<# .SYNOPSIS Získání základních informací o serveru. .DESCRIPTION A detailed description of the script's functionality and usage. .PARAMETER Description of a parameter that the script takes. .EXAMPLE An example of how to use the script. .NOTES Author: Petr Štěpán Company: Total Service a.s. Version: 1.0 .LINK Link to more information or related resources. #> #Requires -RunAsAdministrator #Requires -Modules PSWriteHTML param( [string[]]$Target = $env:COMPUTERNAME, [switch]$Verbose, [string]$Path ) #refion Set Environment $ErrorActionPreference = 'Stop' if($Verbose) { $VerbosePreference = 'Continue' } else { $VerbosePreference = 'SilentlyContinue' } #region Functions # Function to write messages to the console function Write-Message { param( [string]$Message, [ValidateSet("Info", "Warning", "Error", "Success")] [string]$Type, [int]$FixedWidth = 100 ) if ($Message) { $timestamp = Get-Date -Format "dd.M.yyyy HH:mm:ss" $totalLength = $fixedWidth - $timestamp.Length - 10 - 6 # Length of timestamp, brackets, spaces, and status $paddedMessage = $message.PadRight($totalLength, ".") $formattedMessage = "[{0}] {1} " -f $timestamp, $paddedMessage Write-Host $formattedMessage -NoNewline } if($Type) { $Color = switch ($Type) { "Info" { "White" } "Warning" { "Yellow" } "Error" { "Red" } "Success" { "Green" } Default { "White" } } Write-Host "[" -NoNewline Write-Host $Type -ForegroundColor $Color -NoNewline Write-Host "]" } } function Get-GeneralInfo { param( [string]$Target ) $ComputerSystem = Get-WmiObject -computername $Target Win32_ComputerSystem $OperatingSystem = Get-WmiObject -computername $Target Win32_OperatingSystem switch ($ComputerSystem.DomainRole){ 0 { $ComputerRole = "Standalone Workstation" } 1 { $ComputerRole = "Member Workstation" } 2 { $ComputerRole = "Standalone Server" } 3 { $ComputerRole = "Member Server" } 4 { $ComputerRole = "Domain Controller" } 5 { $ComputerRole = "Domain Controller" } default { $ComputerRole = "Information not available" } } $uptime = (Get-Date) - $OperatingSystem.ConvertToDateTime($OperatingSystem.Lastbootuptime) $GeneralInfo =[ordered] @{ "ComputerName" = $ComputerSystem.Name "OS" = $OperatingSystem.Caption "OS Version" = $OperatingSystem.Version "OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate) "Domain Role" = $ComputerRole "Domain Role Id" = $ComputerSystem.DomainRole "Domain" = $ComputerSystem.Domain "Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds) } return $GeneralInfo } function Get-HardwareInfo { param ( [string]$Target ) $ComputerSystem = Get-WmiObject -computername $Target Win32_ComputerSystem $Processor = Get-WmiObject -computername $Target Win32_Processor $Memory = Get-WmiObject -computername $Target Win32_PhysicalMemory $Disk = Get-WmiObject -computername $Target Win32_LogicalDisk $LogicalDrives = @() Foreach ($LDrive in ($Disk | Where-Object {$_.DriveType -eq 3})){ $Details = [pscustomobject] @{ "Drive Letter" = $LDrive.DeviceID "Label" = $LDrive.VolumeName "File System" = $LDrive.FileSystem "Disk Size (GB)" = [math]::round(($LDrive.size / 1GB)) "Disk Free Space" = [math]::round(($LDrive.FreeSpace / 1GB)) "% Free Space" = [Math]::Round(($LDrive.FreeSpace /1GB) / ($LDrive.Size / 1GB) * 100) } $LogicalDrives += $Details } $HardwareInfo = [ordered] @{ "Manufacturer" = $ComputerSystem.Manufacturer "Model" = $ComputerSystem.Model "Processor Cores" = $Processor.NumberOfCores "Memory" = (($Memory | Measure-Object -Property capacity -Sum).sum /1gb) "Disk" = $LogicalDrives } return $HardwareInfo } function Get-NetworkConfiguration { param( [string]$Target ) $NetworkAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapterConfiguration | Where-Object { $_.IPEnabled -eq $true } $NetworkConfiguration = @() foreach ($Adapter in $NetworkAdapter) { $netAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapter | Where-Object { $_.DeviceID -eq $adapter.Index } $NetworkInfo = [ordered] @{ "Interface Name" = $netAdapter.Name "IP Address" = ($Adapter.IPAddress -join ", ") "Subnet Mask" = ($Adapter.IPSubnet -join ", ") "Default Gateway" = ($Adapter.DefaultIPGateway -join ", ") "DHCP Enabled" = $Adapter.DHCPEnabled "MAC Address" = $Adapter.MACAddress "DNS Servers" = ($Adapter.DNSServerSearchOrder -join ", ") } $NetworkConfiguration += $NetworkInfo } return $NetworkConfiguration } function Get-FirewallInfo { param( [string]$Target ) $FirewallProfiles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-NetFirewallProfile } $FirewallInfo = @() foreach ($profile in $FirewallProfiles) { $FirewallInfo += [pscustomobject]@{ "Profile Name" = $profile.Name "Enabled" = $profile.Enabled "Default Inbound Action" = $profile.DefaultInboundAction "Default Outbound Action" = $profile.DefaultOutboundAction #"AllowInboundRules" = $profile.AllowInboundRules #"AllowLocalFirewallRules" = $profile.AllowLocalFirewallRules #"AllowLocalIPsecRules" = $profile.AllowLocalIPsecRules } } return $FirewallInfo } function Get-Roles { param( [string]$Target ) $Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }} $RolesInfo = @() foreach ($role in $Roles) { $RolesInfo += [pscustomobject]@{ "Role Name" = $role.Name "Description" = $role.Description "Status" = $role.InstallState } } return $RolesInfo } function Get-LocalUserAdmins { param( [string]$Target ) $LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock { $SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select-Object SID if ($SIDs){ $LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value }else{ $LocalAdmins = "" } $LocalAdmins } $LocalAdminsInfo = @() foreach ($user in $LocalUserAdmins) { $lastLogon = if($user.LastLogon){ ([string]((Get-Date) - $user.LastLogon).days) + " days ago" } $passwordLastSet = if($user.PasswordLastSet){ ([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago" } $LocalAdminsInfo += [pscustomobject]@{ "Username" = $user.Name "Display Name" = $user.FullName "Description" = $user.Description "Enabled" = $user.Enabled "Last Logon" = $lastLogon "Password Last Set" = $passwordLastSet } } return $LocalAdminsInfo } function Get-InstalledApplication { param( [string]$Target ) #$InstalledApps = Get-WmiObject -Class Win32_Product -ComputerName $Target | Select-Object Name, Version, Vendor, InstallDate $InstalledApps = Invoke-Command -ComputerName $Target -ScriptBlock { $registryPaths = @( "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*", "HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*" ) $Apps = foreach ($path in $registryPaths) { Get-ItemProperty -Path $path -ErrorAction SilentlyContinue | Where-Object { $_.DisplayName } | Select-Object @{Name='Name';Expression={$_.DisplayName}}, @{Name='Version';Expression={$_.DisplayVersion}}, @{Name='Publisher';Expression={$_.Publisher}}, @{Name='InstallDate';Expression={if ($_.InstallDate) { [datetime]::ParseExact($_.InstallDate, 'yyyyMMdd', $null) } else { $null }}} } $Apps } return $InstalledApps | Select-Object Name, Version, Publisher, InstallDate } function Get-Services { param( [string]$Target ) $Services = Get-Service -ComputerName $Target $ServicesInfo = @() foreach ($service in $Services) { $ServicesInfo += [pscustomobject]@{ "Service Name" = $service.Name "Display Name" = $service.DisplayName "Status" = $service.Status "Start Mode" = $service.StartType } } return $ServicesInfo } function Get-ScheduledTasks { param( [string]$Target ) $ScheduledTasksInfo = Invoke-Command -ComputerName $Target -ScriptBlock { $Tasks = Get-ScheduledTask $ScheduledTasks = @() foreach ($task in $Tasks) { $TaskInfo = Get-ScheduledTaskInfo -TaskName $task.TaskName -TaskPath $task.TaskPath $ScheduledTasks += [pscustomobject]@{ "Task Name" = $task.TaskName "Task Path" = $task.TaskPath "Task State" = $task.State "RunAS" = $Task.Principal.UserId "Task Last Run Time" = $TaskInfo.LastRunTime "Task Next Run Time" = $TaskInfo.NextRunTime "Last Task Result" = $TaskInfo.LastTaskResult "Autor" = $Task.Author } } $ScheduledTasks } return $ScheduledTasksInfo } <# function Get-WindowsUpdateSettings { param( [string]$Target ) $WindowsUpdateSettings = Invoke-Command -ComputerName $Target -ScriptBlock { $WindowsUpdates = (New-Object -ComObject "Microsoft.Update.AutoUpdate").Settings $WindowsUpdates } return $WindowsUpdateSettings } #> #endregion Write-Host " _____ ____ _ _ _ _ |_ _/ ___| / \ _ _ __| (_) |_ | | \___ \ / _ \| | | |/ _` | | __| | | ___) | / ___ \ |_| | (_| | | |_ |_| |____/ /_/ \_\__,_|\__,_|_|\__| " Write-Message -Message "Number of targets selected for audit $($Target.Count)" -Type "Info" foreach ($server in $Target) { Write-Message -Message "Starting audit on $server" -Type "Info" Write-Message -Message "Testing connection to $server" if (Test-Connection -ComputerName $server -Count 1 -Quiet) { Write-Message -Type "Success" } else { Write-Message -Type "Error" break } Write-Message -Message "Collecting general information" $GeneralInfo = Get-GeneralInfo -Target $server Write-Message -Type "Success" Write-Verbose ($GeneralInfo | Out-String) Write-Message -Message "Collecting hardware information" $HardwareInfo = Get-HardwareInfo -Target $server Write-Message -Type "Success" Write-Verbose ($HardwareInfo | Out-String) Write-Message -Message "Collecting network configuration" $NetworkConfiguration = Get-NetworkConfiguration -Target $server Write-Message -Type "Success" Write-Verbose ($NetworkConfiguration | Out-String) Write-Message -Message "Collecting firewall configuration" $FirewallConfiguration = Get-FirewallInfo -Target $server Write-Message -Type "Success" Write-Verbose ($FirewallConfiguration | Out-String) Write-Message -Message "Collecting information about local admins" $LocalAdminsInfo = Get-LocalUserAdmins -Target $server Write-Message -Type "Success" Write-Verbose ($LocalAdminsInfo | Out-String) Write-Message -Message "Collecting Scheduled Tasks information" $ScheduledTasksInfo = Get-ScheduledTasks -Target $server Write-Message -Type "Success" Write-Verbose ($ScheduledTasksInfo | Out-String) Write-Message -Message "Collecting server roles information" if($GeneralInfo.'Domain Role Id' -ge 2) { $ServerRoles = Get-Roles -Target $server }else { $ServerRoles = "" } Write-Message -Type "Success" Write-Verbose ($ServerRoles | Out-String) Write-Message -Message "Collecting installed applications" $InstalledApplications = Get-InstalledApplication -Target $server Write-Message -Type "Success" Write-Verbose ($InstalledApplications| Out-String) Write-Message -Message "Collecting information about services" $ServicesInfo = Get-Services -Target $server Write-Message -Type "Success" Write-Verbose ($ServicesInfo | Out-String) #region HTML Report Write-Message -Message "Generating HTML report" $dateTime = Get-Date -Format "yyyy-MM-dd_HH-mm-ss" if(!$Path) { $Path = $PSScriptRoot +"\" + $server + "_" + $dateTime + ".html" } New-HTML -TitleText "$server $dateTime" -Online:$true -FilePath $Path -ShowHTML { New-HTMLHeader { New-HTMLSection -Invisible { New-HTMLPanel -Invisible { New-HTMLImage -Source 'https://git.totalservice.cz/public/MSClientOnBoarding/raw/branch/main/logo/total_service_logo.png' -UrlLink 'https://totalservice.cz' -AlternativeText 'Total Service' -Class 'otehr' -Width '5%' } New-HTMLPanel -Invisible { New-HTMLHeading -HeadingText "Audit: $server" -Heading h1 } } } New-HTMLTab -TabName 'General Information' { New-HTMLSection -HeaderText 'General Information' { New-HTMLPanel { New-HTMLTable -DataTable $GeneralInfo -ExcludeProperty 'Domain Role Id' -HideFooter -Simplify { New-TableHeader -Title 'General Information' } } New-HTMLPanel { $data = [ordered] @{ "Manufacturer" = $HardwareInfo.Manufacturer "Model" = $HardwareInfo.Model "Processor Cores" = $HardwareInfo.'Processor Cores' "Memory (GB)" = $HardwareInfo.Memory } New-HTMLTable -DataTable $data -HideFooter -Simplify { New-TableHeader -Title 'Hardware' } } New-HTMLPanel { New-HTMLTable -DataTable $HardwareInfo.Disk -HideFooter -Simplify { New-TableHeader -Title 'Disk' -Alignment 'left' } } } New-HTMLSection -HeaderText 'Users & Groups' { New-HTMLPanel { New-HTMLTable -DataTable $LocalAdminsInfo -HideFooter -HideButtons { New-TableHeader -Title 'Local Admins' } } } New-HTMLSection -HeaderText 'Networking' { New-HTMLPanel { New-HTMLTable -DataTable $NetworkConfiguration -HideFooter -Simplify { New-TableHeader -Title 'Network Configuration' } } New-HTMLPanel { New-HTMLTable -DataTable $FirewallConfiguration -HideFooter -Simplify { New-TableHeader -Title 'Firewall Configuration' } } } New-HTMLSection -Invisible { New-HTMLSection -HeaderText 'Scheduled Tasks' { New-HTMLTable -DataTable $ScheduledTasksInfo -HideFooter -Title "$server $dateTime Scheduled Tasks" { New-TableHeader -Title 'Task Scheduler' } } New-HTMLSection -HeaderText 'Server Roles' { New-HTMLPanel { New-HTMLTable -DataTable $ServerRoles -HideFooter -HideButtons { New-TableHeader -Title 'Server Roles' } } } } } New-HTMLTab -TabName 'Installed Applications' { New-HTMLSection -HeaderText 'Applications list' { New-HTMLPanel { New-HTMLTable -DataTable $InstalledApplications -HideFooter -PagingLength 50 -Title "$server $dateTime Installed Apps" { # Title will be used for filename when using export New-TableHeader -Title 'Installed Applications' } } } } New-HTMLTab -TabName 'Services' { New-HTMLSection -HeaderText 'Services' { New-HTMLPanel { New-HTMLTable -DataTable $ServicesInfo -HideFooter -PagingLength 50 -Title "$server $dateTime Installed Apps" { # Title will be used for filename when using export New-TableHeader -Title 'Services' } } } } } Write-Message -Type "Success" }