 83 | Type: PSCredential 84 | Parameter Sets: (All) 85 | Aliases: RunAs 86 | 87 | Required: False 88 | Position: Named 89 | Default value: None 90 | Accept pipeline input: False 91 | Accept wildcard characters: False 92 | ``` 93 | 94 | ### -IncludeDeletedObjects 95 | 96 | Search deleted objects if the user account can't be found. 97 | 98 | ```yaml 99 | Type: SwitchParameter 100 | Parameter Sets: (All) 101 | Aliases: 102 | 103 | Required: False 104 | Position: Named 105 | Default value: None 106 | Accept pipeline input: False 107 | Accept wildcard characters: False 108 | ``` 109 | 110 | ### -Name 111 | 112 | Enter the username in the form domain\username. 113 | 114 | ```yaml 115 | Type: String 116 | Parameter Sets: (All) 117 | Aliases: 118 | 119 | Required: True 120 | Position: 0 121 | Default value: None 122 | Accept pipeline input: True (ByValue) 123 | Accept wildcard characters: False 124 | ``` 125 | 126 | ### -Properties 127 | 128 | Enter one or more user properties or * to select everything. 129 | 130 | ```yaml 131 | Type: String[] 132 | Parameter Sets: (All) 133 | Aliases: 134 | 135 | Required: False 136 | Position: Named 137 | Default value: None 138 | Accept pipeline input: False 139 | Accept wildcard characters: False 140 | ``` 141 | 142 | ### -Server 143 | 144 | Specify a domain controller to query. 145 | 146 | ```yaml 147 | Type: String 148 | Parameter Sets: (All) 149 | Aliases: dc, domaincontroller 150 | 151 | Required: False 152 | Position: Named 153 | Default value: None 154 | Accept pipeline input: False 155 | Accept wildcard characters: False 156 | ``` 157 | 158 | ### CommonParameters 159 | 160 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 161 | 162 | ## INPUTS 163 | 164 | ### System.String 165 | 166 | ## OUTPUTS 167 | 168 | ### Microsoft.ActiveDirectory.Management.ADUser 169 | 170 | ## NOTES 171 | 172 | Learn more about PowerShell: 173 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 174 | 175 | ## RELATED LINKS 176 | 177 | [Get-ADUser]() 178 | 179 | [Get-ADObject]() 180 | -------------------------------------------------------------------------------- /docs/Get-ADComputerReport.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3dFHB7E 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADComputerReport 9 | 10 | ## SYNOPSIS 11 | 12 | Get AD Computer account information 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADComputerReport [[-Name] ] [-Category ] 18 | [-Location ] [-SearchBase ] [-Server ] 19 | [-Credential ] [] 20 | ``` 21 | 22 | ## DESCRIPTION 23 | 24 | Get-ADComputerReport will gather information about computer objects in Active Directory. The default is to find all objects. But you can filter on a category of Server or Desktop. The filtering is done based on the operating system value. 25 | 26 | ## EXAMPLES 27 | 28 | ### Example 1 29 | 30 | ```powershell 31 | PS C:\> Get-ADComputerReport 32 | 33 | Name Description Location IPAddress LastLogonDate 34 | ---- ----------- -------- --------- ------------- 35 | DOM1 HQ domain controllers hqdc 192.168.3.10 3/26/2021 3:12... 36 | DOM2 HQ domain controllers hqdc 192.168.3.11 3/26/2021 3:21... 37 | Mail01 38 | SRV1 corp resource server hqdc 192.168.3.50 3/26/2021 10:4... 39 | SRV2 Omaha 192.168.3.51 3/26/2021 10:4... 40 | ... 41 | ``` 42 | 43 | If you are running in a PowerShell console, domain controllers and member servers will be highlighted with an ANSI sequence. 44 | 45 | ### Example 2 46 | 47 | ```powershell 48 | PS C:\> Get-ADComputerReport -Name srv1 | select * 49 | 50 | 51 | Name : SRV1 52 | DNSHostname : SRV1.Company.Pri 53 | Description : corp resource server 54 | OperatingSystem : Windows Server 2016 Standard Evaluation 55 | IsServer : True 56 | Location : hqdc 57 | LastLogonDate : 3/26/2021 10:45:27 AM 58 | IPAddress : 192.168.3.50 59 | Created : 1/25/2021 1:33:02 PM 60 | Modified : 3/26/2021 9:04:03 PM 61 | DistinguishedName : CN=SRV1,CN=Computers,DC=Company,DC=Pri 62 | ``` 63 | 64 | Get all report properties. 65 | 66 | ## PARAMETERS 67 | 68 | ### -Category 69 | 70 | Filter by the operating system. 71 | 72 | ```yaml 73 | Type: String 74 | Parameter Sets: (All) 75 | Aliases: 76 | Accepted values: Any, Server, Desktop 77 | 78 | Required: False 79 | Position: Named 80 | Default value: None 81 | Accept pipeline input: False 82 | Accept wildcard characters: False 83 | ``` 84 | 85 | ### -Credential 86 | 87 | Specify an alternate credential. 88 | This will be used to query the domain and all domain controllers. 89 | 90 | ```yaml 91 | Type: PSCredential 92 | Parameter Sets: (All) 93 | Aliases: RunAs 94 | 95 | Required: False 96 | Position: Named 97 | Default value: None 98 | Accept pipeline input: False 99 | Accept wildcard characters: False 100 | ``` 101 | 102 | ### -Location 103 | 104 | Filter by location. 105 | 106 | ```yaml 107 | Type: String 108 | Parameter Sets: (All) 109 | Aliases: 110 | 111 | Required: False 112 | Position: Named 113 | Default value: None 114 | Accept pipeline input: False 115 | Accept wildcard characters: False 116 | ``` 117 | 118 | ### -Name 119 | 120 | Enter an AD conmputer identity. 121 | Wildcard are allowed. 122 | 123 | ```yaml 124 | Type: String 125 | Parameter Sets: (All) 126 | Aliases: 127 | 128 | Required: False 129 | Position: 0 130 | Default value: None 131 | Accept pipeline input: True (ByValue) 132 | Accept wildcard characters: False 133 | ``` 134 | 135 | ### -SearchBase 136 | 137 | Enter the distinguished name of the top-level container or organizational unit. 138 | 139 | ```yaml 140 | Type: String 141 | Parameter Sets: (All) 142 | Aliases: 143 | 144 | Required: False 145 | Position: Named 146 | Default value: None 147 | Accept pipeline input: False 148 | Accept wildcard characters: False 149 | ``` 150 | 151 | ### -Server 152 | 153 | Specify a domain controller to query for a list of domain controllers. 154 | 155 | ```yaml 156 | Type: String 157 | Parameter Sets: (All) 158 | Aliases: dc, domaincontroller 159 | 160 | Required: False 161 | Position: Named 162 | Default value: None 163 | Accept pipeline input: False 164 | Accept wildcard characters: False 165 | ``` 166 | 167 | ### CommonParameters 168 | 169 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 170 | 171 | ## INPUTS 172 | 173 | ### System.String 174 | 175 | ## OUTPUTS 176 | 177 | ### ADComputerInfo 178 | 179 | ## NOTES 180 | 181 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 182 | 183 | ## RELATED LINKS 184 | 185 | [Get-ADDomainControllerHealth](Get-ADDomainControllerHealth.md) 186 | 187 | [Get-ADManager](Get-ADManager.md) 188 | 189 | [Get-ADComputer]() 190 | -------------------------------------------------------------------------------- /docs/Get-ADDepartment.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | schema: 2.0.0 5 | --- 6 | 7 | # Get-ADDepartment 8 | 9 | ## SYNOPSIS 10 | 11 | Get members of a department from Active Directory. 12 | 13 | ## SYNTAX 14 | 15 | ```yaml 16 | Get-ADDepartment [-Department] [-Server ] [-Credential ] [] 17 | ``` 18 | 19 | ## DESCRIPTION 20 | 21 | Use this command to retrieve user account information from Active Directory for members of a specific department. You can specify multiple departments. User information is displayed in a grouped table by default. 22 | 23 | When you import the ADReportingTools module, it will define a global variable called ADReportingHash, which is a hashtable. The variable has a key called Departments. This variable is used in an argument completer for the -Department parameter. This allows you to tab-complete the parameter value. If you add a department after loading the module, you will need to update the variable. You can manually add a department: 24 | 25 | $ADReportingHash.Departments+='Bottle Washing' 26 | 27 | Or reload the module: 28 | 29 | Import-Module ADReportingTools -force 30 | 31 | ## EXAMPLES 32 | 33 | ### Example 1 34 | 35 | ```powershell 36 | PS C:\> Get-ADDepartment -Department sales -Server dom1 -Credential company\artd 37 | 38 | Department: Sales 39 | 40 | Name Title City Phone 41 | ---- ----- ---- ----- 42 | Sonya Smith Account Executive Omaha x2345 43 | Garret Guillary Intern Omaha x8877 44 | Sam Smith Sales Support Omaha x5678 45 | Samantha Smith Sales Assistant Omaha x9875 46 | ``` 47 | 48 | Get all members of the Sales department. This example queries a specific domain controller and uses alternate credentials. If your PowerShell session supports it, disabled accounts will be displayed in red. 49 | 50 | ### Example 2 51 | 52 | ```powershell 53 | PS C:\> Get-ADDepartment Sales | Format-Table -view manager 54 | 55 | 56 | Manager: CN=Alfonso Dente,OU=Sales,DC=Company,DC=Pri [Sales] 57 | 58 | Name Description Title City 59 | ---- ----------- ----- ---- 60 | Sonya Smith Sales Account Executive Omaha 61 | 62 | 63 | Manager: CN=SamanthaS,OU=Sales,DC=Company,DC=Pri [Sales] 64 | 65 | Name Description Title City 66 | ---- ----------- ----- ---- 67 | Garret Guillary sales intern Intern Omaha 68 | 69 | 70 | Manager: CN=SonyaS,OU=Sales,DC=Company,DC=Pri [Sales] 71 | 72 | Name Description Title City 73 | ---- ----------- ----- ---- 74 | Sam Smith Sales Sales Support Omaha 75 | Samantha Smith Sales Sales Assistant Omaha 76 | ``` 77 | 78 | The command has a corresponding formatting file with a custom view. 79 | 80 | ## PARAMETERS 81 | 82 | ### -Credential 83 | 84 | Specify alternate credentials for authentication. 85 | 86 | ```yaml 87 | Type: PSCredential 88 | Parameter Sets: (All) 89 | Aliases: runas 90 | 91 | Required: False 92 | Position: Named 93 | Default value: None 94 | Accept pipeline input: False 95 | Accept wildcard characters: False 96 | ``` 97 | 98 | ### -Department 99 | 100 | Specify one or more department names. 101 | 102 | ```yaml 103 | Type: String[] 104 | Parameter Sets: (All) 105 | Aliases: 106 | 107 | Required: True 108 | Position: 0 109 | Default value: None 110 | Accept pipeline input: False 111 | Accept wildcard characters: False 112 | ``` 113 | 114 | ### -Server 115 | 116 | Specify a domain controller to query. 117 | 118 | ```yaml 119 | Type: String 120 | Parameter Sets: (All) 121 | Aliases: DC 122 | 123 | Required: False 124 | Position: Named 125 | Default value: None 126 | Accept pipeline input: False 127 | Accept wildcard characters: False 128 | ``` 129 | 130 | ### CommonParameters 131 | 132 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 133 | 134 | ## INPUTS 135 | 136 | ### None 137 | 138 | ## OUTPUTS 139 | 140 | ### ADDeptMember 141 | 142 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 143 | 144 | ## RELATED LINKS 145 | 146 | [Get-ADUserCategory](Get-ADUserCategory.md) 147 | 148 | [Get-ADUser]() 149 | -------------------------------------------------------------------------------- /docs/Get-ADDomainControllerHealth.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/38u96PJ 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADDomainControllerHealth 9 | 10 | ## SYNOPSIS 11 | 12 | Get a summary view of domain controller health. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADDomainControllerHealth [[-Server] ] [[-Credential] ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This command is intended to give you a quick summary of the overall health of your Active Directory domain controllers. The concept of "health" is based on the following: 23 | 24 | - How much free space remains on drive C:? 25 | - How much free physical memory? 26 | - What percentage of the Security event log is in use? 27 | - Are any critical services not running? 28 | 29 | The services checked are ntds,kdc,adws,dfs,dfsr,netlogon,samss, and w32time. Not every organization runs DNS and/or DHCP on their domain controllers so those services have been omitted. 30 | 31 | Output will be color-coded using ANSI escape sequences. 32 | 33 | ## EXAMPLES 34 | 35 | ### Example 1 36 | 37 | ```dos 38 | 39 | PS C:\> Get-ADDomainControllerHealth 40 | 41 | 42 | DC: DOM1.Company.Pri [192.168.3.10] 43 | 44 | Uptime PctFreeC PctFreeMem PctSecLog ServiceAlert 45 | ------ -------- ---------- --------- ------------ 46 | 12.22:29:47 89.61 25.17 33.8 False 47 | 48 | 49 | DC: DOM2.Company.Pri [192.168.3.11] 50 | 51 | Uptime PctFreeC PctFreeMem PctSecLog ServiceAlert 52 | ------ -------- ---------- --------- ------------ 53 | 5.16:38:00 90.63 48.36 14.56 True 54 | ``` 55 | 56 | Get a health snapshot of your domain controllers. A ServiceAlert of True means that one of the defined critical services is not running. 57 | 58 | Output might be color-coded. A ServiceAlert value of True will be displayed in Red. Free space on C and percent free physical memory will be shown in red if the value is 10% or less. A percent free less than 30$ will be displayed in an orange/yellow color. The percent Security log usage threshholds are 15% and 50%. 59 | 60 | ### Example 2 61 | 62 | ```dos 63 | PS C:\> Get-ADDomainControllerHealth | Format-Table -view info 64 | 65 | 66 | Domain Controller: CN=DOM1,OU=Domain Controllers,DC=Company,DC=Pri 67 | 68 | OperatingSystem IsGC IsRO Roles 69 | --------------- ---- ---- ----- 70 | Windows Server 2019 Standard True False {SchemaMaster,DomainNam... 71 | 72 | 73 | Domain Controller: CN=DOM2,OU=Domain Controllers,DC=Company,DC=Pri 74 | 75 | OperatingSystem IsGC IsRO Roles 76 | --------------- ---- ---- ----- 77 | Windows Server 2019 Standard True False {} 78 | ``` 79 | 80 | Get domain controller health using a custom table view. 81 | 82 | ### Example 3 83 | 84 | ```dos 85 | PS C:\> Get-ADDomainControllerHealth | Select-Object -Expand Services 86 | 87 | 88 | Computername: DOM1.Company.Pri 89 | 90 | ProcessID Displayname Name State StartMode Started 91 | --------- ----------- ---- ----- --------- ------- 92 | 2544 Active Directory Web Services ADWS Running Auto True 93 | 2652 DFS Namespace Dfs Running Auto True 94 | 2624 DFS Replication DFSR Running Auto True 95 | 660 Kerberos Key Distribution Center Kdc Running Auto True 96 | 660 Netlogon Netlogon Running Auto True 97 | 660 Active Directory Domain Services NTDS Running Auto True 98 | 660 Security Accounts Manager SamSs Running Auto True 99 | 1028 Windows Time W32Time Running Auto True 100 | ... 101 | ``` 102 | 103 | View the service status for each domain controller. 104 | 105 | ## PARAMETERS 106 | 107 | ### -Credential 108 | 109 | Specify an alternate credential. This will be used to query the domain and all domain controllers. 110 | 111 | ```yaml 112 | Type: PSCredential 113 | Parameter Sets: (All) 114 | Aliases: RunAs 115 | 116 | Required: False 117 | Position: 1 118 | Default value: None 119 | Accept pipeline input: False 120 | Accept wildcard characters: False 121 | ``` 122 | 123 | ### -Server 124 | 125 | Specify a domain controller to query for a list of domain controllers. 126 | 127 | ```yaml 128 | Type: String 129 | Parameter Sets: (All) 130 | Aliases: dc, domaincontroller 131 | 132 | Required: False 133 | Position: 0 134 | Default value: None 135 | Accept pipeline input: False 136 | Accept wildcard characters: False 137 | ``` 138 | 139 | ### CommonParameters 140 | 141 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 142 | 143 | ## INPUTS 144 | 145 | ### None 146 | 147 | ## OUTPUTS 148 | 149 | ### ADDomainControllerHealth 150 | 151 | ## NOTES 152 | 153 | Learn more about PowerShell: 154 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 155 | 156 | ## RELATED LINKS 157 | 158 | [Get-ADDomainController]() 159 | -------------------------------------------------------------------------------- /docs/Get-ADFSMO.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3ctNioz 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADFSMO 9 | 10 | ## SYNOPSIS 11 | 12 | Get FSMO holders. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADFSMO [[-Identity] ] [-Server ] [-Credential ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This command will display all FSMO role holders for the forest and domain at a glance. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```dos 29 | PS C:\> PS C:\> Get-ADFSMO 30 | 31 | 32 | Domain: Company.Pri 33 | Forest: Company.Pri 34 | 35 | 36 | PDCEmulator : DOM1.Company.Pri 37 | RIDMaster : DOM1.Company.Pri 38 | InfrastructureMaster : DOM1.Company.Pri 39 | SchemaMaster : DOM1.Company.Pri 40 | DomainNamingMaster : DOM1.Company.Pri 41 | ``` 42 | 43 | Get the FSMO holders for the current domain and forest. 44 | 45 | ## PARAMETERS 46 | 47 | ### -Credential 48 | 49 | Specify an alternate credential. 50 | 51 | ```yaml 52 | Type: PSCredential 53 | Parameter Sets: (All) 54 | Aliases: RunAs 55 | 56 | Required: False 57 | Position: Named 58 | Default value: None 59 | Accept pipeline input: False 60 | Accept wildcard characters: False 61 | ``` 62 | 63 | ### -Identity 64 | 65 | Specify the domain name. The default is the user domain. 66 | 67 | ```yaml 68 | Type: String 69 | Parameter Sets: (All) 70 | Aliases: name 71 | 72 | Required: False 73 | Position: 0 74 | Default value: None 75 | Accept pipeline input: False 76 | Accept wildcard characters: False 77 | ``` 78 | 79 | ### -Server 80 | 81 | Specify a domain controller to query. 82 | 83 | ```yaml 84 | Type: String 85 | Parameter Sets: (All) 86 | Aliases: dc, domaincontroller 87 | 88 | Required: False 89 | Position: Named 90 | Default value: None 91 | Accept pipeline input: False 92 | Accept wildcard characters: False 93 | ``` 94 | 95 | ### CommonParameters 96 | 97 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 98 | 99 | ## INPUTS 100 | 101 | ### None 102 | 103 | ## OUTPUTS 104 | 105 | ### ADFSMORole 106 | 107 | ## NOTES 108 | 109 | Learn more about PowerShell: 110 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 111 | 112 | ## RELATED LINKS 113 | 114 | [Get-ADSummary](Get-ADSummary.md) 115 | 116 | [Get-ADDomain]() 117 | 118 | [Get-ADForest]() 119 | -------------------------------------------------------------------------------- /docs/Get-ADGroupUser.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/38wecuU 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADGroupUser 9 | 10 | ## SYNOPSIS 11 | 12 | Get user members of an AD group. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADGroupUser [-Name] [-Server ] [-Credential ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This command will display all users of a given Active Directory group. The search is automatically recursive. The default output is a formatted table that will highlight disabled accounts in red. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```dos 29 | PS C:\> Get-ADGroupUser sales 30 | 31 | 32 | DistinguishedName: CN=SamS,OU=Sales,DC=Company,DC=Pri [Sam Smith] 33 | 34 | Name Title Description PasswordLastSet 35 | ---- ----- ----------- -------------- 36 | SamS Sales Staff 1/25/2021 1:32:36 PM 37 | 38 | 39 | DistinguishedName: CN=SonyaS,OU=Sales,DC=Company,DC=Pri [Sonya Smith] 40 | 41 | Name Title Description PasswordLastSet 42 | ---- ----- ----------- -------------- 43 | SonyaS Account Executive Sales 1/25/2021 1:32:37 PM 44 | 45 | 46 | DistinguishedName: CN=SamanthaS,OU=Sales,DC=Company,DC=Pri [Samantha Smith] 47 | 48 | Name Title Description PasswordLastSet 49 | ---- ----- ----------- -------------- 50 | SamanthaS Sales Assistant Sales Staff 1/25/2021 1:32:37 PM 51 | ``` 52 | 53 | Disabled accounts will have their distinguished name displayed in red. 54 | 55 | ### Example 2 56 | 57 | ```dos 58 | PS C:\> Get-ADGroupUser sales | format-list 59 | 60 | 61 | Group: CN=Sales,OU=Sales,DC=Company,DC=Pri 62 | 63 | 64 | DistinguishedName : CN=SamS,OU=Sales,DC=Company,DC=Pri 65 | Name : SamS 66 | Displayname : Sam Smith 67 | Description : Sales Staff 68 | Title : 69 | Department : Sales 70 | Enabled : False 71 | PasswordLastSet : 3/4/2021 4:03:23 PM 72 | 73 | DistinguishedName : CN=SonyaS,OU=Sales,DC=Company,DC=Pri 74 | Name : SonyaS 75 | Displayname : Sonya Smith 76 | Description : Sales 77 | Title : Account Executive 78 | Department : Sales 79 | Enabled : True 80 | PasswordLastSet : 1/25/2021 1:32:37 PM 81 | ... 82 | ``` 83 | 84 | Using the defined list view. 85 | 86 | ## PARAMETERS 87 | 88 | ### -Credential 89 | 90 | Specify an alternate credential. 91 | 92 | ```yaml 93 | Type: PSCredential 94 | Parameter Sets: (All) 95 | Aliases: RunAs 96 | 97 | Required: False 98 | Position: Named 99 | Default value: None 100 | Accept pipeline input: False 101 | Accept wildcard characters: False 102 | ``` 103 | 104 | ### -Name 105 | 106 | Enter the name of an Active Directory group. 107 | 108 | ```yaml 109 | Type: String 110 | Parameter Sets: (All) 111 | Aliases: 112 | 113 | Required: True 114 | Position: 0 115 | Default value: None 116 | Accept pipeline input: True (ByPropertyName, ByValue) 117 | Accept wildcard characters: False 118 | ``` 119 | 120 | ### -Server 121 | 122 | Specify a domain controller to query. 123 | 124 | ```yaml 125 | Type: String 126 | Parameter Sets: (All) 127 | Aliases: dc, domaincontroller 128 | 129 | Required: False 130 | Position: Named 131 | Default value: None 132 | Accept pipeline input: False 133 | Accept wildcard characters: False 134 | ``` 135 | 136 | ### CommonParameters 137 | 138 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 139 | 140 | ## INPUTS 141 | 142 | ### System.String 143 | 144 | ## OUTPUTS 145 | 146 | ### ADGroupUser 147 | 148 | ## NOTES 149 | 150 | Learn more about PowerShell: 151 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 152 | 153 | ## RELATED LINKS 154 | 155 | [Get-ADGroupReport](Get-ADGroupReport.md) 156 | 157 | [Get-ADGroupMember]() 158 | -------------------------------------------------------------------------------- /docs/Get-ADReportingTools.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3vtugaC 5 | --- 6 | 7 | # Get-ADReportingTools 8 | 9 | ## SYNOPSIS 10 | 11 | Get a summary list of AD Reporting commands 12 | 13 | ## SYNTAX 14 | 15 | ```yaml 16 | Get-ADReportingTools [] 17 | ``` 18 | 19 | ## DESCRIPTION 20 | 21 | This command will present a summary of commands in the ADReportingTools module grouped by verb. The default output will show the command name, any defined aliases, and the help synopsis. 22 | 23 | ## EXAMPLES 24 | 25 | ### Example 1 26 | 27 | ```dos 28 | PS C:\> Get-ADReportingTools 29 | ``` 30 | 31 | ## PARAMETERS 32 | 33 | ### CommonParameters 34 | 35 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 36 | 37 | ## INPUTS 38 | 39 | ### None 40 | 41 | ## OUTPUTS 42 | 43 | ### ADReportingTool 44 | 45 | ## NOTES 46 | 47 | Learn more about PowerShell: 48 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 49 | 50 | ## RELATED LINKS 51 | 52 | [Open-ADReportingToolsHelp](Open-ADReportingToolsHelp.md) 53 | 54 | [Get-Module]() 55 | 56 | [Get-Command]() 57 | -------------------------------------------------------------------------------- /docs/Get-ADReportingToolsOptions.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/2RiXoln 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADReportingToolsOptions 9 | 10 | ## SYNOPSIS 11 | 12 | Get ADReportingTools color options 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADReportingToolsOptions [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | Many of the commands in the ADReportingTools module have custom format files that utilize ANSI escape sequences to highlight key elements. The module defaults are stored in a variable called ADReportingToolsOptions. Use this command to view the current settings. If you access the variable directly, you won't see the actual ANSI settings, and you might have to reset your console by typing "$([char]0x1b)[0m". 23 | 24 | The ANSI sequences use the [char]0x1b escape character because it works in both Windows PowerShell and PowerShell 7. 25 | 26 | ## EXAMPLES 27 | 28 | ### Example 1 29 | 30 | ```powershell 31 | PS C:\> Get-ADReportingToolsOptions 32 | 33 | Name Value 34 | ---- ----- 35 | Alert $([char]0x1b)[91m 36 | Warning $([char]0x1b)[38;5;220m 37 | DistributionList $([char]0x1b)[92m 38 | ``` 39 | 40 | The actual values will be color-coded with the ANSI sequence. 41 | 42 | ## PARAMETERS 43 | 44 | ### CommonParameters 45 | 46 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 47 | 48 | ## INPUTS 49 | 50 | ### None 51 | 52 | ## OUTPUTS 53 | 54 | ### ADReportingToolsOption 55 | 56 | ## NOTES 57 | 58 | An easy way to see ANSI samples is to install the PSScriptTools module from the PowerShell Gallery and use the Show-ANSISequence command. 59 | 60 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 61 | 62 | ## RELATED LINKS 63 | 64 | [Set-ADReportingToolsOIptions](Set-ADReportingToolsOptions.md) 65 | -------------------------------------------------------------------------------- /docs/Get-ADSiteDetail.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/38QzYK3 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADSiteDetail 9 | 10 | ## SYNOPSIS 11 | 12 | Get a more detailed AD site report. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADSiteDetail [-Name ] [[-Server] ] [[-Credential] ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This command will present a summary report of your Active Directory sites showing a description, associated subnets, and when the site object was created and last modified. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```dos 29 | 30 | PS C:\> Get-ADSiteDetail 31 | 32 | 33 | Name: Default-First-Site-Name 34 | 35 | Description Subnets Created Modified 36 | ----------- ------- ------- -------- 37 | Home Office {192.168.3.0/24, 19... 2/23/2021 3:36:58 PM 2/23/2021... 38 | 39 | 40 | Name: NoCal 41 | 42 | Description Subnets Created Modified 43 | ----------- ------- ------- -------- 44 | Bay Area Office 172.17.0.0/16 2/23/2021 3:38:33 PM 2/23/2021... 45 | ``` 46 | 47 | ## PARAMETERS 48 | 49 | ### -Credential 50 | 51 | Specify an alternate credential. 52 | 53 | ```yaml 54 | Type: PSCredential 55 | Parameter Sets: (All) 56 | Aliases: RunAs 57 | 58 | Required: False 59 | Position: 1 60 | Default value: None 61 | Accept pipeline input: False 62 | Accept wildcard characters: False 63 | ``` 64 | 65 | ### -Server 66 | 67 | Specify a domain controller to query. 68 | 69 | ```yaml 70 | Type: String 71 | Parameter Sets: (All) 72 | Aliases: dc, domaincontroller 73 | 74 | Required: False 75 | Position: 0 76 | Default value: None 77 | Accept pipeline input: False 78 | Accept wildcard characters: False 79 | ``` 80 | 81 | ### -Name 82 | 83 | Specify the name of an Active Directory site. The default is all sites. 84 | 85 | ```yaml 86 | Type: String 87 | Parameter Sets: (All) 88 | Aliases: 89 | 90 | Required: False 91 | Position: Named 92 | Default value: None 93 | Accept pipeline input: False 94 | Accept wildcard characters: False 95 | ``` 96 | 97 | ### CommonParameters 98 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 99 | 100 | ## INPUTS 101 | 102 | ### None 103 | 104 | ## OUTPUTS 105 | 106 | ### ADSiteDetail 107 | 108 | ## NOTES 109 | 110 | Learn more about PowerShell: 111 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 112 | 113 | ## RELATED LINKS 114 | 115 | [Get-ADSiteSummary]() 116 | 117 | [Get-ADReplicationSite]() 118 | -------------------------------------------------------------------------------- /docs/Get-ADSiteSummary.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3esumcq 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADSiteSummary 9 | 10 | ## SYNOPSIS 11 | 12 | Get summary information about AD sites. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADSiteSummary [-Name ] [[-Server] ] [[-Credential] ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This command will display a summary report of each Active Directory site. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```dos 29 | PS C:\> Get-ADSiteSummary 30 | 31 | 32 | Site: Default-First-Site-Name 33 | Description: Home Office 34 | 35 | Subnet Description Location 36 | ------ ----------- -------- 37 | 192.168.3.0/24 Employees 38 | 192.168.99.0/24 Datacenter HQDC 39 | 40 | 41 | Site: NoCal 42 | Description: Bay Area Office 43 | 44 | Subnet Description Location 45 | ------ ----------- -------- 46 | 172.17.0.0/16 47 | ``` 48 | 49 | ## PARAMETERS 50 | 51 | ### -Credential 52 | 53 | Specify an alternate credential. 54 | 55 | ```yaml 56 | Type: PSCredential 57 | Parameter Sets: (All) 58 | Aliases: RunAs 59 | 60 | Required: False 61 | Position: 1 62 | Default value: None 63 | Accept pipeline input: False 64 | Accept wildcard characters: False 65 | ``` 66 | 67 | ### -Server 68 | 69 | Specify a domain controller to query. 70 | 71 | ```yaml 72 | Type: String 73 | Parameter Sets: (All) 74 | Aliases: dc, domaincontroller 75 | 76 | Required: False 77 | Position: 0 78 | Default value: None 79 | Accept pipeline input: False 80 | Accept wildcard characters: False 81 | ``` 82 | 83 | ### -Name 84 | 85 | Specify the name of an Active Directory site. The default is all sites. 86 | 87 | ```yaml 88 | Type: String 89 | Parameter Sets: (All) 90 | Aliases: 91 | 92 | Required: False 93 | Position: Named 94 | Default value: None 95 | Accept pipeline input: False 96 | Accept wildcard characters: False 97 | ``` 98 | 99 | ### CommonParameters 100 | 101 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 102 | 103 | ## INPUTS 104 | 105 | ### None 106 | 107 | ## OUTPUTS 108 | 109 | ### ADSiteSummary 110 | 111 | ## NOTES 112 | 113 | Learn more about PowerShell: 114 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 115 | 116 | ## RELATED LINKS 117 | 118 | [Get-ADSiteDetail](Get-ADSiteDetail.md) 119 | 120 | [Get-ADReplicationSite]() 121 | -------------------------------------------------------------------------------- /docs/Get-ADSummary.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/38BNf98 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADSummary 9 | 10 | ## SYNOPSIS 11 | 12 | Get a summary report of your AD domain and forest. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADSummary [[-Identity] ] [-Server ] [-Credential ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | This simple command will give you a snapshot-sized summary of your Active Directory domain and forest. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```dos 29 | PS C:\> Get-ADSummary 30 | 31 | 32 | Forest: Company.Pri [Windows2016Forest] 33 | 34 | 35 | RootDomain : Company.Pri 36 | Domains : {Company.Pri} 37 | Domain : Company.Pri 38 | DomainMode : Windows2016Domain 39 | DomainControllers : {DOM1.Company.Pri, DOM2.Company.Pri} 40 | GlobalCatalogs : {DOM1.Company.Pri, DOM2.Company.Pri} 41 | SiteCount : 2 42 | ``` 43 | 44 | ## PARAMETERS 45 | 46 | ### -Credential 47 | 48 | Specify an alternate credential. 49 | 50 | ```yaml 51 | Type: PSCredential 52 | Parameter Sets: (All) 53 | Aliases: RunAs 54 | 55 | Required: False 56 | Position: Named 57 | Default value: None 58 | Accept pipeline input: False 59 | Accept wildcard characters: False 60 | ``` 61 | 62 | ### -Identity 63 | 64 | Specify the domain name. The default is the user domain. 65 | 66 | ```yaml 67 | Type: String 68 | Parameter Sets: (All) 69 | Aliases: name 70 | 71 | Required: False 72 | Position: 0 73 | Default value: None 74 | Accept pipeline input: False 75 | Accept wildcard characters: False 76 | ``` 77 | 78 | ### -Server 79 | 80 | Specify a domain controller to query. 81 | 82 | ```yaml 83 | Type: String 84 | Parameter Sets: (All) 85 | Aliases: dc, domaincontroller 86 | 87 | Required: False 88 | Position: Named 89 | Default value: None 90 | Accept pipeline input: False 91 | Accept wildcard characters: False 92 | ``` 93 | 94 | ### CommonParameters 95 | 96 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 97 | 98 | ## INPUTS 99 | 100 | ### None 101 | 102 | ## OUTPUTS 103 | 104 | ### ADSummary 105 | 106 | ## NOTES 107 | 108 | Learn more about PowerShell: 109 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 110 | 111 | ## RELATED LINKS 112 | 113 | [Get-ADFSMO](Get-ADFSMO.md) 114 | 115 | [Get-ADDomain]() 116 | 117 | [Get-ADForest]() 118 | -------------------------------------------------------------------------------- /docs/Get-ADUserAudit.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3cponT4 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-ADUserAudit 9 | 10 | ## SYNOPSIS 11 | 12 | Audit AD user management events. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-ADUserAudit [[-DomainController] ] [-Since ] 18 | [-Events ] [-Credential ] [] 19 | ``` 20 | 21 | ## DESCRIPTION 22 | 23 | This command will search the Security event logs on your domain controllers for specific user-related events. These activities are not replicated, so you have to search each domain controller. Be aware that you may see related events for some actions. For example, if you create and enable a new user, you'll see multiple entries for the same event. 24 | 25 | The output will show you the user accounts that match the search criteria, and the domain account that was responsible. Although, this command can't tell you which administrator is responsible for which activity. The best you can learn is that for a given time frame, these user accounts were managed. Or these administrators did something. You would need to search the event log on the domain controller for more information. 26 | 27 | You may need to enable logging and/or increase the size of the Security event log. 28 | 29 | ## EXAMPLES 30 | 31 | ### Example 1 32 | 33 | ```dos 34 | PS C:\> get-aduseraudit -Events Created -Since 2/1/2021 35 | 36 | 37 | DomainController: DOM1.Company.Pri 38 | 39 | 40 | EventType : UserCreated 41 | Since : 2/1/2021 12:00:00 AM 42 | TargetCount : 10 43 | Targets : {COMPANY\darrens, COMPANY\S.Talone, COMPANY\ntesla, COMPANY...} 44 | Administrators : {COMPANY\ArtD, COMPANY\Administrator, COMPANY\GladysK, COMP...} 45 | 46 | 47 | 48 | DomainController: DOM2.Company.Pri 49 | 50 | 51 | EventType : UserCreated 52 | Since : 2/1/2021 12:00:00 AM 53 | TargetCount : 6 54 | Targets : {COMPANY\astark, COMPANY\georgejet, COMPANY\maef, COMPANY\bo..} 55 | Administrators : {COMPANY\GladysK, COMPANY\ArtD} 56 | ``` 57 | 58 | Find all user accounts created since February 1, 2021. 59 | 60 | ## PARAMETERS 61 | 62 | ### -Credential 63 | 64 | Specify an alternate credential 65 | 66 | ```yaml 67 | Type: PSCredential 68 | Parameter Sets: (All) 69 | Aliases: 70 | 71 | Required: False 72 | Position: Named 73 | Default value: None 74 | Accept pipeline input: False 75 | Accept wildcard characters: False 76 | ``` 77 | 78 | ### -DomainController 79 | 80 | Specify one or more domain controllers to query. The default is all domain controllers in the user domain. 81 | 82 | ```yaml 83 | Type: String[] 84 | Parameter Sets: (All) 85 | Aliases: 86 | 87 | Required: False 88 | Position: 0 89 | Default value: None 90 | Accept pipeline input: False 91 | Accept wildcard characters: False 92 | ``` 93 | 94 | ### -Events 95 | 96 | Select one or more user account events 97 | 98 | ```yaml 99 | Type: String[] 100 | Parameter Sets: (All) 101 | Aliases: 102 | Accepted values: Created, Deleted, Enabled, Disabled, Changed 103 | 104 | Required: False 105 | Position: Named 106 | Default value: None 107 | Accept pipeline input: False 108 | Accept wildcard characters: False 109 | ``` 110 | 111 | ### -Since 112 | 113 | Find all matching user management events since what date and time? 114 | 115 | ```yaml 116 | Type: DateTime 117 | Parameter Sets: (All) 118 | Aliases: 119 | 120 | Required: False 121 | Position: Named 122 | Default value: None 123 | Accept pipeline input: False 124 | Accept wildcard characters: False 125 | ``` 126 | 127 | ### CommonParameters 128 | 129 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 130 | 131 | ## INPUTS 132 | 133 | ### None 134 | 135 | ## OUTPUTS 136 | 137 | ### System.Object 138 | 139 | ## NOTES 140 | 141 | An earlier version of this command was first published at: 142 | http://bit.ly/ADUserAudit 143 | 144 | Learn more about PowerShell: 145 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 146 | 147 | ## RELATED LINKS 148 | 149 | [Get-WinEvent]() 150 | -------------------------------------------------------------------------------- /docs/Get-NTDSInfo.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3dFy3ta 5 | schema: 2.0.0 6 | --- 7 | 8 | # Get-NTDSInfo 9 | 10 | ## SYNOPSIS 11 | 12 | Get information about the NTDS.dit and related files. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Get-NTDSInfo [-Computername] [-Credential ] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | Get-NTDSInfo will query a domain controller using PowerShell remoting to get information about the NTDS.dit and related files. You might use this to track the size of the file or to check on backups. A high log count might indicate a backup is needed. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```powershell 29 | PS C:\> Get-NTDSInfo -computername dom1 | format-list 30 | 31 | DomainController : DOM1.Company.Pri 32 | Path : C:\NTDS\ntds.dit 33 | Size : 16777216 34 | FileDate : 3/26/2021 1:13:26 PM 35 | LogCount : 34 36 | Date : 3/26/2021 4:15:00 PM 37 | ``` 38 | 39 | The default display is a table. The LogCount is the number of temp edb files in the NTDS folder. The FileDate is the timestamp of ntds.dit, and the Date property reflects when you ran the command. 40 | 41 | ## PARAMETERS 42 | 43 | ### -Computername 44 | 45 | Specify a domain controller name. 46 | 47 | ```yaml 48 | Type: String[] 49 | Parameter Sets: (All) 50 | Aliases: name 51 | 52 | Required: True 53 | Position: 0 54 | Default value: None 55 | Accept pipeline input: True (ByValue) 56 | Accept wildcard characters: False 57 | ``` 58 | 59 | ### -Credential 60 | 61 | Specify an alternate credential. 62 | 63 | ```yaml 64 | Type: PSCredential 65 | Parameter Sets: (All) 66 | Aliases: 67 | 68 | Required: False 69 | Position: Named 70 | Default value: None 71 | Accept pipeline input: False 72 | Accept wildcard characters: False 73 | ``` 74 | 75 | ### CommonParameters 76 | 77 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 78 | 79 | ## INPUTS 80 | 81 | ### System.String[] 82 | 83 | ## OUTPUTS 84 | 85 | ### NTDSInfo 86 | 87 | ## NOTES 88 | 89 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 90 | 91 | ## RELATED LINKS 92 | 93 | [Get-ADBackupStatus](Get-ADBackupStatus.md) 94 | -------------------------------------------------------------------------------- /docs/New-ADChangeReport.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3dFGuoh 5 | schema: 2.0.0 6 | --- 7 | 8 | # New-ADChangeReport 9 | 10 | ## SYNOPSIS 11 | 12 | Create an HTML change report. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | New-ADChangeReport [[-Since] ] [-ReportTitle ] 18 | [-Logo ] [--CSSUri ] [-EmbedCSS] [-ByContainer] 19 | [-Path ] [-Server ] [-Credential ] 20 | [-AuthType ] [] 21 | ``` 22 | 23 | ## DESCRIPTION 24 | 25 | New-ADChangeReport will create an HTML report showing changes to Active Directory users, computers, and groups since a given date and time. The command uses Get-ADObject to query the WhenChanged property. The objects are organized by class and/or container and written to an HTML file. The command uses a CSS file from the ADReportingTools module, although you can specify your own. To make the HTML file portable, you can opt to embed the CSS content from a file source. 26 | 27 | ## EXAMPLES 28 | 29 | ### Example 1 30 | 31 | ```powershell 32 | PS C:\> New-ADChangeReport -Since "3/1/2021" -Path C:\work\March-2021-Change.html -ReportTitle "March AD Change Report" -EmbedCSS 33 | ``` 34 | 35 | This example will create a report called March-2021-Change.html with Active Directory changes since March 1, 2021l. The HTML report will use the default CSS file from the ADReportingTools module and embed it into the file. 36 | 37 | ## PARAMETERS 38 | 39 | ### -AuthType 40 | 41 | Specifies the authentication method to use. Possible values for this parameter include: 42 | 43 | Negotiate or 0 44 | 45 | Basic or 1 46 | 47 | The default authentication method is Negotiate. 48 | 49 | A Secure Sockets Layer (SSL) connection is required for the Basic authentication method. 50 | 51 | ```yaml 52 | Type: String 53 | Parameter Sets: (All) 54 | Aliases: 55 | Accepted values: Negotiate, Basic 56 | 57 | Required: False 58 | Position: Named 59 | Default value: Negotiate 60 | Accept pipeline input: False 61 | Accept wildcard characters: False 62 | ``` 63 | 64 | ### -ByContainer 65 | 66 | Add a second grouping based on the object's container or OU. 67 | 68 | ```yaml 69 | Type: SwitchParameter 70 | Parameter Sets: (All) 71 | Aliases: 72 | 73 | Required: False 74 | Position: Named 75 | Default value: None 76 | Accept pipeline input: False 77 | Accept wildcard characters: False 78 | ``` 79 | 80 | ### --CSSUri 81 | 82 | Specify the path to the CSS file. If you don't specify one, the default module file will be used. 83 | 84 | ```yaml 85 | Type: String 86 | Parameter Sets: (All) 87 | Aliases: 88 | 89 | Required: False 90 | Position: Named 91 | Default value: changereport.css 92 | Accept pipeline input: False 93 | Accept wildcard characters: False 94 | ``` 95 | 96 | ### -Credential 97 | 98 | Specify an alternate credential for authentication. 99 | 100 | ```yaml 101 | Type: PSCredential 102 | Parameter Sets: (All) 103 | Aliases: 104 | 105 | Required: False 106 | Position: Named 107 | Default value: None 108 | Accept pipeline input: False 109 | Accept wildcard characters: False 110 | ``` 111 | 112 | ### -EmbedCSS 113 | 114 | Embed the CSS file into the HTML document head. You can only embed from a file, not a URL. 115 | 116 | ```yaml 117 | Type: SwitchParameter 118 | Parameter Sets: (All) 119 | Aliases: 120 | 121 | Required: False 122 | Position: Named 123 | Default value: None 124 | Accept pipeline input: False 125 | Accept wildcard characters: False 126 | ``` 127 | 128 | ### -Logo 129 | 130 | Specify the path to an image file to use as a logo in the report. 131 | 132 | ```yaml 133 | Type: String 134 | Parameter Sets: (All) 135 | Aliases: 136 | 137 | Required: False 138 | Position: Named 139 | Default value: None 140 | Accept pipeline input: False 141 | Accept wildcard characters: False 142 | ``` 143 | 144 | ### -Path 145 | 146 | Specify the path for the output file. 147 | 148 | ```yaml 149 | Type: String 150 | Parameter Sets: (All) 151 | Aliases: 152 | 153 | Required: False 154 | Position: Named 155 | Default value: None 156 | Accept pipeline input: False 157 | Accept wildcard characters: False 158 | ``` 159 | 160 | ### -ReportTitle 161 | 162 | What is the report title? 163 | 164 | ```yaml 165 | Type: String 166 | Parameter Sets: (All) 167 | Aliases: 168 | 169 | Required: False 170 | Position: Named 171 | Default value: "Active Directory Change Report" 172 | Accept pipeline input: False 173 | Accept wildcard characters: False 174 | ``` 175 | 176 | ### -Server 177 | 178 | Specifies the Active Directory Domain Services domain controller to query. The default is your Logon server. 179 | 180 | ```yaml 181 | Type: String 182 | Parameter Sets: (All) 183 | Aliases: 184 | 185 | Required: False 186 | Position: Named 187 | Default value: None 188 | Accept pipeline input: False 189 | Accept wildcard characters: False 190 | ``` 191 | 192 | ### -Since 193 | 194 | Enter a last modified datetime for AD objects. The default is the last 4 hours. 195 | 196 | ```yaml 197 | Type: DateTime 198 | Parameter Sets: (All) 199 | Aliases: 200 | 201 | Required: False 202 | Position: 0 203 | Default value: None 204 | Accept pipeline input: False 205 | Accept wildcard characters: False 206 | ``` 207 | 208 | ### CommonParameters 209 | 210 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 211 | 212 | ## INPUTS 213 | 214 | ### None 215 | 216 | ## OUTPUTS 217 | 218 | ### System.IO.FileInfo 219 | 220 | ## NOTES 221 | 222 | An earlier version of this command was first described at https://jdhitsolutions.com/blog/powershell/8087/an-active-directory-change-report-from-powershell/ 223 | 224 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 225 | 226 | ## RELATED LINKS 227 | 228 | [Get-ADObject]() 229 | 230 | -------------------------------------------------------------------------------- /docs/New-ADDomainReport.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3exlja5 5 | schema: 2.0.0 6 | --- 7 | 8 | # New-ADDomainReport 9 | 10 | ## SYNOPSIS 11 | 12 | Create an HTML report of your domain. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | New-ADDomainReport [[-Name] ] -FilePath 18 | [-ReportTitle ] [-CSSUri ] [-EmbedCSS] [-Server ] 19 | [-Credential ] [] 20 | ``` 21 | 22 | ## DESCRIPTION 23 | 24 | This command will create an HTML report of your domain. The report layout is by container and organizational unit. Underneath each branch will be a table display of users, computers, and groups. Beneath each group will be a table of recursive group members. You should get detail about users and computers if you hover the mouse over the distinguished name. 25 | 26 | The ADReportingTools module includes a CSS file which will be used by default. But you can specify an alternate CSS file. If you want to make the file portable, you can opt to embed the CSS into the HTML file. You can only embed from a file, not a URL reference. 27 | 28 | ## EXAMPLES 29 | 30 | ### Example 1 31 | 32 | ```powershell 33 | PS C:\> New-ADDomainReport -filepath c:\work\company.html -embedcss 34 | ``` 35 | 36 | Create the HTML report and embed the default CSS file. 37 | 38 | ## PARAMETERS 39 | 40 | ### -CSSUri 41 | 42 | Specify the path to the CSS file. If you don't specify one, the default module file will be used. The default file is in the Reports folder of this module. 43 | 44 | ```yaml 45 | Type: String 46 | Parameter Sets: (All) 47 | Aliases: 48 | 49 | Required: False 50 | Position: Named 51 | Default value: None 52 | Accept pipeline input: False 53 | Accept wildcard characters: False 54 | ``` 55 | 56 | ### -Credential 57 | 58 | Specify an alternate credential. 59 | 60 | ```yaml 61 | Type: PSCredential 62 | Parameter Sets: (All) 63 | Aliases: RunAs 64 | 65 | Required: False 66 | Position: Named 67 | Default value: None 68 | Accept pipeline input: False 69 | Accept wildcard characters: False 70 | ``` 71 | 72 | ### -EmbedCSS 73 | 74 | Embed the CSS file into the HTML document head. 75 | You can only embed from a file, not a URL. 76 | 77 | ```yaml 78 | Type: SwitchParameter 79 | Parameter Sets: (All) 80 | Aliases: 81 | 82 | Required: False 83 | Position: Named 84 | Default value: None 85 | Accept pipeline input: False 86 | Accept wildcard characters: False 87 | ``` 88 | 89 | ### -FilePath 90 | 91 | Specify the output HTML file. 92 | 93 | ```yaml 94 | Type: String 95 | Parameter Sets: (All) 96 | Aliases: 97 | 98 | Required: True 99 | Position: Named 100 | Default value: None 101 | Accept pipeline input: False 102 | Accept wildcard characters: False 103 | ``` 104 | 105 | ### -Name 106 | 107 | Specify the domain name. The default is the user domain. 108 | 109 | ```yaml 110 | Type: String 111 | Parameter Sets: (All) 112 | Aliases: domain 113 | 114 | Required: False 115 | Position: 0 116 | Default value: None 117 | Accept pipeline input: False 118 | Accept wildcard characters: False 119 | ``` 120 | 121 | ### -ReportTitle 122 | 123 | Enter the name of the report to be displayed in the web browser. 124 | 125 | ```yaml 126 | Type: String 127 | Parameter Sets: (All) 128 | Aliases: 129 | 130 | Required: False 131 | Position: Named 132 | Default value: Domain Report 133 | Accept pipeline input: False 134 | Accept wildcard characters: False 135 | ``` 136 | 137 | ### -Server 138 | 139 | Specify a domain controller to query. 140 | 141 | ```yaml 142 | Type: String 143 | Parameter Sets: (All) 144 | Aliases: dc, domaincontroller 145 | 146 | Required: False 147 | Position: Named 148 | Default value: None 149 | Accept pipeline input: False 150 | Accept wildcard characters: False 151 | ``` 152 | 153 | ### CommonParameters 154 | 155 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 156 | 157 | ## INPUTS 158 | 159 | ### None 160 | 161 | ## OUTPUTS 162 | 163 | ### System.IO.File 164 | 165 | ## NOTES 166 | 167 | Learn more about PowerShell: 168 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 169 | 170 | ## RELATED LINKS 171 | 172 | [Show-DomainTree](Show-DomainTree.md) 173 | -------------------------------------------------------------------------------- /docs/New-ADGroupReport.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3uthsPX 5 | schema: 2.0.0 6 | --- 7 | 8 | # New-ADGroupReport 9 | 10 | ## SYNOPSIS 11 | 12 | Create an HTML report of AD groups 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | New-ADGroupReport [[-Name] ] [-SearchBase ] 18 | [-Category ] [-Scope ] [-ExcludeBuiltIn] -FilePath 19 | -ReportTitle ] [-CSSUri ] [-EmbedCSS] [-Server ] 20 | [-Credential ] [] 21 | ``` 22 | 23 | ## DESCRIPTION 24 | 25 | New-ADGroupReport will create an HTML report of specified groups from Active Directory. This function is based on Get-ADGroupReport and converts the output to an HTML file. You can specify a CSS file or use the default from the module. 26 | 27 | ## EXAMPLES 28 | 29 | ### Example 1 30 | 31 | ```powershell 32 | PS C:\> New-ADGroupReport -excludeBuiltIn -embedCSS -server dom2 -category security -filepath c:\work\secgroup.html 33 | ``` 34 | 35 | This example will create a new HTML report of all Security groups, excluding the built-in groups. Disabled user accounts will be highlighted in red since the command is using the module's CSS file, which is also being embedded. User detail will pop-up when the mouse hovers over the user's distinguishedname. 36 | 37 | ## PARAMETERS 38 | 39 | ### -CSSUri 40 | 41 | Specify the path the CSS file. If you don't specify one, the default module file will be used. 42 | 43 | ```yaml 44 | Type: String 45 | Parameter Sets: (All) 46 | Aliases: 47 | 48 | Required: False 49 | Position: Named 50 | Default value: groupreport.css 51 | Accept pipeline input: False 52 | Accept wildcard characters: False 53 | ``` 54 | 55 | ### -Category 56 | 57 | Filter on the group category. 58 | 59 | ```yaml 60 | Type: String 61 | Parameter Sets: (All) 62 | Aliases: 63 | Accepted values: All, Distribution, Security 64 | 65 | Required: False 66 | Position: Named 67 | Default value: None 68 | Accept pipeline input: False 69 | Accept wildcard characters: False 70 | ``` 71 | 72 | ### -Credential 73 | 74 | Specify an alternate credential. 75 | 76 | ```yaml 77 | Type: PSCredential 78 | Parameter Sets: (All) 79 | Aliases: RunAs 80 | 81 | Required: False 82 | Position: Named 83 | Default value: None 84 | Accept pipeline input: False 85 | Accept wildcard characters: False 86 | ``` 87 | 88 | ### -EmbedCSS 89 | 90 | Embed the CSS file into the HTML document head. You can only embed from a file, not a URL. 91 | 92 | ```yaml 93 | Type: SwitchParameter 94 | Parameter Sets: (All) 95 | Aliases: 96 | 97 | Required: False 98 | Position: Named 99 | Default value: None 100 | Accept pipeline input: False 101 | Accept wildcard characters: False 102 | ``` 103 | 104 | ### -ExcludeBuiltIn 105 | 106 | Exclude BuiltIn and Users containers. Domain Users, Domain Guests, and Domain Computers are always excluded regardless of this parameter. 107 | 108 | ```yaml 109 | Type: SwitchParameter 110 | Parameter Sets: (All) 111 | Aliases: 112 | 113 | Required: False 114 | Position: Named 115 | Default value: None 116 | Accept pipeline input: False 117 | Accept wildcard characters: False 118 | ``` 119 | 120 | ### -FilePath 121 | 122 | Specify the output HTML file. 123 | 124 | ```yaml 125 | Type: String 126 | Parameter Sets: (All) 127 | Aliases: 128 | 129 | Required: True 130 | Position: Named 131 | Default value: None 132 | Accept pipeline input: False 133 | Accept wildcard characters: False 134 | ``` 135 | 136 | ### -Name 137 | 138 | Enter an AD Group name. Wildcards are allowed. 139 | 140 | ```yaml 141 | Type: String 142 | Parameter Sets: (All) 143 | Aliases: 144 | 145 | Required: False 146 | Position: 0 147 | Default value: None 148 | Accept pipeline input: False 149 | Accept wildcard characters: True 150 | ``` 151 | 152 | ### -ReportTitle 153 | 154 | Enter the name of the report to be displayed in the web browser 155 | 156 | ```yaml 157 | Type: String 158 | Parameter Sets: (All) 159 | Aliases: 160 | 161 | Required: False 162 | Position: Named 163 | Default value: AD Group Report 164 | Accept pipeline input: False 165 | Accept wildcard characters: False 166 | ``` 167 | 168 | ### -Scope 169 | 170 | Filter on group scope 171 | 172 | ```yaml 173 | Type: String 174 | Parameter Sets: (All) 175 | Aliases: 176 | Accepted values: Any, DomainLocal, Global, Universal 177 | 178 | Required: False 179 | Position: Named 180 | Default value: None 181 | Accept pipeline input: False 182 | Accept wildcard characters: False 183 | ``` 184 | 185 | ### -SearchBase 186 | 187 | Enter the distinguished name of the top-level container or organizational unit. 188 | 189 | ```yaml 190 | Type: String 191 | Parameter Sets: (All) 192 | Aliases: 193 | 194 | Required: False 195 | Position: Named 196 | Default value: None 197 | Accept pipeline input: False 198 | Accept wildcard characters: False 199 | ``` 200 | 201 | ### -Server 202 | 203 | Specify a domain controller to query. 204 | 205 | ```yaml 206 | Type: String 207 | Parameter Sets: (All) 208 | Aliases: dc, domaincontroller 209 | 210 | Required: False 211 | Position: Named 212 | Default value: None 213 | Accept pipeline input: False 214 | Accept wildcard characters: False 215 | ``` 216 | 217 | ### CommonParameters 218 | 219 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 220 | 221 | ## INPUTS 222 | 223 | ### None 224 | 225 | ## OUTPUTS 226 | 227 | ### System.IO.File 228 | 229 | ## NOTES 230 | 231 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 232 | 233 | ## RELATED LINKS 234 | 235 | [Get-ADGroupReport](Get-ADGroupReport.md) 236 | -------------------------------------------------------------------------------- /docs/Open-ADReportingToolsHelp.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3usgsM4 5 | schema: 2.0.0 6 | --- 7 | 8 | # Open-ADReportingToolsHelp 9 | 10 | ## SYNOPSIS 11 | 12 | Open a PDF help file. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Open-ADReportingToolsHelp [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | Open-ADReportingToolsHelp will launch a PDF file with all module documentation for the ADReportingTools module. The command should launch the file with whatever application is associated with the .PDF extension. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```powershell 29 | PS C:\> Open=ADReportingToolsHelp 30 | ``` 31 | 32 | Launch the help PDF file. 33 | 34 | ## PARAMETERS 35 | 36 | ### CommonParameters 37 | 38 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 39 | 40 | ## INPUTS 41 | 42 | ### None 43 | 44 | ## OUTPUTS 45 | 46 | ### None 47 | 48 | ## NOTES 49 | 50 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 51 | 52 | ## RELATED LINKS 53 | 54 | [Get-ADReportingTools](Get-ADReportingTools.md) 55 | -------------------------------------------------------------------------------- /docs/Set-ADReportingToolsOptions.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3uuvotg 5 | schema: 2.0.0 6 | --- 7 | 8 | # Set-ADReportingToolsOptions 9 | 10 | ## SYNOPSIS 11 | 12 | Change an ADReportingToolsOptions setting. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Set-ADReportingToolsOptions [-Name] -ANSI [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | Many of the commands in the ADReportingTools module have custom format files that utilize ANSI escape sequences to highlight key elements. The module defaults are stored in a variable called ADReportingToolsOptions. Use this command to modify a current setting. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```powershell 29 | PS C:\> Set-ADReportingToolsOptions DistributionList -ANSI "$([char]0x1b)[36m" 30 | ``` 31 | 32 | This will change the color value for DistributionList entries. The change is not persistent unless you put it in a PowerShell profile script. 33 | 34 | ## PARAMETERS 35 | 36 | ### -ANSI 37 | 38 | Specify the opening ANSI sequence. The module uses the [char]0x1b escape sequence because it works in both Windows PowerShell and PowerShell 7.x. 39 | 40 | ```yaml 41 | Type: String 42 | Parameter Sets: (All) 43 | Aliases: 44 | 45 | Required: True 46 | Position: Named 47 | Default value: None 48 | Accept pipeline input: False 49 | Accept wildcard characters: False 50 | ``` 51 | 52 | ### -Name 53 | 54 | Specify an option. 55 | 56 | ```yaml 57 | Type: String 58 | Parameter Sets: (All) 59 | Aliases: 60 | Accepted values: DistributionList, Alert, Warning 61 | 62 | Required: True 63 | Position: 0 64 | Default value: None 65 | Accept pipeline input: False 66 | Accept wildcard characters: False 67 | ``` 68 | 69 | ### CommonParameters 70 | 71 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 72 | 73 | ## INPUTS 74 | 75 | ### None 76 | 77 | ## OUTPUTS 78 | 79 | ### None 80 | 81 | ## NOTES 82 | 83 | An easy way to see ANSI samples is to install the PSScriptTools module from the PowerShell Gallery and use the Show-ANSISequence command. 84 | 85 | Learn more about PowerShell: http://jdhitsolutions.com/blog/essential-powershell-resources/ 86 | 87 | ## RELATED LINKS 88 | 89 | [Get-ADReportingToolsOptions](Get-ADReportingToolsOptions.md) 90 | -------------------------------------------------------------------------------- /docs/Show-DomainTree.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/2PXbvfo 5 | schema: 2.0.0 6 | --- 7 | 8 | # Show-DomainTree 9 | 10 | ## SYNOPSIS 11 | 12 | Display the domain in a tree format. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Show-DomainTree [[-Name] ] [-UseDN] [-Server ] 18 | [-Credential ] [-Containers] [] 19 | ``` 20 | 21 | ## DESCRIPTION 22 | 23 | This command will display your domain in a tree view at the console. By default, Show-DomainTree will use color-coded ANSI formatting. The default display uses the organizational unit names. Although, you can use the distinguishedname of each branch. If you use -Containers, containers like Users will be included. 24 | 25 | NOTE: This command will only run in a console host session. It will **not** run in the PowerShell ISE or VSCode. 26 | 27 | ## EXAMPLES 28 | 29 | ### Example 1 30 | 31 | ```dos 32 | PS C:\> Show-DomainTree 33 | 34 | DC=Company,DC=Pri 35 | │ 36 | ├── Accounting 37 | │ ├── Banking 38 | │ ├── Finance 39 | │ ├── Corp Investment 40 | │ ├── Payroll 41 | ├── Dev 42 | │ ├── Ops 43 | ├── Domain Controllers 44 | ├── Employees 45 | │ ├── Exec 46 | │ ├── VIP 47 | │ ├── Temporary Hires 48 | ├── IT 49 | │ ├── Help Desk 50 | │ ├── TechStaff 51 | │ ├── Test 52 | │ ├── SecOps 53 | ├── JEA_Operators 54 | ├── Marketing 55 | │ ├── Agency 56 | ├── Research 57 | ├── Sales 58 | │ ├── InsideSales 59 | │ ├── OutsideSales 60 | ├── Servers 61 | │ ├── AppDev 62 | │ ├── DMZ 63 | │ ├── Web 64 | │ ├── Staging 65 | └── Suspended 66 | ``` 67 | 68 | Output will color-coded using ANSI escape sequences. 69 | 70 | ### Example 2 71 | 72 | ```dos 73 | PS C:\> PS C:\> Show-DomainTree -usedn 74 | 75 | DC=Company,DC=Pri 76 | │ 77 | ├── OU=Accounting,DC=Company,DC=Pri 78 | │ ├── OU=Banking,OU=Accounting,DC=Company,DC=Pri 79 | │ ├── OU=Finance,OU=Accounting,DC=Company,DC=Pri 80 | │ ├── OU=Corp Investment,OU=Finance,OU=Accounting,DC=Company,DC=Pri 81 | │ ├── OU=Payroll,OU=Accounting,DC=Company,DC=Pri 82 | ├── OU=Dev,DC=Company,DC=Pri 83 | │ ├── OU=Ops,OU=Dev,DC=Company,DC=Pri 84 | ├── OU=Domain Controllers,DC=Company,DC=Pri 85 | ├── OU=Employees,DC=Company,DC=Pri 86 | │ ├── OU=Exec,OU=Employees,DC=Company,DC=Pri 87 | │ ├── OU=VIP,OU=Exec,OU=Employees,DC=Company,DC=Pri 88 | │ ├── OU=Temporary Hires,OU=Employees,DC=Company,DC=Pri 89 | ├── OU=IT,DC=Company,DC=Pri 90 | │ ├── OU=Help Desk,OU=IT,DC=Company,DC=Pri 91 | │ ├── OU=TechStaff,OU=Help Desk,OU=IT,DC=Company,DC=Pri 92 | │ ├── OU=Test,OU=TechStaff,OU=Help Desk,OU=IT,DC=Company,DC=Pri 93 | │ ├── OU=SecOps,OU=IT,DC=Company,DC=Pri 94 | ... 95 | ``` 96 | 97 | Display the domain tree using distinguishednames. 98 | 99 | ## PARAMETERS 100 | 101 | ### -Containers 102 | 103 | Include containers and non-OU elements. Items with a GUID in the name will be omitted. 104 | 105 | ```yaml 106 | Type: SwitchParameter 107 | Parameter Sets: (All) 108 | Aliases: cn 109 | 110 | Required: False 111 | Position: Named 112 | Default value: None 113 | Accept pipeline input: False 114 | Accept wildcard characters: False 115 | ``` 116 | 117 | ### -Credential 118 | 119 | Specify an alternate credential. 120 | 121 | ```yaml 122 | Type: PSCredential 123 | Parameter Sets: (All) 124 | Aliases: RunAs 125 | 126 | Required: False 127 | Position: Named 128 | Default value: None 129 | Accept pipeline input: False 130 | Accept wildcard characters: False 131 | ``` 132 | 133 | ### -Name 134 | 135 | Specify the domain name. The default is the user domain. 136 | 137 | ```yaml 138 | Type: String 139 | Parameter Sets: (All) 140 | Aliases: 141 | 142 | Required: False 143 | Position: 0 144 | Default value: None 145 | Accept pipeline input: False 146 | Accept wildcard characters: False 147 | ``` 148 | 149 | ### -Server 150 | 151 | Specify a domain controller to query. 152 | 153 | ```yaml 154 | Type: String 155 | Parameter Sets: (All) 156 | Aliases: dc, domaincontroller 157 | 158 | Required: False 159 | Position: Named 160 | Default value: None 161 | Accept pipeline input: False 162 | Accept wildcard characters: False 163 | ``` 164 | 165 | ### -UseDN 166 | 167 | Display the domain tree using distinguished names. 168 | 169 | ```yaml 170 | Type: SwitchParameter 171 | Parameter Sets: (All) 172 | Aliases: dn 173 | 174 | Required: False 175 | Position: Named 176 | Default value: None 177 | Accept pipeline input: False 178 | Accept wildcard characters: False 179 | ``` 180 | 181 | ### CommonParameters 182 | 183 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 184 | 185 | ## INPUTS 186 | 187 | ### None 188 | 189 | ## OUTPUTS 190 | 191 | ### String 192 | 193 | ## NOTES 194 | 195 | Learn more about PowerShell: 196 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 197 | 198 | ## RELATED LINKS 199 | 200 | [New-ADDomainReport](New-ADDomainReport.md) 201 | -------------------------------------------------------------------------------- /docs/Split-DistinguishedName.md: -------------------------------------------------------------------------------- 1 | --- 2 | external help file: ADReportingTools-help.xml 3 | Module Name: ADReportingTools 4 | online version: https://bit.ly/3uyBoRt 5 | schema: 2.0.0 6 | --- 7 | 8 | # Split-DistinguishedName 9 | 10 | ## SYNOPSIS 11 | 12 | Split a distinguished name into its components. 13 | 14 | ## SYNTAX 15 | 16 | ```yaml 17 | Split-DistinguishedName [-DistinguishedName] [] 18 | ``` 19 | 20 | ## DESCRIPTION 21 | 22 | Split-DistinguishedName will take a disdinguishedname and break it down to its component elements. The command does not verify the name or any of its elements. 23 | 24 | ## EXAMPLES 25 | 26 | ### Example 1 27 | 28 | ```powershell 29 | PS C:\>Get-ADGroup supporttech | Split-Distinguishedname 30 | 31 | 32 | Name : SupportTech 33 | Branch : Help Desk 34 | BranchDN : OU=Help Desk,OU=IT,DC=Company,DC=Pri 35 | Domain : Company 36 | DomainDN : DC=Company,DC=Pri 37 | DomainDNS : Company.Pri 38 | ``` 39 | 40 | ### Example 2 41 | 42 | ```powershell 43 | PS C:\> Split-DistinguishedName "CN=Foo,OU=Bar,OU=Oz,DC=Research,DC=Globomantics,DC=com" 44 | 45 | 46 | Name : Foo 47 | Branch : Bar 48 | BranchDN : OU=Bar,OU=Oz,DC=Research,DC=Globomantics,DC=com 49 | Domain : Research 50 | DomainDN : DC=Research,DC=Globomantics,DC=com 51 | DomainDNS : Research.Globomantics.com 52 | ``` 53 | 54 | ## PARAMETERS 55 | 56 | ### -DistinguishedName 57 | 58 | Enter an Active Directory DistinguishedName. 59 | 60 | ```yaml 61 | Type: String 62 | Parameter Sets: (All) 63 | Aliases: dn 64 | 65 | Required: True 66 | Position: 0 67 | Default value: None 68 | Accept pipeline input: True (ByPropertyName, ByValue) 69 | Accept wildcard characters: False 70 | ``` 71 | 72 | ### CommonParameters 73 | 74 | This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). 75 | 76 | ## INPUTS 77 | 78 | ### System.String 79 | 80 | ## OUTPUTS 81 | 82 | ### ADDistinguishedNameInfo 83 | 84 | ## NOTES 85 | 86 | Learn more about PowerShell: 87 | http://jdhitsolutions.com/blog/essential-powershell-resources/ 88 | 89 | ## RELATED LINKS 90 | -------------------------------------------------------------------------------- /formats/adaudittrail.format.ps1xml: -------------------------------------------------------------------------------- 1 | 2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADAuditTrail 16 | 17 | 18 | DomainController 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | EventType 28 | 29 | 30 | 31 | Since 32 | 33 | 34 | 35 | TargetCount 36 | 37 | 38 | 39 | Targets 40 | 41 | 42 | 43 | Administrators 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | -------------------------------------------------------------------------------- /formats/adbackup.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADBackupStatus 16 | 17 | 18 | DomainController 19 | 20 | 21 | 22 | 24 | 25 | 26 | 27 | 50 28 | left 29 | 30 | 31 | 32 | 9 33 | right 34 | 35 | 36 | 37 | 9 38 | right 39 | 40 | 41 | 42 | 23 43 | right 44 | 45 | 46 | 47 | 48 | 49 | 50 | Partition 51 | 52 | 53 | LocalUSN 54 | 55 | 56 | OriginatingUSN 57 | 58 | 59 | 60 | If ($host.name -match 'console') { 61 | if ($_.age.TotalDays -ge $ADReportingHash.BackupLimit) { 62 | "$($ADReportingToolsOptions.Alert)$($_.Date)$([char]0x1b)[0m" 63 | } 64 | else { 65 | $_.Date 66 | } 67 | } 68 | else { 69 | $_.Date 70 | } 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | age 81 | 82 | ADBackupStatus 83 | 84 | 85 | DomainController 86 | 87 | 88 | 89 | 91 | 92 | 93 | 94 | 50 95 | left 96 | 97 | 98 | 99 | 22 100 | right 101 | 102 | 103 | 104 | 105 | 106 | 107 | Partition 108 | 109 | 110 | $_.Age.ToString() -replace "\.\d+$","" 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | -------------------------------------------------------------------------------- /formats/adbranchmember.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | default 13 | 14 | ADBranchMember 15 | 16 | 17 | 18 | 19 | If ($host.name -match "console" -AND $_.Class -eq 'User') { 20 | $c= "$($ADReportingToolsOptions.UserClass)$($_.Class)$([char]0x1b)[0m" 21 | } 22 | elseif ($host.name -match "console" -AND $_.class -eq 'Computer') { 23 | $c= "$($ADReportingToolsOptions.ComputerClass)$($_.Class)$([char]0x1b)[0m" 24 | } 25 | elseif ($host.name -match "console" -AND $_.class -eq 'Group') { 26 | $c= "$($ADReportingToolsOptions.GroupClass)$($_.Class)$([char]0x1b)[0m" 27 | } 28 | else { 29 | $c = $_.class 30 | } 31 | "{0} [{1}]" -f $_.parent,$c 32 | 33 | 34 | 35 | 36 | 38 | 39 | 40 | 41 | 55 42 | left 43 | 44 | 45 | 46 | 15 47 | left 48 | 49 | 50 | 51 | 30 52 | left 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | if ($host.name -match 'Console' -AND (-Not $_.Enabled)) { 62 | "$($ADReportingToolsOptions.alert)$($_.DistinguishedName)$([char]0x1b)[0m" 63 | } 64 | else { 65 | $_.DistinguishedName 66 | } 67 | 68 | 69 | 70 | Name 71 | 72 | 73 | Description 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /formats/addepartmentmember.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | default 6 | 7 | ADDeptMember 8 | 9 | 10 | Department 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 25 20 | left 21 | 22 | 23 | 24 | 30 25 | left 26 | 27 | 28 | 29 | 20 30 | left 31 | 32 | 33 | 34 | 8 35 | left 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | If ($host.name -match 'console' -AND (-Not $_.Enabled)) { 44 | "$($ADReportingToolsOptions.Alert)$($_.Name)$([char]0x1b)[0m" 45 | } 46 | else { 47 | $_.Name 48 | } 49 | 50 | 51 | 52 | Title 53 | 54 | 55 | City 56 | 57 | 58 | Phone 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | manager 68 | 69 | ADDeptMember 70 | 71 | 72 | 80 | "{0} [{1}]" -f $($_.Manager),$($_.Department) 81 | 82 | 83 | 84 | 86 | 87 | 88 | 89 | 20 90 | left 91 | 92 | 93 | 94 | 25 95 | left 96 | 97 | 98 | 99 | 20 100 | left 101 | 102 | 103 | 104 | 15 105 | left 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | If ($host.name -match 'console' -AND (-Not $_.Enabled)) { 114 | "$($ADReportingToolsOptions.Alert)$($_.Name)$([char]0x1b)[0m" 115 | } 116 | else { 117 | $_.Name 118 | } 119 | 120 | 121 | 122 | Description 123 | 124 | 125 | Title 126 | 127 | 128 | City 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | -------------------------------------------------------------------------------- /formats/adfsmorole.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADFSMORole 16 | 17 | 18 | "$($_.domain)`n Forest: $($_.Forest)" 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | PDCEmulator 28 | 29 | 30 | 31 | RIDMaster 32 | 33 | 34 | 35 | InfrastructureMaster 36 | 37 | 38 | 39 | SchemaMaster 40 | 41 | 42 | 43 | DomainNamingMaster 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | default 53 | 54 | ADFSMORole 55 | 56 | 57 | "$($_.domain) Forest: $($_.Forest)" 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 19 67 | left 68 | 69 | 70 | 71 | 19 72 | left 73 | 74 | 75 | 76 | 23 77 | left 78 | 79 | 80 | 81 | 19 82 | left 83 | 84 | 85 | 86 | 21 87 | left 88 | 89 | 90 | 91 | 92 | 93 | 94 | PDCEmulator 95 | 96 | 97 | RIDMaster 98 | 99 | 100 | InfrastructureMaster 101 | 102 | 103 | SchemaMaster 104 | 105 | 106 | DomainNamingMaster 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | -------------------------------------------------------------------------------- /formats/adgroup.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | group 14 | 15 | Microsoft.ActiveDirectory.Management.ADGroup 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 20 24 | left 25 | 26 | 27 | 28 | 16 29 | left 30 | 31 | 32 | 33 | 13 34 | left 35 | 36 | 37 | 38 | 38 39 | left 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | Name 48 | 49 | 50 | 51 | if ($host.name -match 'console' -AND $_.GroupCategory -eq 'Distribution') { 52 | "$($ADReportingToolsOptions.distributionlist)$($_.GroupCategory)$([char]0x1b)[0m" 53 | } 54 | else { 55 | $_.GroupCategory 56 | } 57 | 58 | 59 | 60 | 61 | if ($host.name -match 'console' -AND $_.GroupScope -eq 'Universal') { 62 | "$($ADReportingToolsOptions.Universal)$($_.GroupScope)$([char]0x1b)[0m" 63 | } 64 | elseif ($host.name -match 'console' -AND $_.GroupScope -eq 'DomainLocal') { 65 | "$($ADReportingToolsOptions.DomainLocal)$($_.GroupScope)$([char]0x1b)[0m" 66 | } 67 | else { 68 | $_.GroupScope 69 | } 70 | 71 | 72 | 73 | DistinguishedName 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /formats/adgroupuser.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADGroupUser 16 | 17 | 18 | 19 | if ($host.name -match 'console' -AND (-not $_.Enabled)) { 20 | 21 | $dn = "$($ADReportingToolsOptions.alert)$($_.DistinguishedName)$([char]0x1b)[0m" 22 | $name = "$($ADReportingToolsOptions.alert)$($_.DisplayName)$([char]0x1b)[0m" 23 | } 24 | else { 25 | $dn = $_.DistinguishedName 26 | $name = $_.displayname 27 | } 28 | "{0} [{1}]" -f $dn,$name 29 | 30 | 31 | 32 | 33 | 35 | 36 | 37 | 38 | 15 39 | left 40 | 41 | 42 | 43 | 26 44 | left 45 | 46 | 47 | 48 | 35 49 | left 50 | 51 | 52 | 53 | 23 54 | right 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | Name 63 | 64 | 65 | Title 66 | 67 | 68 | Description 69 | 70 | 71 | PasswordLastSet 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | default 81 | 82 | ADGroupUser 83 | 84 | 85 | Group 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | DistinguishedName 95 | 96 | 97 | 98 | Name 99 | 100 | 101 | 102 | Displayname 103 | 104 | 105 | 106 | Description 107 | 108 | 109 | 110 | Title 111 | 112 | 113 | 114 | Department 115 | 116 | 117 | 118 | Enabled 119 | 120 | 121 | 122 | PasswordLastSet 123 | 124 | 125 | 126 | 127 | 128 | 129 | 130 | -------------------------------------------------------------------------------- /formats/adntds.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | NTDSInfo 16 | 17 | 18 | 20 | 21 | 22 | 23 | 25 24 | left 25 | 26 | 27 | 28 | 19 29 | left 30 | 31 | 32 | 33 | 6 34 | Right 35 | 36 | 37 | 38 | 23 39 | left 40 | 41 | 42 | 43 | 11 44 | right 45 | 46 | 47 | 48 | 24 49 | left 50 | 51 | 52 | 53 | 54 | 55 | 56 | DomainController 57 | 58 | 59 | Path 60 | 61 | 62 | ($_.Size/1MB) -as [int] 63 | 64 | 65 | FileDate 66 | 67 | 68 | LogCount 69 | 70 | 71 | Date 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | -------------------------------------------------------------------------------- /formats/adreportingtool.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADReportingTool 16 | 17 | 18 | 19 | if ($host.name -match 'console|code') { 20 | "$($ADreportingToolsOptions.IsServer)$($_.Verb)$([char]0x1b)[0m" 21 | } 22 | else { 23 | $_.verb 24 | } 25 | 26 | 27 | 28 | 29 | 31 | 32 | 33 | 34 | 30 35 | left 36 | 37 | 38 | 39 | 20 40 | left 41 | 42 | 43 | 44 | 50 45 | left 46 | 47 | 48 | 49 | 50 | 51 | 52 | Name 53 | 54 | 55 | Alias 56 | 57 | 58 | Synopsis 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | -------------------------------------------------------------------------------- /formats/adsitesummary.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADSiteSummary 16 | 17 | 18 | "$($_.site)`r`n Description: $($_.SiteDescription)" 19 | 20 | 21 | 22 | 24 | 25 | 26 | 27 | 18 28 | left 29 | 30 | 31 | 32 | 30 33 | left 34 | 35 | 36 | 37 | 20 38 | left 39 | 40 | 41 | 42 | 43 | 44 | 45 | Subnet 46 | 47 | 48 | SubnetDescription 49 | 50 | 51 | SubnetLocation 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | default 61 | 62 | ADSiteDetail 63 | 64 | 65 | Name 66 | 67 | 68 | 69 | 71 | 72 | 73 | 74 | 25 75 | left 76 | 77 | 78 | 79 | 25 80 | left 81 | 82 | 83 | 84 | 22 85 | left 86 | 87 | 88 | 89 | 22 90 | left 91 | 92 | 93 | 94 | 95 | 96 | 97 | Description 98 | 99 | 100 | Subnets 101 | 102 | 103 | Created 104 | 105 | 106 | Modified 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | -------------------------------------------------------------------------------- /formats/adsummary.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | default 14 | 15 | ADSummary 16 | 17 | 18 | "{0} [{1}]" -f $_.Forest,$_.ForestMode 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | RootDomain 28 | 29 | 30 | 31 | Domains 32 | 33 | 34 | 35 | Domain 36 | 37 | 38 | 39 | DomainMode 40 | 41 | 42 | 43 | DomainControllers 44 | 45 | 46 | 47 | GlobalCatalogs 48 | 49 | 50 | 51 | SiteCount 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | -------------------------------------------------------------------------------- /formats/aduser.format.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | 12 | 13 | names 14 | 15 | Microsoft.ActiveDirectory.Management.ADUser 16 | 17 | 18 | DistinguishedName 19 | 20 | 21 | 22 | 24 | 25 | 26 | 27 | 16 28 | left 29 | 30 | 31 | 32 | 15 33 | left 34 | 35 | 36 | 37 | 12 38 | left 39 | 40 | 41 | 42 | 11 43 | left 44 | 45 | 46 | 47 | 25 48 | left 49 | 50 | 51 | 52 | 53 | 54 | 55 | SamAccountName 56 | 57 | 58 | Name 59 | 60 | 61 | FirstName 62 | 63 | 64 | LastName 65 | 66 | 67 | UPN 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | -------------------------------------------------------------------------------- /functions/Get-ADDepartmentMember.ps1: -------------------------------------------------------------------------------- 1 | 2 | Function Get-ADDepartment { 3 | 4 | [cmdletbinding()] 5 | [outputtype("ADDeptMember")] 6 | [alias("gdp")] 7 | 8 | Param( 9 | [Parameter(Position = 0, Mandatory, HelpMessage = "Specify one or more department names.")] 10 | [string[]]$Department, 11 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 12 | [alias("DC")] 13 | [string]$Server, 14 | [Parameter(HelpMessage = "Specify alternate credentials for authentication.")] 15 | [Alias("runas")] 16 | [pscredential]$Credential 17 | ) 18 | 19 | Write-Verbose "[$(Get-Date -Format G)] Starting $($myinvocation.mycommand)" 20 | 21 | #remove Department from bound parameters 22 | [void]$PSBoundParameters.remove("Department") 23 | 24 | #add additional parameters 25 | $Properties = "Title", "City", "State", "OfficePhone", "DisplayName", "Department", "Manager", "Country", "Enabled", "Description" 26 | $PSBoundParameters.Add("Properties", $Properties) 27 | 28 | if ($Server) { 29 | Write-Verbose "[$(Get-Date -Format G)] Connecting to domain controller $($server.toupper())" 30 | } 31 | If ($credential.username) { 32 | Write-Verbose "[$(Get-Date -Format G)] Connecting as $($credential.username)" 33 | } 34 | 35 | #create a list to hold results 36 | $list = [System.Collections.Generic.list[object]]::New() 37 | 38 | foreach ($dept in $department) { 39 | Write-Verbose "[$(Get-Date -Format G)] Getting users from the $dept department" 40 | $PSBoundParameters["filter"] = "Department -eq '$dept'" 41 | $users = Get-ADUser @PSBoundParameters 42 | if ($users.count -gt 0) { 43 | Write-Verbose "[$(Get-Date -Format G)] Retrieved $($users.count) members" 44 | foreach ($user in $users) { 45 | $obj = [pscustomobject]@{ 46 | PSTypename = "ADDeptMember" 47 | Department = $user.Department 48 | Name = $user.Displayname 49 | Title = $user.Title 50 | SamAccount = $user.Samaccountname 51 | Firstname = $user.GivenName 52 | Lastname = $user.Surname 53 | City = $user.City 54 | Phone = $user.OfficePhone 55 | OUPath = ($user.distinguishedname -split ",", 2)[1] 56 | Enabled = $user.Enabled 57 | Manager = $user.manager 58 | Description = $user.Description 59 | DistinguishedName = $user.DistinguishedName 60 | } 61 | $list.Add($obj) 62 | } #foreach user 63 | #clear $users so it isn't accidentally re-used 64 | Clear-Variable -Name users 65 | } 66 | } #foreach department 67 | 68 | #sort objects for output 69 | $list | Sort-Object -Property Manager, Name, City 70 | 71 | Write-Verbose "[$(Get-Date -Format G)] Ending $($myinvocation.mycommand)" 72 | } 73 | 74 | -------------------------------------------------------------------------------- /functions/Open-ADReportingHelp.ps1: -------------------------------------------------------------------------------- 1 | Function Open-ADReportingToolsHelp { 2 | [cmdletbinding()] 3 | [outputtype("None")] 4 | Param() 5 | Write-Verbose "Starting $($myinvocation.mycommand)" 6 | $modBase = (Get-Module ADReportingTools).ModuleBase 7 | $pdf = Join-Path -path $modBase -ChildPath ADReportingToolsManual.pdf 8 | Write-Verbose "Testing the path $pdf" 9 | if (Test-Path -Path $pdf) { 10 | Try { 11 | write-Verbose "Invoking the PDF" 12 | Invoke-Item -Path $pdf -ErrorAction Stop 13 | } 14 | Catch { 15 | Write-Warning "Failed to automatically open the PDF. You will need to manually open $pdf." 16 | } 17 | } 18 | else { 19 | Write-Warning "Can't find $pdf." 20 | } 21 | Write-Verbose "Ending $($myinvocation.MyCommand)" 22 | } -------------------------------------------------------------------------------- /functions/Split-DN.ps1: -------------------------------------------------------------------------------- 1 | 2 | 3 | Function Split-DistinguishedName { 4 | [cmdletbinding()] 5 | [Alias("Parse-DN")] 6 | [outputtype("ADDistinguishedNameInfo")] 7 | Param( 8 | [Parameter(Position = 0, Mandatory, ValueFromPipeline, ValueFromPipelineByPropertyName, HelpMessage = "Enter an Active Directory DistinguisdedName.")] 9 | [alias("dn")] 10 | [string]$DistinguishedName 11 | ) 12 | Begin { 13 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 14 | 15 | } #begin 16 | 17 | Process { 18 | $data = _formatdn $DistinguishedName 19 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Splitting $data " 20 | $split = $DistinguishedName -split "," 21 | $dc = $split | Where-Object { $_ -match "^DC" } 22 | $domainDN = $dc -join ',' 23 | [pscustomobject]@{ 24 | PSTypename = "ADDistinguishedNameInfo" 25 | Name = ($split[0]).split("=")[-1] 26 | Branch = ($split[1]).split("=")[-1] 27 | BranchDN = ($split | Select-Object -Skip 1) -join ',' 28 | Domain = ($dc[0]).split("=")[-1] 29 | DomainDN = $domainDN 30 | DomainDNS = $domaindn.replace("DC=", "").replace(",", ".") 31 | } 32 | } #process 33 | 34 | End { 35 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 36 | 37 | } #end 38 | 39 | } #close function 40 | 41 | <# 42 | 43 | DistinguishedName = CN=SupportTech,OU=Help Desk,OU=IT,DC=Company,DC=Pri 44 | Name = SupportTech 45 | Branch = Help Desk 46 | BranchDN = OU=Help Desk,OU=IT,DC=Company,DC=Pri 47 | Domain = Company 48 | DomainDN = DC=Company,DC=Pri 49 | $$DomainDNS = Company.pri 50 | 51 | #> -------------------------------------------------------------------------------- /functions/adreportingtoolsoptions.ps1: -------------------------------------------------------------------------------- 1 | #commands to manage ADReportingTools options 2 | 3 | # color options are stored in $ADReportingToolsOptions which is defined in the root module 4 | 5 | function Get-ADReportingToolsOptions { 6 | [cmdletbinding()] 7 | [OutputType("ADReportingToolsOption")] 8 | param () 9 | 10 | if (Get-Variable -Name ADReportingToolsOptions) { 11 | # April 2, 2021 filter out Note and Reset JDH 12 | $ADReportingToolsOptions.GetEnumerator() | Where-Object { $_.Key -notmatch "Note|Reset"} | 13 | ForEach-Object { 14 | [pscustomobject]@{ 15 | PSTypename = "ADReportingToolsOption" 16 | Name = $_.key 17 | Value = "{0}{1}$([char]0x1b)[0m" -f $_.value, ($_.value -replace $([char]0x1b), "`$([char]0x1b)") 18 | } 19 | } #foreach 20 | } #if variable found 21 | else { 22 | Write-Warning "Cant' find the `$ADReportingToolsOptions variable." 23 | } 24 | } 25 | 26 | function Set-ADReportingToolsOptions { 27 | [cmdletbinding()] 28 | [OutputType("None")] 29 | param ( 30 | [Parameter(Position = 0, Mandatory, HelpMessage = "Specify an option.")] 31 | [ValidateNotNullOrEmpty()] 32 | [ArgumentCompleter( { (Get-ADReportingToolsOptions).Name })] 33 | [string]$Name, 34 | [Parameter(Mandatory, HelpMessage = "Specify the opening ANSI sequence.")] 35 | [ValidateNotNullOrEmpty()] 36 | [string]$ANSI 37 | ) 38 | 39 | Write-Verbose "Updating $Name" 40 | 41 | $ADReportingToolsOptions[$Name] = $ANSI 42 | } 43 | 44 | -------------------------------------------------------------------------------- /functions/get-adbackupstatus.ps1: -------------------------------------------------------------------------------- 1 | <# 2 | [/u:{domain\user}] [/pw:{password|*}] 3 | $b =repadmin /showbackup dom2 | where {$_} | Select -skip 2 4 | $b[1].trim() -split "\s+" 5 | LocalUSN 8509 6 | OriginatingDSA 5b0e0bf7-dd47-4ef8-b6ed-49158f613bca 7 | OriginatingUSN 13777 8 | Date 2021-01-25 9 | Time 14:27:01 10 | Version 1 11 | Attribute dSASignature 12 | #> 13 | 14 | Function Get-ADBackupStatus { 15 | 16 | [cmdletbinding()] 17 | Param( 18 | [Parameter(Position = 0, Mandatory, HelpMessage = "Specify the name of a domain controller")] 19 | [string[]]$DomainController, 20 | [Parameter(HelpMessage = "Specify an alternate credential")] 21 | [pscredential]$Credential 22 | ) 23 | 24 | Write-Verbose "Starting $($MyInvocation.MyCommand)" 25 | 26 | $splat = @{ 27 | ErrorAction = "Stop" 28 | ScriptBlock = { repadmin /showbackup | Where-Object { $_ } | Select-Object -Skip 3 } 29 | Computername = "" 30 | } 31 | 32 | if ($credential.username) { 33 | Write-Verbose "Using alternate credential for $($credential.UserName)" 34 | $splat.Add("Credential",$Credential) 35 | } 36 | foreach ($dc in $DomainController) { 37 | Write-Verbose "Querying $($dc.ToUpper())" 38 | 39 | Try { 40 | $splat["Computername"] = $dc 41 | $data = Invoke-Command @splat 42 | 43 | If ($data) { 44 | $fqdn = _toTitleCase (_getDNSName $dc) 45 | Write-Verbose "Parsing readmin.exe results" 46 | for ($i = 0; $i -lt $data.count; $i += 2) { 47 | Write-Verbose "Partition: $($data[$i])" 48 | Write-Verbose "Splitting: $(($data[$i + 1]).trim())" 49 | $details = $data[$i + 1].trim() -split "\s+" 50 | $info = [PSCustomObject]@{ 51 | PSTypeName = "ADBackupStatus" 52 | Partition = $data[$i] 53 | LocalUSN = $details[0] 54 | OriginatingDSA = $details[1] 55 | OriginatingUSN = $details[2] 56 | Date = "$($details[3]) $($details[4])" -as [datetime] 57 | Version = $details[5] 58 | Signature = $details[6] 59 | DomainController = $fqdn 60 | } 61 | $Info 62 | } #for 63 | } 64 | } 65 | Catch { 66 | $_ 67 | } 68 | } #foreach DC 69 | 70 | Write-Verbose "Ending $($MyInvocation.MyCommand)" 71 | } 72 | 73 | Update-TypeData -TypeName ADBackupStatus -MemberType ScriptProperty -MemberName Age -Value {New-TimeSpan -start $this.date -end (Get-Date)} -force -------------------------------------------------------------------------------- /functions/get-adcanonicaluser.ps1: -------------------------------------------------------------------------------- 1 | 2 | 3 | Function Get-ADCanonicalUser { 4 | [cmdletbinding()] 5 | [OutputType("Microsoft.ActiveDirectory.Management.ADUser")] 6 | [Alias("Get-ADCNUser")] 7 | Param( 8 | [Parameter(Position = 0, Mandatory, ValueFromPipeline, HelpMessage = "Enter the username in the form domain\username.")] 9 | [ValidatePattern('^\S+\\\S+$')] 10 | [string]$Name, 11 | [Parameter(HelpMessage = "Enter one or more user properties or * to select everything.")] 12 | [string[]]$Properties, 13 | [Parameter(HelpMessage = "Search deleted objects if the user account can't be found.")] 14 | [switch]$IncludeDeletedObjects, 15 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 16 | [alias("dc", "domaincontroller")] 17 | [string]$Server, 18 | [Parameter(HelpMessage = "Specify an alternate credential.")] 19 | [alias("RunAs")] 20 | [PSCredential]$Credential 21 | ) 22 | Begin { 23 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 24 | #set some default parameter values 25 | $params = "Credential", "Server" 26 | 27 | ForEach ($param in $params) { 28 | if ($PSBoundParameters.ContainsKey($param)) { 29 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Adding 'Get-AD*:$param' to script PSDefaultParameterValues" 30 | $script:PSDefaultParameterValues["Get-AD*:$param"] = $PSBoundParameters.Item($param) 31 | } 32 | } #foreach 33 | 34 | $get = @{ 35 | ErrorAction = "Stop" 36 | Identity = "" 37 | } 38 | if ($Properties) { 39 | $get.Add("Properties", $properties) 40 | } 41 | } #begin 42 | 43 | Process { 44 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting the AD user account for $Name" 45 | $sam = $Name.split("\")[1] 46 | $get["Identity"] = $sam 47 | 48 | Try { 49 | Get-ADUser @get 50 | } 51 | Catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] { 52 | if ($IncludeDeletedObjects) { 53 | #check for a deleted user account 54 | Try { 55 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Searching for deleted objects" 56 | $get.remove("Identity") 57 | $get["filter"] = "samaccountname -eq '$sam'" 58 | $user = Get-ADObject @get -IncludeDeletedObjects 59 | $get.remove("filter") 60 | If ($user) { 61 | $user 62 | } 63 | else { 64 | Write-Warning "Failed to find a user account called $Name." 65 | } 66 | } 67 | Catch { 68 | Write-Warning $_.exception.message 69 | } 70 | } 71 | else { 72 | Write-Warning "Failed to find a user account called $Name." 73 | } 74 | } 75 | Catch { 76 | #all other errors from Get-ADUser 77 | Write-Warning $_.exception.message 78 | } 79 | 80 | } #process 81 | 82 | End { 83 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 84 | } #end 85 | 86 | } #close Get-ADCanonicalUser -------------------------------------------------------------------------------- /functions/get-adcomputerreport.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADComputerReport { 2 | [cmdletbinding()] 3 | [OutputType("ADComputerInfo")] 4 | Param ( 5 | [parameter(Position = 0, HelpMessage = "Enter an AD computer identity. Wildcard are allowed.", ValueFromPipeline)] 6 | [validatenotnullorEmpty()] 7 | [string]$Name = "*", 8 | 9 | [Parameter(HelpMessage = "Filter by the operating system")] 10 | [ValidateSet("Any", "Server", "Desktop")] 11 | [string]$Category = "Any", 12 | 13 | [Parameter(HelpMessage = "Filter by location")] 14 | [ArgumentCompleter( { (Get-ADSiteSummary).subnetLocation })] 15 | [ValidateNotNullOrEmpty()] 16 | [string]$Location, 17 | 18 | [Parameter(HelpMessage = "Enter the distinguished name of the top-level container or organizational unit.")] 19 | [string]$SearchBase, 20 | 21 | [Parameter(HelpMessage = "Specify a domain controller to query for a list of domain controllers.")] 22 | [alias("dc", "domaincontroller")] 23 | [string]$Server, 24 | 25 | [Parameter(HelpMessage = "Specify an alternate credential. This will be used to query the domain and all domain controllers.")] 26 | [alias("RunAs")] 27 | [PSCredential]$Credential 28 | ) 29 | Begin { 30 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 31 | 32 | $properties = "DNSHostname", "OperatingSystem", "LastLogonDate", "Created", 33 | "Modified", "Location", "Description", "IPv4Address", "Enabled", "ManagedBy" 34 | [void]$PSBoundParameters.Add("Properties", $Properties) 35 | [void]$PSBoundParameters.Remove("Category") 36 | [void]$PSBoundParameters.Remove("location") 37 | 38 | $results = [System.Collections.Generic.list[object]]::new() 39 | } #begin 40 | Process { 41 | 42 | [void]$PSBoundParameters.Remove("Name") 43 | 44 | $filter = "name -like '$Name'" 45 | if ($Category -eq "server") { 46 | $filter += " -AND OperatingSystem -like '*Server*'" 47 | } 48 | elseif ($category -eq 'Desktop') { 49 | $filter += " -AND OperatingSystem -notlike '*Server*'" 50 | } 51 | 52 | if ($Location) { 53 | $filter += " -AND Location -eq '$location'" 54 | } 55 | 56 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Searching with filter $filter" 57 | $PSBoundParameters.Add("filter", $filter) 58 | 59 | $computers = Get-ADComputer @PSBoundParameters 60 | if ($computers) { 61 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Found $(($computers | Measure-Object).count) computer(s)" 62 | foreach ($computer in $computers) { 63 | #create a custom object 64 | $r = [PSCustomObject]@{ 65 | PSTypeName = "ADComputerInfo" 66 | Name = $Computer.name 67 | DNSHostname = $computer.DNSHostname 68 | Description = $computer.Description 69 | OperatingSystem = $computer.OperatingSystem 70 | IsServer = $computer.OperatingSystem -match "Server" 71 | Location = $computer.Location 72 | LastLogonDate = $computer.LastLogonDate 73 | IPAddress = $computer.IPv4Address 74 | Created = $computer.Created 75 | Modified = $computer.Modified 76 | Enabled = $computer.Enabled 77 | ManagedBy = $computer.ManagedBy 78 | DistinguishedName = $computer.DistinguishedName 79 | } 80 | 81 | $results.add($r) 82 | } #foreach computer 83 | 84 | #sort results and write to the pipeline 85 | $results | Sort-Object -Property DistinguishedName 86 | 87 | } #if computers 88 | 89 | } #process 90 | End { 91 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 92 | } #end 93 | } -------------------------------------------------------------------------------- /functions/get-addchealth.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADDomainControllerHealth { 2 | [cmdletbinding()] 3 | [OutputType("ADDomainControllerHealth")] 4 | Param( 5 | [Parameter(HelpMessage = "Specify a domain controller to query for a list of domain controllers.")] 6 | [alias("dc", "domaincontroller")] 7 | [string]$Server, 8 | [Parameter(HelpMessage = "Specify an alternate credential. This will be used to query the domain and all domain controllers.")] 9 | [alias("RunAs")] 10 | [PSCredential]$Credential 11 | ) 12 | Begin { 13 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 14 | 15 | #set some default parameter values 16 | if ($PSBoundParameters.ContainsKey("Server")) { 17 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Adding 'Get-AD*:Server' to script PSDefaultParameterValues" 18 | $script:PSDefaultParameterValues["Get-AD*:Server"] = $PSBoundParameters.Item("server") 19 | } 20 | 21 | #use the credential with any command that supports alternate credentials 22 | if ($PSBoundParameters.ContainsKey("Credential")) { 23 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Adding '*:Credential' to script PSDefaultParameterValues" 24 | $script:PSDefaultParameterValues["*:Credential"] = $PSBoundParameters.Item("Credential") 25 | } 26 | 27 | } #begin 28 | 29 | Process { 30 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting a list of all domain controllers" 31 | $dcs = Get-ADDomainController -Filter * 32 | Foreach ($dc in $dcs) { 33 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting health detail for $($dc.hostname)" 34 | 35 | #create a temporary cimSession 36 | Try { 37 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Creating a temporary CIMSession" 38 | $tmpCS = New-CimSession -ComputerName $dc.name -ErrorAction Stop 39 | $cimParam = @{ 40 | CimSession = $tmpCS 41 | Classname = "" 42 | Property = "" 43 | } 44 | } 45 | Catch { 46 | Write-Warning "Failed to create a temporary CIMSession to $($dc.name). $($_.Exception.message)" 47 | Remove-Variable -Name tmpCS -ErrorAction SilentlyContinue 48 | } 49 | 50 | if ($tmpCS) { 51 | #get additional information via CIM 52 | $cimParam["Classname"] = "win32_logicaldisk" 53 | $cimParam["filter"] = "deviceid='c:'" 54 | $cimParam["Property"] = "Freespace", "Size" 55 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting free space on C:" 56 | $c = Get-CimInstance @cimParam 57 | 58 | $cimParam["Classname"] = "win32_NTEventLogFile" 59 | $cimParam["filter"] = "logfilename='security'" 60 | $cimParam["Property"] = "FileSize", "MaxFileSize" 61 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting security log percent used" 62 | $seclog = Get-CimInstance @cimParam 63 | 64 | $cimParam["Classname"] = "win32_service" 65 | $cimParam["filter"] = "name='ntds' or name='kdc' or name='adws' or name='dfsr' or name='dfs' or name='netlogon' or name = 'samss' or name='w32time'" 66 | $cimParam["Property"] = "Displayname", "Name", "State", "ProcessID", "StartMode", "Started" 67 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting critical service satus" 68 | $services = Get-CimInstance @cimParam | ForEach-Object { 69 | #create a custom typed object for each service 70 | $h = [ordered]@{ 71 | PSTypename = "ADDomainControllerService" 72 | Computername = $dc.hostname 73 | } 74 | foreach ($p in $cimParam.property) { 75 | $h.Add($p, $_.$p) 76 | } 77 | New-Object -TypeName psobject -Property $h 78 | } 79 | 80 | $cimParam["Classname"] = "win32_operatingsystem" 81 | $cimParam.remove("filter") 82 | $cimParam["Property"] = "LastBootUpTime", "TotalVisibleMemorySize", "FreePhysicalMemory" 83 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting uptime and memory utilization" 84 | $os = Get-CimInstance @cimParam 85 | 86 | #remove the temporary cimsession 87 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Removing the temporary CIMSession" 88 | $tmpCS | Remove-CimSession 89 | } 90 | #create a custom object 91 | [pscustomobject]@{ 92 | PSTypename = "ADDomainControllerHealth" 93 | Hostname = $dc.hostname 94 | IPAddress = $dc.IPv4Address 95 | OperatingSystem = $dc.OperatingSystem 96 | Uptime = (New-TimeSpan -Start $os.LastBootUpTime -End (Get-Date)) 97 | PctFreespace = [math]::Round(($c.Freespace / $c.Size) * 100, 2) 98 | PctFreeMemory = [math]::Round(($os.FreePhysicalMemory / $os.TotalVisibleMemorySize) * 100, 2) 99 | PctSecurityLog = [math]::Round( ($seclog.filesize / $seclog.MaxFileSize) * 100, 2 ) 100 | Services = $Services 101 | Roles = $dc.OperationMasterRoles 102 | IsGlobalCatalog = $dc.IsGlobalCatalog 103 | IsReadOnly = $dc.IsReadOnly 104 | DistinguishedName = $dc.ComputerObjectDN 105 | } 106 | } #foreach DC 107 | 108 | } #process 109 | 110 | End { 111 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 112 | 113 | } #end 114 | 115 | } #close Get-ADDomainControllerHealth 116 | 117 | -------------------------------------------------------------------------------- /functions/get-adfsmo.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADFSMO { 2 | [cmdletbinding()] 3 | [alias('fsmo')] 4 | [outputtype("ADFSMORole")] 5 | Param( 6 | [Parameter(Position = 0, HelpMessage = "Specify the domain name. The default is the user domain.")] 7 | [ValidateNotNullOrEmpty()] 8 | [alias("name")] 9 | [string]$Identity = $env:USERDOMAIN, 10 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 11 | [alias("dc", "domaincontroller")] 12 | [string]$Server, 13 | [Parameter(HelpMessage = "Specify an alternate credential.")] 14 | [alias("RunAs")] 15 | [PSCredential]$Credential 16 | ) 17 | 18 | Begin { 19 | Write-Verbose "[BEGIN ] Starting: $($MyInvocation.Mycommand)" 20 | } #begin 21 | 22 | Process { 23 | Write-Verbose "[PROCESS] Getting domain information for $Identity" 24 | 25 | Try { 26 | $domain = Get-ADDomain @PSBoundParameters -ErrorAction Stop 27 | } 28 | Catch { 29 | throw $_ 30 | } 31 | 32 | if ($domain.name) { 33 | Write-Verbose "[PROCESS] Getting forest information for $($domain.forest)" 34 | $PSBoundParameters["Identity"] = $domain.forest 35 | Try { 36 | $forest = Get-ADForest @psboundparameters -ErrorAction Stop 37 | } 38 | Catch { 39 | throw $_ 40 | } 41 | } 42 | 43 | [pscustomobject]@{ 44 | PSTypeName = "ADFSMORole" 45 | Domain = $domain.DNSRoot 46 | Forest = $forest.Name 47 | PDCEmulator = $domain.PDCEmulator 48 | RIDMaster = $domain.RIDMaster 49 | InfrastructureMaster = $domain.InfrastructureMaster 50 | SchemaMaster = $forest.SchemaMaster 51 | DomainNamingMaster = $forest.DomainNamingMaster 52 | } 53 | 54 | } #process 55 | 56 | End { 57 | Write-Verbose "[END ] Ending: $($MyInvocation.Mycommand)" 58 | } #end 59 | 60 | } #close Get-ADFSMO 61 | -------------------------------------------------------------------------------- /functions/get-adgroupreport.ps1: -------------------------------------------------------------------------------- 1 | 2 | <# 3 | Get group membership report 4 | #> 5 | Function Get-ADGroupReport { 6 | [cmdletbinding()] 7 | [OutputType("ADGroupReport")] 8 | Param( 9 | [parameter(Position = 0, HelpMessage = "Enter an AD Group name. Wildcards are allowed.")] 10 | [validatenotnullorEmpty()] 11 | [string]$Name = "*", 12 | [Parameter(HelpMessage = "Enter the distinguished name of the top level container or organizational unit.")] 13 | [ValidateScript( { 14 | $testDN = $_ 15 | Try { 16 | [void](Get-ADObject -Identity $_ -ErrorAction Stop) 17 | $True 18 | } 19 | Catch { 20 | Write-Warning "Failed to verify $TestDN as a valid searchbase." 21 | Throw $_.Exception.message 22 | $False 23 | } 24 | })] 25 | [string]$SearchBase, 26 | [Parameter(HelpMessage = "Filter on the group category")] 27 | [ValidateSet("All", "Distribution", "Security")] 28 | [string]$Category = "All", 29 | [Parameter(HelpMessage = "Filter on group scope")] 30 | [ValidateSet("Any", "DomainLocal", "Global", "Universal")] 31 | [string]$Scope = "Any", 32 | [Parameter(HelpMessage="Exclude BuiltIn and Users")] 33 | [switch]$ExcludeBuiltIn, 34 | [Parameter(HelpMessage = "Specify a domain controller to query for a list of domain controllers.")] 35 | [alias("dc", "domaincontroller")] 36 | [string]$Server, 37 | [Parameter(HelpMessage = "Specify an alternate credential. This will be used to query the domain and all domain controllers.")] 38 | [alias("RunAs")] 39 | [PSCredential]$Credential 40 | ) 41 | Begin { 42 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 43 | #set some default parameter values 44 | $params = "Credential", "Server" 45 | 46 | ForEach ($param in $params) { 47 | if ($PSBoundParameters.ContainsKey($param)) { 48 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Adding 'Get-AD*:$param' to script PSDefaultParameterValues" 49 | $script:PSDefaultParameterValues["Get-AD*:$param"] = $PSBoundParameters.Item($param) 50 | } 51 | } #foreach 52 | 53 | if ($ExcludeBuiltIn) { 54 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Excluding CN=Users and CN=BuiltIn" 55 | $Exclude = {$_.DistinguishedName -notMatch "CN\=(Users)|(BuiltIn)"} 56 | } 57 | else { 58 | #Exclude these items using late filtering to keep the AD filter from getting out of control 59 | $Exclude ={ @("Domain Users","Domain Computers", "Domain Guests") -notcontains $_.name} 60 | } 61 | 62 | $filter = "Name -like '$name'" 63 | if ($Category -ne "All") { 64 | $filter += " -AND GroupCategory -eq '$Category'" 65 | } 66 | if ($scope -ne "Any") { 67 | $filter += " -AND GroupScope -eq '$Scope'" 68 | } 69 | $get = @{ 70 | Filter = $filter 71 | Properties = @("Description", "Created", "Modified","ManagedBy") 72 | ErrorAction = "Stop" 73 | } 74 | 75 | if ($SearchBase) { 76 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Searching for group(s) under $SearchBase" 77 | $get.Add("Searchbase", $SearchBase) 78 | } 79 | 80 | } #begin 81 | 82 | Process { 83 | if ($PSCmdlet.ParameterSetName -eq 'id') { 84 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting group $Identity" 85 | } 86 | else { 87 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Searching for groups with filter $filter" 88 | } 89 | 90 | Try { 91 | $group = Get-ADGroup @get | Where-Object $Exclude 92 | if ($group) { 93 | foreach ($item in $Group ) { 94 | 95 | #get group members recursively 96 | $Members =Get-ADGroupUser -name $item.distinguishedName 97 | 98 | [PSCustomObject]@{ 99 | PSTypeName = "ADGroupReport" 100 | DistinguishedName = $item.DistinguishedName 101 | Name = $item.Name 102 | Category = $item.GroupCategory 103 | Scope = $item.GroupScope 104 | Description = $item.Description 105 | Branch = (Split-DistinguishedName -dn $item.DistinguishedName).branchdn 106 | Created = $item.Created 107 | Modified = $item.Modified 108 | Members = $members 109 | ManagedBy = $item.ManagedBy 110 | } 111 | } #foreach item 112 | } #if $group 113 | else { 114 | Write-Warning "No matching groups found." 115 | } 116 | } #try 117 | Catch { 118 | Write-Warning $_.Exception.Message 119 | } 120 | } #process 121 | 122 | End { 123 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 124 | 125 | } #end 126 | 127 | } #close Get-ADGroupReport 128 | 129 | <# 130 | These have been exported to a types file 131 | Update-TypeData -TypeName "ADGroupReport" -MemberType AliasProperty -MemberName DN -Value DistinguishedName -force 132 | Update-TypeData -TypeName "ADGroupReport" -MemberType ScriptProperty -MemberName MemberCount -Value {($this.members | Measure-Object).Count} -force 133 | Update-TypeData -TypeName "ADGroupReport" -MemberType ScriptProperty -MemberName Age -value ({New-Timespan -Start $this.Modified -end (Get-Date)}) 134 | #> 135 | 136 | -------------------------------------------------------------------------------- /functions/get-adgroupuser.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADGroupUser { 2 | [cmdletbinding()] 3 | [OutputType("ADGroupUser")] 4 | Param( 5 | [Parameter(Position = 0, Mandatory, HelpMessage = "Enter the name of an Active Directory group.", ValueFromPipelineByPropertyName, ValueFromPipeline)] 6 | [string]$Name, 7 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 8 | [alias("dc", "domaincontroller")] 9 | [string]$Server, 10 | [Parameter(HelpMessage = "Specify an alternate credential.")] 11 | [alias("RunAs")] 12 | [PSCredential]$Credential 13 | ) 14 | 15 | Begin { 16 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 17 | #set some default parameter values 18 | $params = "Credential", "Server" 19 | 20 | ForEach ($param in $params) { 21 | if ($PSBoundParameters.ContainsKey($param)) { 22 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Adding 'Get-AD*:$param' to script PSDefaultParameterValues" 23 | $script:PSDefaultParameterValues["Get-AD*:$param"] = $PSBoundParameters.Item($param) 24 | } 25 | } #foreach 26 | } #begin 27 | 28 | Process { 29 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting members of $Name" 30 | $group = Get-ADGroup -Identity "$($Name)" 31 | if ($group) { 32 | $members = $group | Get-ADGroupMember -Recursive 33 | 34 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Found $($members.name.count) members in total." 35 | #get details about each group member 36 | $getParams = @{ 37 | properties = 'PasswordLastSet', 'Description', 'Title', 'Displayname', 'Department' 38 | Identity = "" 39 | } 40 | foreach ($member in $members) { 41 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] member is a $($member.objectclass)" 42 | $getParams.Identity = $member.distinguishedname 43 | 44 | <# 45 | Not using Get-ADObject because it can't return the passwordLastSet property 46 | #> 47 | if ($member.objectclass -eq "user") { 48 | $grpMember = Get-ADUser @getparams 49 | } 50 | elseif ($member.objectclass -eq "computer") { 51 | $grpMember = Get-ADComputer @getparams 52 | } 53 | 54 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] $($grpMember.distinguishedname)" 55 | [pscustomobject]@{ 56 | PSTypeName = "ADGroupUser" 57 | DistinguishedName = $grpMember.DistinguishedName 58 | Displayname = $grpMember.Displayname 59 | Name = $grpMember.name 60 | Title = $grpMember.title 61 | Department = $grpMember.Department 62 | Description = $grpMember.Description 63 | Enabled = $grpMember.Enabled 64 | PasswordLastSet = $grpMember.PasswordLastSet 65 | Group = $group.DistinguishedName 66 | } 67 | } #foreach 68 | } #if group was found 69 | else { 70 | Write-Warning "Failed to find an Active Directory group called $Name" 71 | } 72 | } #process 73 | 74 | End { 75 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 76 | } #end 77 | 78 | } #close Get-ADGroupUser -------------------------------------------------------------------------------- /functions/get-adlog.ps1: -------------------------------------------------------------------------------- 1 | 2 | #an earlier version of this function can be found at https://gist.github.com/jdhitsolutions/a4e6291741ec95e3bfe53f15a380da47 3 | 4 | <# 5 | you might need to increase the size of the Security eventlog 6 | limit-eventlog -LogName security -ComputerName dom2,dom1 -MaximumSize 1024MB 7 | #> 8 | 9 | Function Get-ADUserAudit { 10 | [cmdletbinding()] 11 | Param( 12 | [Parameter(Position = 0, HelpMessage = "Specify one or more domain controllers to query.")] 13 | [ValidateNotNullOrEmpty()] 14 | [string[]]$DomainController = (Get-ADDomain).ReplicaDirectoryServers, 15 | [Parameter(HelpMessage = "Find all matching user management events since what date and time?")] 16 | [Datetime]$Since = (Get-Date).Addhours(-24), 17 | [Parameter(HelpMessage = "Select one or more user account events")] 18 | [ValidateNotNullOrEmpty()] 19 | [ValidateSet("Created", "Deleted", "Enabled", "Disabled", "Changed")] 20 | [string[]]$Events = "Created", 21 | [Parameter(HelpMessage = "Specify an alterate credential")] 22 | [PSCredential]$Credential 23 | ) 24 | 25 | Function _getNames { 26 | # a private helper function to parse out names from the eventlog message 27 | [cmdletbinding()] 28 | Param( 29 | [Parameter(Mandatory, ValueFromPipeline)] 30 | [System.Diagnostics.Eventing.Reader.EventLogRecord]$Data 31 | ) 32 | 33 | Process { 34 | #convert the record to XML which makes it easier to parse 35 | [xml]$r = $data.toxml() 36 | 37 | #Target is the user account 38 | #Subject is the admin who performed the operation 39 | $target = "{0}\{1}" -f ($r.Event.EventData.Data.Where( { $_.name -eq 'TargetDomainName' }).'#text'), ($r.Event.EventData.Data.Where( { $_.name -eq 'TargetUserName' }).'#text') 40 | $admin = "{0}\{1}" -f ($r.Event.EventData.Data.Where( { $_.name -eq 'SubjectDomainName' }).'#text'), ($r.Event.EventData.Data.Where( { $_.name -eq 'SubjectUserName' }).'#text') 41 | [pscustomobject]@{ 42 | Target = $target 43 | Administrator = $admin 44 | TimeCreated = $data.timeCreated 45 | } 46 | } #process 47 | } # close _getNames 48 | 49 | # a hashtable of user management event IDs for the Security event log 50 | $ADEvent = @{ 51 | UserChanged = 4738 52 | UserCreated = 4720 53 | UserDeleted = 4726 54 | UserEnabled = 4722 55 | UserDisabled = 4725 56 | } 57 | 58 | $EventIDs = @() 59 | Switch ($events) { 60 | "Created" { $EventIDs += $adevent.getenumerator().Where( { $_.name -match "created" }) } 61 | "Deleted" { $eventIDs += $adevent.getenumerator().Where( { $_.name -match "deleted" }) } 62 | "Enabled" { $eventIDs += $adevent.getenumerator().Where( { $_.name -match "enabled" }) } 63 | "Disabled" { $eventIDs += $adevent.getenumerator().Where( { $_.name -match "disabled" }) } 64 | "Changed" { $eventIDs += $adevent.getenumerator().Where( { $_.name -match "changed" }) } 65 | } 66 | 67 | #this hashtable filter will be used by Get-WinEvent 68 | $filter = @{LogName = 'Security'; ID = 0; StartTime = $Since } 69 | 70 | #parameters to eventually splat to Get-WinEvent 71 | $getParams = @{ 72 | ErrorAction = "Stop" 73 | FilterHashtable = $filter 74 | Computername = "" 75 | } 76 | if ($Credential.UserName) { 77 | $getParams.add("Credential", $Credential) 78 | } 79 | 80 | Write-Verbose "Searching for AD log entries since $since" 81 | #Searching the Security event log on each domain controller 82 | foreach ($dc in $DomainController) { 83 | Write-Verbose "Processing $dc" 84 | foreach ($evt in $eventIDs) { 85 | $filter.ID = $evt.value 86 | $getParams.FilterHashtable = $filter 87 | $getParams.Computername = $DC 88 | Write-Verbose "...Looking for $($evt.name) events" 89 | Try { 90 | $logs = Get-WinEvent @getParams 91 | Write-Verbose "Found $($logs.count) log records" 92 | } 93 | Catch { 94 | Write-Warning "No matching $($evt.name) events $since found on $dc." 95 | } 96 | 97 | if ($logs.count -gt 0) { 98 | $names = $logs | _getnames 99 | $targets = ($names | Select-Object -Property Target -Unique).target 100 | $admins = ($names | Select-Object -Property Administrator -Unique).administrator 101 | [pscustomobject]@{ 102 | PSTypeName = "ADAuditTrail" 103 | DomainController = $dc 104 | ID = $evt.Value 105 | EventType = $evt.Name 106 | LogCount = $logs.count 107 | Since = $Since 108 | Targets = $targets 109 | Administrators = $admins 110 | } 111 | Remove-Variable -Name logs 112 | } 113 | } 114 | } 115 | } #close function 116 | 117 | Update-TypeData -TypeName ADAuditTrail -MemberType ScriptProperty -MemberName TargetCount -Value { $($this.targets).count } -Force 118 | 119 | -------------------------------------------------------------------------------- /functions/get-adreportingtools.ps1: -------------------------------------------------------------------------------- 1 | function Get-ADReportingTools { 2 | [cmdletbinding()] 3 | [OutputType("ADReportingTool")] 4 | param () 5 | 6 | $cmds = (Get-Module adreportingtools).ExportedFunctions.keys | Get-Command 7 | $all = foreach ($cmd in $cmds) { 8 | [PSCustomObject]@{ 9 | PSTypeName = "ADReportingTool" 10 | Name = $cmd.Name 11 | Verb = $cmd.Verb 12 | Noun = $cmd.Noun 13 | Version = $cmd.Version 14 | Alias = (Get-Alias -Definition $cmd.name -ErrorAction SilentlyContinue).Name 15 | Synopsis = (Get-Help $cmd.name).Synopsis 16 | } 17 | } 18 | #write sorted results to the pipeline 19 | $all | Sort-Object -Property Verb, Name 20 | } -------------------------------------------------------------------------------- /functions/get-adsitesubnet.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSiteSummary { 2 | [cmdletbinding()] 3 | [OutPutType("ADSiteSummary")] 4 | Param( 5 | [Parameter(Position = 0,HelpMessage = "Specify the name of an Active Directory site. The default is all sites.")] 6 | [ValidateNotNullOrEmpty()] 7 | [string]$Name, 8 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 9 | [alias("dc", "domaincontroller")] 10 | [string]$Server, 11 | [Parameter(HelpMessage = "Specify an alternate credential.")] 12 | [alias("RunAs")] 13 | [PSCredential]$Credential 14 | ) 15 | 16 | Write-Verbose "Starting $($MyInvocation.MyCommand)" 17 | 18 | $getParams = @{ 19 | ErrorAction = "Stop" 20 | Properties = "Subnets", "WhenChanged", "WhenCreated" 21 | } 22 | if ($Name) { 23 | Write-Verbose "Getting site $Name" 24 | $getparams.Add("Identity",$Name) 25 | } 26 | else { 27 | Write-Verbose "Getting all sites" 28 | $getParams.Add("Filter", "*") 29 | } 30 | 31 | if ($server) { 32 | Write-Verbose "Querying domain controller $server" 33 | $getParams.Add("server", $server) 34 | } 35 | if ($Credential.UserName) { 36 | Write-Verbose "Using alternate credential for $($credential.username)" 37 | $getParams.Add("Credential", $Credential) 38 | } 39 | 40 | try { 41 | Write-Verbose "Getting AD Replication sites" 42 | #get sites first and then subnets for each site. This will make grouping and formatting 43 | #results easier 44 | 45 | $sites = Get-ADReplicationSite @getParams 46 | 47 | Write-Verbose "Found $(($sites | Measure-Object).count) sites" 48 | $getParams["Properties"] = "Name", "Description", "Location", "WhenChanged", "WhenCreated" 49 | 50 | $getParams.Remove("Identity") 51 | $getParams.Remove("filter") 52 | foreach ($site in $sites) { 53 | Write-Verbose "Getting subnets associated with $($site.name)" 54 | 55 | #"site -eq $($site.distinguishedname)" 56 | Write-Verbose "Found $($site.subnets.count) subnets" 57 | 58 | $data = $site.subnets | Sort-Object | Get-ADReplicationSubnet @getParams 59 | foreach ($item in $data) { 60 | [pscustomobject]@{ 61 | PSTypename = "ADSiteSummary" 62 | Site = $site.Name 63 | SiteDescription = $site.Description 64 | Subnet = $item.Name 65 | SubnetDescription = $item.Description 66 | SubnetLocation = $item.Location 67 | SiteCreated = $site.WhenCreated 68 | SiteModified = $site.WhenChanged 69 | SubnetCreated = $item.WhenCreated 70 | SubnetModified = $item.WhenChanged 71 | } 72 | } #foreach item 73 | } #foreach site 74 | } 75 | Catch { 76 | throw $_ 77 | } 78 | 79 | Write-Verbose "Ending $($MyInvocation.MyCommand)" 80 | } 81 | 82 | Function Get-ADSiteDetail { 83 | [cmdletbinding()] 84 | [OutPutType("ADSiteDetail")] 85 | Param( 86 | [Parameter(Position = 0,HelpMessage = "Specify the name of an Active Directory site. The default is all sites.")] 87 | [ValidateNotNullOrEmpty()] 88 | [string]$Name, 89 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 90 | [alias("dc", "domaincontroller")] 91 | [string]$Server, 92 | [Parameter(HelpMessage = "Specify an alternate credential.")] 93 | [alias("RunAs")] 94 | [PSCredential]$Credential 95 | ) 96 | Write-Verbose "Starting $($MyInvocation.MyCommand)" 97 | 98 | $data = Get-ADSiteSummary @psboundparameters | Group-Object -Property Site 99 | 100 | if ($data) { 101 | foreach ($item in $data) { 102 | #create a new custom object 103 | [PSCustomObject]@{ 104 | PSTypename = "ADSiteDetail" 105 | Name = $item.Name 106 | Description = $item.group[0].SiteDescription 107 | SubnetCount = $item.count 108 | Subnets = $item.group.subnet 109 | Created = $item.group[0].SubnetCreated 110 | Modified = $item.group[0].SubnetModified 111 | } 112 | } 113 | } 114 | else { 115 | Write-Warning "Failed to get site and subnet information." 116 | } 117 | 118 | Write-Verbose "Ending $($MyInvocation.MyCommand)" 119 | } -------------------------------------------------------------------------------- /functions/get-adsummary.ps1: -------------------------------------------------------------------------------- 1 | Function Get-ADSummary { 2 | [cmdletbinding()] 3 | [OutPutType("ADSummary")] 4 | Param( 5 | [Parameter(Position = 0, HelpMessage = "Specify the domain name. The default is the user domain.")] 6 | [ValidateNotNullOrEmpty()] 7 | [alias("name")] 8 | [string]$Identity = $env:USERDOMAIN, 9 | [Parameter(HelpMessage = "Specify a domain controller to query.")] 10 | [alias("dc", "domaincontroller")] 11 | [string]$Server, 12 | [Parameter(HelpMessage = "Specify an alternate credential.")] 13 | [alias("RunAs")] 14 | [PSCredential]$Credential 15 | ) 16 | 17 | Begin { 18 | Write-Verbose "[BEGIN ] Starting: $($MyInvocation.Mycommand)" 19 | if (-Not $PSBoundParameters.ContainsKey("ErrorAction")) { 20 | $PSBoundParameters.Add("ErrorAction", "Stop") 21 | } 22 | } #begin 23 | 24 | Process { 25 | Write-Verbose "[PROCESS] Getting domain information for $Identity" 26 | Write-Verbose "[PROCESS] Using these PSBoundParameters: `n$(New-Object psobject -Property $PSBoundParameters | Out-String)" 27 | 28 | Try { 29 | $domain = Get-ADDomain @PSBoundParameters 30 | } 31 | Catch { 32 | Write-Warning $_.Exception.message 33 | } 34 | 35 | if ($domain.name) { 36 | Write-Verbose "[PROCESS] Getting forest information for $($domain.forest)" 37 | #update PSBoundParameters 38 | $PSBoundParameters["Identity"] = $domain.forest 39 | Write-Verbose "[PROCESS] Using these PSBoundParameters: `n$(New-Object psobject -Property $PSBoundParameters | Out-String)" 40 | 41 | Try { 42 | $forest = Get-ADForest @PSBoundParameters 43 | } 44 | Catch { 45 | Write-Warning $_.exception.message 46 | } 47 | #create a custom object 48 | [pscustomobject]@{ 49 | PSTypeName = "ADSummary" 50 | Domain = $domain.DNSRoot 51 | Forest = $forest.name 52 | RootDomain = $forest.RootDomain 53 | Domains = $forest.Domains 54 | DomainControllers = $domain.ReplicaDirectoryServers 55 | DomainMode = $domain.DomainMode 56 | ForestMode = $forest.ForestMode 57 | GlobalCatalogs = $forest.GlobalCatalogs 58 | SiteCount = $forest.sites.count 59 | } 60 | } #if domain name 61 | } #process 62 | 63 | End { 64 | Write-Verbose "[END ] Ending: $($MyInvocation.Mycommand)" 65 | } #end 66 | 67 | } #close Get-ADSummary -------------------------------------------------------------------------------- /functions/get-adusercategory.ps1: -------------------------------------------------------------------------------- 1 | #get user information based on a defined category. 2 | #Category properties are defined in configuration json files. 3 | 4 | Function Get-ADUserCategory { 5 | [cmdletbinding(DefaultParameterSetName = "filter")] 6 | [OutputType("ADUserCategory")] 7 | Param( 8 | [parameter(Position = 0, Mandatory, HelpMessage = "Enter an AD user identity", ParameterSetName = "id")] 9 | [validatenotnullorEmpty()] 10 | [string]$Identity, 11 | [parameter(HelpMessage = "Specify an AD filter like department -eq 'sales'. The default is all Enabled user accounts.", ParameterSetName = "filter")] 12 | [validatenotnullorEmpty()] 13 | [string]$Filter = "-not (UserAccountControl -BAND 0x2)", 14 | [Parameter(HelpMessage = "Enter the distinguished name of the top level container or organizational unit.", ParameterSetName = "filter")] 15 | [string]$SearchBase, 16 | [Parameter(Mandatory, HelpMessage = "Select a defined category.")] 17 | [ArgumentCompleter( { $ADUserReportingConfiguration.Name })] 18 | [ValidateScript( { 19 | If ($ADUserReportingConfiguration.Name -contains $_) { 20 | $True 21 | } 22 | else { 23 | Throw "You must select a valid name from `$ADUserReportingConfiguration." 24 | $False 25 | } 26 | 27 | })] 28 | [string]$Category, 29 | [Parameter(HelpMessage = "Specify a domain controller to query for a list of domain controllers.")] 30 | [alias("dc", "domaincontroller")] 31 | [string]$Server, 32 | [Parameter(HelpMessage = "Specify an alternate credential. This will be used to query the domain and all domain controllers.")] 33 | [alias("RunAs")] 34 | [PSCredential]$Credential 35 | ) 36 | Begin { 37 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 38 | 39 | [void]($PSBoundParameters.Remove("Category")) 40 | 41 | #add the filter category if not bound 42 | if ($pscmdlet.ParameterSetName -eq 'filter' -AND (-not $PSBoundParameters.ContainsKey("filter"))) { 43 | $PSBoundParameters.Add("Filter", "-Not(UserAccountControl -BAND 0x2)") 44 | } 45 | $catProp = $ADUserReportingConfiguration.Where( { $_.name -eq $Category }).Properties 46 | if ($catProp) { 47 | $PSBoundParameters.Add("Properties", $catProp) 48 | } 49 | else { 50 | Write-Warning "Failed to find any properties for a category called $category. Using defaults." 51 | } 52 | } #begin 53 | 54 | Process { 55 | 56 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting user information for category $Category " 57 | 58 | if ($pscmdlet.ParameterSetName -eq 'id') { 59 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting user $identity" 60 | } 61 | else { 62 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Using filter $filter" 63 | if ($SearchBase) { 64 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Searching under $Searchbase" 65 | } 66 | } 67 | $PSBoundParameters | Out-String | Write-Verbose 68 | $users = Get-ADUser @PSBoundParameters 69 | 70 | if ($users) { 71 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Found $(($users | Measure-Object).count) user(s)" 72 | foreach ($user in $users) { 73 | #create a temp hashtable 74 | $h = [ordered]@{ 75 | PSTypeName = "ADUserCategory.$category" 76 | DistinguishedName = $user.DistinguishedName 77 | } 78 | 79 | #add category properties 80 | foreach ($prop in $catProp) { 81 | $h.Add($prop, $user.$prop) 82 | } 83 | #write as a custom object 84 | New-Object -TypeName PSObject -Property $h 85 | } 86 | } 87 | else { 88 | Write-Warning "Failed to find any matching user accounts." 89 | } 90 | 91 | } #process 92 | 93 | End { 94 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 95 | } #end 96 | 97 | } #close Get-ADUserCategory -------------------------------------------------------------------------------- /functions/get-ntdsinfo.ps1: -------------------------------------------------------------------------------- 1 | 2 | 3 | Function Get-NTDSInfo { 4 | [cmdletbinding()] 5 | [outputType("NTDSInfo")] 6 | Param( 7 | [Parameter(Position = 0, Mandatory, ValueFromPipeline, HelpMessage = "Specify a domain controller name.")] 8 | [Alias("name")] 9 | [string[]]$Computername, 10 | [Parameter(HelpMessage = "Specify an alternate credential.")] 11 | [PSCredential]$Credential 12 | ) 13 | Begin { 14 | Write-Verbose "[$((Get-Date).TimeofDay) BEGIN ] Starting $($myinvocation.mycommand)" 15 | 16 | $sb = { 17 | $dsa = Get-ItemProperty -path 'HKLM:\system\CurrentControlSet\Services\ntds\Parameters' 18 | 19 | #send a hashtable of data 20 | @{ 21 | ntds = Get-Item -Path $dsa.'DSA Database File' 22 | logs = Get-ChildItem -Path $dsa.'Database log files path' -Filter edb*.log 23 | computername = $env:computername 24 | } 25 | } 26 | } #begin 27 | 28 | Process { 29 | foreach ($Computer in $Computername) { 30 | 31 | Try { 32 | Write-Verbose "[$((Get-Date).TimeofDay) PROCESS] Getting NTDS data from $($Computer.toUpper())." 33 | Invoke-Command -ScriptBlock $sb -ComputerName $computer -HideComputerName -ErrorAction Stop | 34 | ForEach-Object { 35 | #disable Verbose output from Resolve-DNSName because it adds no value here. 36 | [pscustomobject]@{ 37 | PSTypename = "NTDSInfo" 38 | DomainController = (Resolve-DnsName -Type A -Name $_.computername -Verbose:$false).Name 39 | Path = $_.ntds.FullName 40 | Size = $_.ntds.Length 41 | FileDate = $_.ntds.LastWriteTime 42 | LogCount = $_.logs.count 43 | Date = (Get-Date) 44 | } 45 | } #foreach-object 46 | }#try 47 | Catch { 48 | Write-Warning "Error getting data from $($computer.toUpper()). $($_.Exception.Message)." 49 | } 50 | } #foreach computer 51 | } #process 52 | 53 | End { 54 | Write-Verbose "[$((Get-Date).TimeofDay) END ] Ending $($myinvocation.mycommand)" 55 | } #end 56 | 57 | } #close Get-NTDSInfo -------------------------------------------------------------------------------- /functions/private.ps1: -------------------------------------------------------------------------------- 1 | #private helper functions 2 | 3 | # private helper function to insert javascript code into my html 4 | function _insertToggle { 5 | [cmdletbinding()] 6 | #The text to display, the name of the div, the data to collapse, and the heading style 7 | #the div Id needs to be alphanumeric text 8 | Param([string]$Text, [string]$div, [object[]]$Data, [string]$Heading = "H2", [switch]$NoConvert) 9 | 10 | $out = [System.Collections.Generic.list[string]]::New() 11 | if (-Not $div) { 12 | $div = $Text.Replace(" ", "_") 13 | } 14 | $out.add("<$Heading>$Text
") 15 | if ($NoConvert) { 16 | $out.Add($Data) 17 | } 18 | else { 19 | $out.Add($($Data | ConvertTo-Html -Fragment)) 20 | } 21 | $out.Add("
") 22 | $out 23 | } 24 | 25 | Function _getPopData { 26 | [cmdletbinding()] 27 | param([string]$Identity) 28 | 29 | Try { 30 | $class = (Get-ADObject -Identity $identity -ErrorAction stop).objectclass 31 | } 32 | Catch { 33 | #don't do anything 34 | } 35 | if ($class -eq 'user') { 36 | $props = 'SamAccountName', 'Displayname', 'Title', 'Department', 'PasswordLastSet', 'LastLogonDate', 'Enabled', 'WhenCreated', 'WhenChanged' 37 | Get-ADUser -Identity $identity -Property $props | Select-Object -Property $props 38 | } 39 | elseif ($class -eq 'computer') { 40 | $props = 'DnsHostName', 'OperatingSystem', 'IPv4Address', 'Location', 'Enabled', 'WhenCreated', 'WhenChanged' 41 | Get-ADComputer -Identity $identity -Property $props | Select-Object -Property $props 42 | } 43 | } 44 | 45 | function _formatdn { 46 | #format a distinguished name to look nicer 47 | [CmdletBinding()] 48 | Param([string]$DN) 49 | 50 | $parts = $dn -split "\," 51 | $updates = [System.Collections.Generic.list[string]]::new() 52 | foreach ($part in $parts) { 53 | $split = $part -split "\=" 54 | $name = [System.Globalization.CultureInfo]::CurrentCulture.TextInfo.ToTitleCase($split[1].trim().toLower()) 55 | $transform = "{0}={1}" -f $split[0].trim().toUpper(), $name 56 | $updates.Add($transform) 57 | } 58 | $updates -join "," 59 | } 60 | 61 | #a private helper function to convert the objects to html fragments 62 | Function _convertObjects { 63 | Param([object[]]$Objects) 64 | #convert each table to an XML fragment so I can insert a class attribute 65 | [xml]$frag = $objects | Sort-Object -property WhenChanged | 66 | Select-Object -Property DistinguishedName,Name,WhenCreated,WhenChanged,IsDeleted | 67 | ConvertTo-Html -Fragment 68 | 69 | for ($i = 1; $i -lt $frag.table.tr.count;$i++) { 70 | if (($frag.table.tr[$i].td[2] -as [datetime]) -ge $since) { 71 | #highlight new objects in green 72 | $class = $frag.CreateAttribute("class") 73 | $class.value="new" 74 | [void]$frag.table.tr[$i].Attributes.append($class) 75 | } #if new 76 | 77 | #insert the alert attribute if the object has been deleted. 78 | if ($frag.table.tr[$i].td[-1] -eq 'True') { 79 | #highlight deleted objects in red 80 | $class = $frag.CreateAttribute("class") 81 | $class.value="alert" 82 | [void]$frag.table.tr[$i].Attributes.append($class) 83 | } #if deleted 84 | } #for 85 | 86 | #write the innerXML (ie HTML code) as the function output 87 | $frag.InnerXml 88 | } 89 | 90 | function _getDNSName { 91 | [cmdletbinding()] 92 | Param([string]$Name) 93 | 94 | Try { 95 | $r = Resolve-DnsName -Name $Name -type A -ErrorAction Stop | Select-Object -first 1 96 | if ($r.name) { 97 | $r.name 98 | } 99 | else { 100 | #this should only happen if Resolve-DNSName compeletes without error but no result. 101 | $name 102 | } 103 | } 104 | Catch { 105 | write-warning $_.exception.message 106 | $name 107 | } 108 | } 109 | function _ToTitleCase { 110 | [cmdletbinding()] 111 | Param( 112 | [string]$Text 113 | ) 114 | 115 | [System.Globalization.CultureInfo]::CurrentCulture.TextInfo.ToTitleCase($text) 116 | 117 | } 118 | -------------------------------------------------------------------------------- /images/2PopulatedDomain01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/2PopulatedDomain01.png -------------------------------------------------------------------------------- /images/Collection_DomainGroup01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/Collection_DomainGroup01.png -------------------------------------------------------------------------------- /images/ComputerAccount01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/ComputerAccount01.png -------------------------------------------------------------------------------- /images/Folder_FolderOpenWithDocumentWriting01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/Folder_FolderOpenWithDocumentWriting01.png -------------------------------------------------------------------------------- /images/Users01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/Users01.png -------------------------------------------------------------------------------- /images/adbackup-age.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/adbackup-age.png -------------------------------------------------------------------------------- /images/adbackup-status.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/adbackup-status.png -------------------------------------------------------------------------------- /images/adgroup-format.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/adgroup-format.png -------------------------------------------------------------------------------- /images/admanager-direct.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/admanager-direct.png -------------------------------------------------------------------------------- /images/admanager-managed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/admanager-managed.png -------------------------------------------------------------------------------- /images/adreportinghash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/adreportinghash.png -------------------------------------------------------------------------------- /images/get-adbranch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adbranch.png -------------------------------------------------------------------------------- /images/get-adcanonicaluser.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adcanonicaluser.png -------------------------------------------------------------------------------- /images/get-adcomputerreport-properties.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adcomputerreport-properties.png -------------------------------------------------------------------------------- /images/get-adcomputerreport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adcomputerreport.png -------------------------------------------------------------------------------- /images/get-addept-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-addept-manager.png -------------------------------------------------------------------------------- /images/get-addept.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-addept.png -------------------------------------------------------------------------------- /images/get-addomaincontrollerhealth-info.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-addomaincontrollerhealth-info.png -------------------------------------------------------------------------------- /images/get-addomaincontrollerhealth-services.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-addomaincontrollerhealth-services.png -------------------------------------------------------------------------------- /images/get-addomaincontrollerhealth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-addomaincontrollerhealth.png -------------------------------------------------------------------------------- /images/get-adfsmo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adfsmo.png -------------------------------------------------------------------------------- /images/get-adgroup.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adgroup.png -------------------------------------------------------------------------------- /images/get-adgroupreport-age.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adgroupreport-age.png -------------------------------------------------------------------------------- /images/get-adgroupreport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adgroupreport.png -------------------------------------------------------------------------------- /images/get-adgroupuser-list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adgroupuser-list.png -------------------------------------------------------------------------------- /images/get-adgroupuser.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adgroupuser.png -------------------------------------------------------------------------------- /images/get-adreportingtools.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adreportingtools.png -------------------------------------------------------------------------------- /images/get-adreportingtoolsoptions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adreportingtoolsoptions.png -------------------------------------------------------------------------------- /images/get-adsitedetail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adsitedetail.png -------------------------------------------------------------------------------- /images/get-adsitesummary.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adsitesummary.png -------------------------------------------------------------------------------- /images/get-adsummary.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adsummary.png -------------------------------------------------------------------------------- /images/get-aduser-names.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-aduser-names.png -------------------------------------------------------------------------------- /images/get-aduseraudit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-aduseraudit.png -------------------------------------------------------------------------------- /images/get-adusercategory.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-adusercategory.png -------------------------------------------------------------------------------- /images/get-ntdsinfo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/get-ntdsinfo.png -------------------------------------------------------------------------------- /images/octocat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/octocat.png -------------------------------------------------------------------------------- /images/open-adreportingtoolshelp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/open-adreportingtoolshelp.png -------------------------------------------------------------------------------- /images/samplechangereport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/samplechangereport.png -------------------------------------------------------------------------------- /images/samplegroupreport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/samplegroupreport.png -------------------------------------------------------------------------------- /images/samplereport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/samplereport.png -------------------------------------------------------------------------------- /images/show-domaintree.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/images/show-domaintree.png -------------------------------------------------------------------------------- /reports/changereport.css: -------------------------------------------------------------------------------- 1 | @charset "UTF-8"; 2 | 3 | h2 { 4 | width:95%; 5 | background-color:#7BA7C7; 6 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 7 | color: #434247; 8 | font-size:16pt; 9 | } 10 | 11 | h3 { 12 | font-size: 14pt; 13 | width: 95%; 14 | } 15 | 16 | h4 { 17 | width:95%; 18 | font-size: 12pt; 19 | background-color:#4481f198; 20 | } 21 | h5 { 22 | width:95%; 23 | font-size: 11pt; 24 | font-style: italic; 25 | text-indent: 2%; 26 | } 27 | body { 28 | background-color:#FFFFFF; 29 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 30 | font-size:12pt; 31 | } 32 | td, th { 33 | border:1px solid black; 34 | border-collapse:collapse; 35 | } 36 | th { 37 | color:white; 38 | background-color:black; 39 | } 40 | table, tr, td, th { 41 | padding-left: 10px; 42 | margin: 0px 43 | } 44 | tr:nth-child(odd) {background-color: lightgray} 45 | table { 46 | width:95%; 47 | margin-left:5px; 48 | margin-bottom:20px; 49 | } 50 | 51 | .alert { color:red; } 52 | .new { color:green; } 53 | table.footer tr, 54 | table.footer td { 55 | background-color: white; 56 | border-collapse: collapse; 57 | border: none; 58 | } 59 | table.footer { 60 | width: 25%; 61 | padding-left: 10px; 62 | margin-left: 70%; 63 | font-size: 10pt; 64 | } 65 | td.size { 66 | text-align: right; 67 | padding-right: 25px; 68 | } 69 | .center { 70 | display: block; 71 | margin-left: auto; 72 | margin-right: auto; 73 | width: 50%; 74 | } 75 | table.header tr, 76 | table.header td { 77 | background-color:white; 78 | border-collapse: collapse; 79 | border: none; 80 | } -------------------------------------------------------------------------------- /reports/domainreport.css: -------------------------------------------------------------------------------- 1 | @charset "UTF-8"; 2 | 3 | h2 { 4 | width:95%; 5 | background-color:#7BA7C7; 6 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 7 | color: #434247; 8 | font-size:16pt; 9 | } 10 | h2:before { 11 | content: "+|-"; 12 | font-size: 10pt; 13 | padding-right: 5px; 14 | display:inline-block; 15 | } 16 | h3 { 17 | font-size: 14pt; 18 | width: 95%; 19 | } 20 | h3:before { 21 | content: "+|-"; 22 | font-size: 10pt; 23 | padding-right: 5px; 24 | display:inline-block; 25 | } 26 | h4 { 27 | width:95%; 28 | font-size: 12pt; 29 | background-color:#4481f198; 30 | } 31 | h5 { 32 | width:95%; 33 | font-size: 11pt; 34 | font-style: italic; 35 | text-indent: 2%; 36 | } 37 | body { 38 | background-color:#FFFFFF; 39 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 40 | font-size:12pt; 41 | } 42 | td, th { 43 | border:1px solid black; 44 | border-collapse:collapse; 45 | } 46 | th { 47 | color:white; 48 | background-color:black; 49 | } 50 | table, tr, td, th { 51 | padding-left: 10px; 52 | margin: 0px 53 | } 54 | tr:nth-child(odd) {background-color: lightgray} 55 | table { 56 | width:95%; 57 | margin-left:5px; 58 | margin-bottom:20px; 59 | } 60 | 61 | .alert { color:red; } 62 | .new { color:green; } 63 | table.footer tr, 64 | table.footer td { 65 | background-color: white; 66 | border-collapse: collapse; 67 | border: none; 68 | } 69 | table.footer { 70 | width: 25%; 71 | padding-left: 10px; 72 | margin-left: 70%; 73 | font-size: 10pt; 74 | } 75 | td.size { 76 | text-align: right; 77 | padding-right: 25px; 78 | } 79 | .center { 80 | display: block; 81 | margin-left: auto; 82 | margin-right: auto; 83 | width: 50%; 84 | } 85 | table.header tr, 86 | table.header td { 87 | background-color:white; 88 | border-collapse: collapse; 89 | border: none; 90 | } -------------------------------------------------------------------------------- /reports/groupreport.css: -------------------------------------------------------------------------------- 1 | @charset "UTF-8"; 2 | 3 | h2 { 4 | width:95%; 5 | background-color:#7BA7C7; 6 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 7 | color: #434247; 8 | font-size:16pt; 9 | } 10 | h3 { 11 | font-size: 14pt; 12 | width: 95%; 13 | } 14 | h4 { 15 | width:95%; 16 | font-size: 12pt; 17 | background-color:#4481f198; 18 | } 19 | h5 { 20 | width:95%; 21 | font-size: 11pt; 22 | font-style: italic; 23 | text-indent: 2%; 24 | } 25 | body { 26 | background-color:#FFFFFF; 27 | font-family:'Trebuchet MS', 'Lucida Sans Unicode', 'Lucida Grande', 'Lucida Sans', Arial, sans-serif; 28 | font-size:12pt; 29 | } 30 | td, th { 31 | border:1px solid black; 32 | border-collapse:collapse; 33 | } 34 | th { 35 | color:white; 36 | background-color:black; 37 | } 38 | table, tr, td, th { 39 | padding-left: 10px; 40 | margin: 0px 41 | } 42 | tr:nth-child(odd) {background-color: lightgray} 43 | table { 44 | width:95%; 45 | margin-left:5px; 46 | margin-bottom:20px; 47 | } 48 | 49 | .alert { color:red; } 50 | .new { color:green; } 51 | table.footer tr, 52 | table.footer td { 53 | background-color: white; 54 | border-collapse: collapse; 55 | border: none; 56 | } 57 | table.footer { 58 | width: 25%; 59 | padding-left: 10px; 60 | margin-left: 70%; 61 | font-size: 10pt; 62 | } 63 | td.size { 64 | text-align: right; 65 | padding-right: 25px; 66 | } 67 | .center { 68 | display: block; 69 | margin-left: auto; 70 | margin-right: auto; 71 | width: 50%; 72 | } 73 | table.header tr, 74 | table.header td { 75 | background-color:white; 76 | border-collapse: collapse; 77 | border: none; 78 | } -------------------------------------------------------------------------------- /reports/samplechange.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/reports/samplechange.html -------------------------------------------------------------------------------- /reports/sampledomain.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/reports/sampledomain.html -------------------------------------------------------------------------------- /reports/samplegroup.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jdhitsolutions/ADReportingTools/c6dd0a16b722989a6e5ba9d9af0657d7ad8f9215/reports/samplegroup.html -------------------------------------------------------------------------------- /tests/ADReportingTools.tests.ps1: -------------------------------------------------------------------------------- 1 | $here = Split-Path -Path $MyInvocation.MyCommand.Path 2 | $parent = Split-Path -Path $here 3 | $module = Split-Path -Path $parent -Leaf 4 | 5 | Write-Host "Importing module $module from $parent" -ForegroundColor Cyan 6 | 7 | Import-Module $parent -force 8 | 9 | InModuleScope $Module { 10 | Describe ADReportingTools { 11 | It "does something useful" { 12 | $true | Should Be $true 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /types/adgroupreport.types.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 11 | 12 | 13 | ADGroupReport 14 | 15 | 16 | DN 17 | DistinguishedName 18 | 19 | 20 | Age 21 | New-Timespan -Start $this.Modified -end (Get-Date) 22 | 23 | 24 | MemberCount 25 | ($this.members | Measure-Object).Count 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /types/aduser.types.ps1xml: -------------------------------------------------------------------------------- 1 |  2 | 9 | 10 | 11 | Microsoft.ActiveDirectory.Management.ADUser 12 | 13 | 14 | Names 15 | 16 | DN 17 | Name 18 | FirstName 19 | LastName 20 | SamAccountName 21 | UPN 22 | 23 | 24 | 25 | FirstName 26 | GivenName 27 | 28 | 29 | UPN 30 | UserPrincipalName 31 | 32 | 33 | LastName 34 | Surname 35 | 36 | 37 | DN 38 | DistinguishedName 39 | 40 | 41 | 42 | --------------------------------------------------------------------------------