Add firewall configuration and server roles information
This commit is contained in:
@@ -96,6 +96,7 @@ function Get-GeneralInfo {
|
||||
"OS Version" = $OperatingSystem.Version
|
||||
"OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate)
|
||||
"Domain Role" = $ComputerRole
|
||||
"Domain Role Id" = $ComputerSystem.DomainRole
|
||||
"Domain" = $ComputerSystem.Domain
|
||||
"Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds)
|
||||
}
|
||||
@@ -162,6 +163,86 @@ function Get-NetworkConfiguration {
|
||||
|
||||
return $NetworkConfiguration
|
||||
|
||||
}
|
||||
|
||||
function Get-FirewallInfo {
|
||||
param(
|
||||
[string]$Target
|
||||
)
|
||||
$FirewallProfiles = Invoke-Command -ComputerName $Target -ScriptBlock {
|
||||
Get-NetFirewallProfile
|
||||
}
|
||||
|
||||
$FirewallInfo = @()
|
||||
foreach ($profile in $FirewallProfiles) {
|
||||
$FirewallInfo += @{
|
||||
"Profile Name" = $profile.Name
|
||||
"Enabled" = $profile.Enabled
|
||||
"Default Inbound Action" = $profile.DefaultInboundAction
|
||||
"Default Outbound Action" = $profile.DefaultOutboundAction
|
||||
#"AllowInboundRules" = $profile.AllowInboundRules
|
||||
#"AllowLocalFirewallRules" = $profile.AllowLocalFirewallRules
|
||||
#"AllowLocalIPsecRules" = $profile.AllowLocalIPsecRules
|
||||
}
|
||||
}
|
||||
|
||||
return $FirewallInfo
|
||||
}
|
||||
|
||||
function Get-Roles {
|
||||
param(
|
||||
[string]$Target
|
||||
)
|
||||
$Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }}
|
||||
$RolesInfo = @()
|
||||
foreach ($role in $Roles) {
|
||||
$RolesInfo += @{
|
||||
"Role Name" = $role.Name
|
||||
"Description" = $role.Description
|
||||
"Status" = $role.InstallState
|
||||
}
|
||||
}
|
||||
|
||||
return $RolesInfo
|
||||
|
||||
}
|
||||
|
||||
function Get-LocalUserAdmins {
|
||||
param(
|
||||
[string]$Target
|
||||
)
|
||||
$LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock {
|
||||
$SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select SID
|
||||
if ($SIDs){
|
||||
$LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value
|
||||
}else{
|
||||
$LocalAdmins = ""
|
||||
}
|
||||
|
||||
$LocalAdmins
|
||||
}
|
||||
|
||||
$LocalAdminsInfo = @()
|
||||
foreach ($user in $LocalUserAdmins) {
|
||||
$lastLogon = if($user.LastLogon){
|
||||
([string]((Get-Date) - $user.LastLogon).days) + " days ago"
|
||||
}
|
||||
$passwordLastSet = if($user.PasswordLastSet){
|
||||
([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago"
|
||||
}
|
||||
|
||||
$LocalAdminsInfo += @{
|
||||
"Username" = $user.Name
|
||||
"Display Name" = $user.FullName
|
||||
"Description" = $user.Description
|
||||
"Enabled" = $user.Enabled
|
||||
"Last Logon" = $lastLogon
|
||||
"Password Last Set" = $passwordLastSet
|
||||
}
|
||||
}
|
||||
|
||||
return $LocalAdminsInfo
|
||||
|
||||
}
|
||||
#endregion
|
||||
|
||||
@@ -199,5 +280,22 @@ foreach ($server in $Target) {
|
||||
Write-Message -Type "Success"
|
||||
Write-Verbose ($NetworkConfiguration | Out-String)
|
||||
|
||||
Write-Message -Message "Collecting firewall configuration"
|
||||
$FirewallConfiguration = Get-FirewallInfo -Target $server
|
||||
Write-Message -Type "Success"
|
||||
Write-Verbose ($FirewallConfiguration | Out-String)
|
||||
|
||||
Write-Message -Message "Collecting server roles information"
|
||||
if($GeneralInfo.'Domain Role Id' -ge 2) {
|
||||
$ServerRoles = Get-Roles -Target $server
|
||||
}else {
|
||||
$ServerRoles = ""
|
||||
}
|
||||
Write-Message -Type "Success"
|
||||
Write-Verbose ($ServerRoles | Out-String)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user