public/MSClientOnBoarding
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add firewall configuration and server roles information

Browse Source
This commit is contained in:
Petr Štěpán
2024-07-24 23:14:54 +02:00
parent d32022dfc1
commit d7be4f777a
1 changed files with 98 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
start-audit.ps1
View File

@@ -96,6 +96,7 @@ function Get-GeneralInfo {
"OS Version" = $OperatingSystem.Version "OS Version" = $OperatingSystem.Version
"OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate) "OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate)
"Domain Role" = $ComputerRole "Domain Role" = $ComputerRole
"Domain Role Id" = $ComputerSystem.DomainRole
"Domain" = $ComputerSystem.Domain "Domain" = $ComputerSystem.Domain
"Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds) "Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds)
} }
@@ -162,6 +163,86 @@ function Get-NetworkConfiguration {
return $NetworkConfiguration return $NetworkConfiguration
}
function Get-FirewallInfo {
param(
[string]$Target
)
$FirewallProfiles = Invoke-Command -ComputerName $Target -ScriptBlock {
Get-NetFirewallProfile
}
$FirewallInfo = @()
foreach ($profile in $FirewallProfiles) {
$FirewallInfo += @{
"Profile Name" = $profile.Name
"Enabled" = $profile.Enabled
"Default Inbound Action" = $profile.DefaultInboundAction
"Default Outbound Action" = $profile.DefaultOutboundAction
#"AllowInboundRules" = $profile.AllowInboundRules
#"AllowLocalFirewallRules" = $profile.AllowLocalFirewallRules
#"AllowLocalIPsecRules" = $profile.AllowLocalIPsecRules
}
}
return $FirewallInfo
}
function Get-Roles {
param(
[string]$Target
)
$Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }}
$RolesInfo = @()
foreach ($role in $Roles) {
$RolesInfo += @{
"Role Name" = $role.Name
"Description" = $role.Description
"Status" = $role.InstallState
}
}
return $RolesInfo
}
function Get-LocalUserAdmins {
param(
[string]$Target
)
$LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock {
$SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select SID
if ($SIDs){
$LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value
}else{
$LocalAdmins = ""
}
$LocalAdmins
}
$LocalAdminsInfo = @()
foreach ($user in $LocalUserAdmins) {
$lastLogon = if($user.LastLogon){
([string]((Get-Date) - $user.LastLogon).days) + " days ago"
}
$passwordLastSet = if($user.PasswordLastSet){
([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago"
}
$LocalAdminsInfo += @{
"Username" = $user.Name
"Display Name" = $user.FullName
"Description" = $user.Description
"Enabled" = $user.Enabled
"Last Logon" = $lastLogon
"Password Last Set" = $passwordLastSet
}
}
return $LocalAdminsInfo
} }
#endregion #endregion
@@ -199,5 +280,22 @@ foreach ($server in $Target) {
Write-Message -Type "Success" Write-Message -Type "Success"
Write-Verbose ($NetworkConfiguration | Out-String) Write-Verbose ($NetworkConfiguration | Out-String)
Write-Message -Message "Collecting firewall configuration"
$FirewallConfiguration = Get-FirewallInfo -Target $server
Write-Message -Type "Success"
Write-Verbose ($FirewallConfiguration | Out-String)
Write-Message -Message "Collecting server roles information"
if($GeneralInfo.'Domain Role Id' -ge 2) {
$ServerRoles = Get-Roles -Target $server
}else {
$ServerRoles = ""
}
Write-Message -Type "Success"
Write-Verbose ($ServerRoles | Out-String)
} }