public/MSClientOnBoarding
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Add firewall configuration and server roles information

Browse Source
This commit is contained in:
Petr Štěpán
2024-07-25 10:57:41 +02:00
parent 20c5c971ff
commit cd1943928e
1 changed files with 135 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
start-audit.ps1
View File

@@ -27,7 +27,8 @@
param( param(
[string[]]$Target = $env:COMPUTERNAME, [string[]]$Target = $env:COMPUTERNAME,
[switch]$Verbose [switch]$Verbose,
[string]$Path
) )
#refion Set Environment #refion Set Environment
@@ -90,7 +91,7 @@ function Get-GeneralInfo {
$uptime = (Get-Date) - $OperatingSystem.ConvertToDateTime($OperatingSystem.Lastbootuptime) $uptime = (Get-Date) - $OperatingSystem.ConvertToDateTime($OperatingSystem.Lastbootuptime)
$GeneralInfo = @{ $GeneralInfo =[ordered] @{
"ComputerName" = $ComputerSystem.Name "ComputerName" = $ComputerSystem.Name
"OS" = $OperatingSystem.Caption "OS" = $OperatingSystem.Caption
"OS Version" = $OperatingSystem.Version "OS Version" = $OperatingSystem.Version
@@ -115,8 +116,8 @@ function Get-HardwareInfo {
$Disk = Get-WmiObject -computername $Target Win32_LogicalDisk $Disk = Get-WmiObject -computername $Target Win32_LogicalDisk
$LogicalDrives = @() $LogicalDrives = @()
Foreach ($LDrive in ($Disk | Where {$_.DriveType -eq 3})){ Foreach ($LDrive in ($Disk | Where-Object {$_.DriveType -eq 3})){
$Details = @{ $Details = [pscustomobject] @{
"Drive Letter" = $LDrive.DeviceID "Drive Letter" = $LDrive.DeviceID
"Label" = $LDrive.VolumeName "Label" = $LDrive.VolumeName
"File System" = $LDrive.FileSystem "File System" = $LDrive.FileSystem
@@ -127,7 +128,7 @@ function Get-HardwareInfo {
$LogicalDrives += $Details $LogicalDrives += $Details
} }
$HardwareInfo = @{ $HardwareInfo = [ordered] @{
"Manufacturer" = $ComputerSystem.Manufacturer "Manufacturer" = $ComputerSystem.Manufacturer
"Model" = $ComputerSystem.Model "Model" = $ComputerSystem.Model
"Processor Cores" = $Processor.NumberOfCores "Processor Cores" = $Processor.NumberOfCores
@@ -149,7 +150,7 @@ function Get-NetworkConfiguration {
$NetworkConfiguration = @() $NetworkConfiguration = @()
foreach ($Adapter in $NetworkAdapter) { foreach ($Adapter in $NetworkAdapter) {
$netAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapter | Where-Object { $_.DeviceID -eq $adapter.Index } $netAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapter | Where-Object { $_.DeviceID -eq $adapter.Index }
$NetworkInfo = @{ $NetworkInfo = [ordered] @{
"Interface Name" = $netAdapter.Name "Interface Name" = $netAdapter.Name
"IP Address" = ($Adapter.IPAddress -join ", ") "IP Address" = ($Adapter.IPAddress -join ", ")
"Subnet Mask" = ($Adapter.IPSubnet -join ", ") "Subnet Mask" = ($Adapter.IPSubnet -join ", ")
@@ -196,7 +197,7 @@ function Get-Roles {
$Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }} $Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }}
$RolesInfo = @() $RolesInfo = @()
foreach ($role in $Roles) { foreach ($role in $Roles) {
$RolesInfo += @{ $RolesInfo += [pscustomobject]@{
"Role Name" = $role.Name "Role Name" = $role.Name
"Description" = $role.Description "Description" = $role.Description
"Status" = $role.InstallState "Status" = $role.InstallState
@@ -212,7 +213,7 @@ function Get-LocalUserAdmins {
[string]$Target [string]$Target
) )
$LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock { $LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock {
$SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select SID $SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select-Object SID
if ($SIDs){ if ($SIDs){
$LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value $LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value
}else{ }else{
@@ -231,7 +232,7 @@ function Get-LocalUserAdmins {
([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago" ([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago"
} }
$LocalAdminsInfo += @{ $LocalAdminsInfo += [pscustomobject]@{
"Username" = $user.Name "Username" = $user.Name
"Display Name" = $user.FullName "Display Name" = $user.FullName
"Description" = $user.Description "Description" = $user.Description
@@ -244,6 +245,41 @@ function Get-LocalUserAdmins {
return $LocalAdminsInfo return $LocalAdminsInfo
} }
function Get-InstalledApplication {
param(
[string]$Target
)
#$InstalledApps = Get-WmiObject -Class Win32_Product -ComputerName $Target | Select-Object Name, Version, Vendor, InstallDate
$InstalledApps = Invoke-Command -ComputerName $Target -ScriptBlock {
$registryPaths = @(
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*"
)
$Apps = foreach ($path in $registryPaths) {
Get-ItemProperty -Path $path -ErrorAction SilentlyContinue | Where-Object { $_.DisplayName } | Select-Object @{Name='Name';Expression={$_.DisplayName}}, @{Name='Version';Expression={$_.DisplayVersion}}, @{Name='Publisher';Expression={$_.Publisher}}, @{Name='InstallDate';Expression={if ($_.InstallDate) { [datetime]::ParseExact($_.InstallDate, 'yyyyMMdd', $null) } else { $null }}}
}
$Apps
}
return $InstalledApps | Select-Object Name, Version, Publisher, InstallDate
}
<# function Get-WindowsUpdateSettings {
param(
[string]$Target
)
$WindowsUpdateSettings = Invoke-Command -ComputerName $Target -ScriptBlock {
$WindowsUpdates = (New-Object -ComObject "Microsoft.Update.AutoUpdate").Settings
$WindowsUpdates
}
return $WindowsUpdateSettings
} #>
#endregion #endregion
Write-Host " Write-Host "
@@ -285,6 +321,11 @@ foreach ($server in $Target) {
Write-Message -Type "Success" Write-Message -Type "Success"
Write-Verbose ($FirewallConfiguration | Out-String) Write-Verbose ($FirewallConfiguration | Out-String)
Write-Message -Message "Collecting information abut local admins"
$LocalAdminsInfo = Get-LocalUserAdmins -Target $server
Write-Message -Type "Success"
Write-Verbose ($LocalAdminsInfo | Out-String)
Write-Message -Message "Collecting server roles information" Write-Message -Message "Collecting server roles information"
if($GeneralInfo.'Domain Role Id' -ge 2) { if($GeneralInfo.'Domain Role Id' -ge 2) {
$ServerRoles = Get-Roles -Target $server $ServerRoles = Get-Roles -Target $server
@@ -294,8 +335,93 @@ foreach ($server in $Target) {
Write-Message -Type "Success" Write-Message -Type "Success"
Write-Verbose ($ServerRoles | Out-String) Write-Verbose ($ServerRoles | Out-String)
Write-Message -Message "Collecting installed applications"
$InstalledApplications = Get-InstalledApplication -Target $server
Write-Message -Type "Success"
Write-Verbose ($InstalledApplications| Out-String)
#region HTML Report
Write-Message -Message "Generating HTML report"
$dateTime = Get-Date -Format "yyyy-MM-dd_HH-mm-ss"
if(!$Path) {
$Path = $PSScriptRoot +"\" + $server + "_" + $dateTime + ".html"
}
New-HTML -TitleText "$server $dateTime" -Online:$true -FilePath $Path -ShowHTML {
New-HTMLHeader {
New-HTMLSection -Invisible {
New-HTMLPanel -Invisible {
New-HTMLImage -Source 'https://git.totalservice.cz/public/MSClientOnBoarding/raw/branch/main/logo/total_service_logo.png' -UrlLink 'https://totalservice.cz' -AlternativeText 'Total Service' -Class 'otehr' -Width '5%'
}
New-HTMLPanel -Invisible {
New-HTMLHeading -HeadingText "Audit: $server" -Heading h1
}
}
}
New-HTMLTab -TabName 'General Information' {
New-HTMLSection -HeaderText 'General Information' {
New-HTMLPanel {
New-HTMLTable -DataTable $GeneralInfo -ExcludeProperty 'Domain Role Id' -HideFooter -Simplify {
New-TableHeader -Title 'General Information'
}
}
New-HTMLPanel {
$data = [ordered] @{
"Manufacturer" = $HardwareInfo.Manufacturer
"Model" = $HardwareInfo.Model
"Processor Cores" = $HardwareInfo.'Processor Cores'
"Memory (GB)" = $HardwareInfo.Memory
}
New-HTMLTable -DataTable $data -HideFooter -Simplify {
New-TableHeader -Title 'Hardware'
}
}
New-HTMLPanel {
New-HTMLTable -DataTable $HardwareInfo.Disk -HideFooter -Simplify {
New-TableHeader -Title 'Disk'
}
}
}
New-HTMLSection -HeaderText 'Networking' {
New-HTMLPanel {
New-HTMLTable -DataTable $NetworkConfiguration -HideFooter -Simplify {
New-TableHeader -Title 'Network Configuration'
}
}
New-HTMLPanel {
New-HTMLTable -DataTable $FirewallConfiguration -HideFooter -Simplify {
New-TableHeader -Title 'Firewall Configuration'
}
}
}
New-HTMLSection -HeaderText 'Server Roles' {
New-HTMLPanel {
New-HTMLTable -DataTable $LocalAdminsInfo -HideFooter -HideButtons {
New-TableHeader -Title 'Local Admins'
}
}
New-HTMLPanel {
New-HTMLTable -DataTable $ServerRoles -HideFooter -HideButtons {
New-TableHeader -Title 'Server Roles'
}
}
}
}
New-HTMLTab -TabName 'Installed Applications' {
New-HTMLSection -HeaderText 'Applications list' {
New-HTMLPanel {
New-HTMLTable -DataTable $InstalledApplications -HideFooter -PagingLength 50 -Title "$server $dateTime Installed Apps" { # Title will be used for filename when using export
New-TableHeader -Title 'Installed Applications'
}
}
}
}
}
Write-Message -Type "Success"
} }