Add firewall configuration and server roles information

2024-07-24 23:14:54 +02:00
parent d32022dfc1
commit d7be4f777a
1 changed files with 98 additions and 0 deletions
--- a/start-audit.ps1
+++ b/start-audit.ps1
@@ -96,6 +96,7 @@ function Get-GeneralInfo {
        "OS Version" = $OperatingSystem.Version
        "OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate)
        "Domain Role" = $ComputerRole
+        "Domain Role Id" = $ComputerSystem.DomainRole
        "Domain" = $ComputerSystem.Domain
        "Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds)
    }
@@ -162,6 +163,86 @@ function Get-NetworkConfiguration {

    return $NetworkConfiguration

+}
+
+function Get-FirewallInfo {
+    param(
+        [string]$Target
+    )
+   $FirewallProfiles = Invoke-Command -ComputerName $Target -ScriptBlock {
+        Get-NetFirewallProfile
+    }
+
+    $FirewallInfo = @()
+    foreach ($profile in $FirewallProfiles) {
+        $FirewallInfo += @{
+            "Profile Name" = $profile.Name
+            "Enabled" = $profile.Enabled
+            "Default Inbound Action" = $profile.DefaultInboundAction
+            "Default Outbound Action" = $profile.DefaultOutboundAction
+            #"AllowInboundRules" = $profile.AllowInboundRules
+            #"AllowLocalFirewallRules" = $profile.AllowLocalFirewallRules
+            #"AllowLocalIPsecRules" = $profile.AllowLocalIPsecRules
+        }
+    }
+
+    return $FirewallInfo
+}
+
+function Get-Roles {
+    param(
+        [string]$Target
+    )
+    $Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }}
+    $RolesInfo = @()
+    foreach ($role in $Roles) {
+        $RolesInfo += @{
+            "Role Name" = $role.Name
+            "Description" = $role.Description
+            "Status" = $role.InstallState
+        }
+    }
+
+    return $RolesInfo
+
+}
+
+function Get-LocalUserAdmins {
+    param(
+        [string]$Target
+    )
+    $LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock {
+        $SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select SID
+        if ($SIDs){
+            $LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value
+        }else{
+            $LocalAdmins = ""
+        }
+
+        $LocalAdmins
+    }
+
+    $LocalAdminsInfo = @()
+    foreach ($user in $LocalUserAdmins) {
+        $lastLogon = if($user.LastLogon){
+            ([string]((Get-Date) - $user.LastLogon).days) + " days ago"
+        }
+        $passwordLastSet = if($user.PasswordLastSet){
+            ([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago"
+        }
+
+        $LocalAdminsInfo += @{
+            "Username" = $user.Name
+            "Display Name" = $user.FullName
+            "Description" = $user.Description
+            "Enabled" = $user.Enabled
+            "Last Logon" = $lastLogon
+            "Password Last Set" = $passwordLastSet
+        }
+    }
+
+    return $LocalAdminsInfo
+
 }
 #endregion

@@ -199,5 +280,22 @@ foreach ($server in $Target) {
    Write-Message -Type "Success"
    Write-Verbose ($NetworkConfiguration | Out-String)

+    Write-Message -Message "Collecting firewall configuration"
+    $FirewallConfiguration = Get-FirewallInfo -Target $server
+    Write-Message -Type "Success"
+    Write-Verbose ($FirewallConfiguration | Out-String)
+
+    Write-Message -Message "Collecting server roles information"
+    if($GeneralInfo.'Domain Role Id' -ge 2) {
+        $ServerRoles = Get-Roles -Target $server  
+    }else {
+        $ServerRoles = ""
+    }
+    Write-Message -Type "Success"
+    Write-Verbose ($ServerRoles | Out-String)
+
+
+
+
    
 }