public/MSClientOnBoarding
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
MSClientOnBoarding/start-audit.ps1

504 lines
17 KiB
PowerShell
Raw Permalink Blame History

<#
.SYNOPSIS
Získání základních informací o serveru.
.DESCRIPTION
A detailed description of the script's functionality and usage.
.PARAMETER <Parameter_Name>
Description of a parameter that the script takes.
.EXAMPLE
An example of how to use the script.
.NOTES
Author: Petr Štěpán
Company: Total Service a.s.
Version: 1.0
.LINK
Link to more information or related resources.
#>
#Requires -RunAsAdministrator
#Requires -Modules PSWriteHTML
param(
[string[]]$Target = $env:COMPUTERNAME,
[switch]$Verbose,
[string]$Path
)
#refion Set Environment
$ErrorActionPreference = 'Stop'
if($Verbose) {
$VerbosePreference = 'Continue'
} else {
$VerbosePreference = 'SilentlyContinue'
}
#region Functions
# Function to write messages to the console
function Write-Message {
param(
[string]$Message,
[ValidateSet("Info", "Warning", "Error", "Success")]
[string]$Type,
[int]$FixedWidth = 100
)
if ($Message) {
$timestamp = Get-Date -Format "dd.M.yyyy HH:mm:ss"
$totalLength = $fixedWidth - $timestamp.Length - 10 - 6 # Length of timestamp, brackets, spaces, and status
$paddedMessage = $message.PadRight($totalLength, ".")
$formattedMessage = "[{0}] {1} " -f $timestamp, $paddedMessage
Write-Host $formattedMessage -NoNewline
}
if($Type) {
$Color = switch ($Type) {
"Info" { "White" }
"Warning" { "Yellow" }
"Error" { "Red" }
"Success" { "Green" }
Default { "White" }
}
Write-Host "[" -NoNewline
Write-Host $Type -ForegroundColor $Color -NoNewline
Write-Host "]"
}
}
function Get-GeneralInfo {
param(
[string]$Target
)
$ComputerSystem = Get-WmiObject -computername $Target Win32_ComputerSystem
$OperatingSystem = Get-WmiObject -computername $Target Win32_OperatingSystem
switch ($ComputerSystem.DomainRole){
0 { $ComputerRole = "Standalone Workstation" }
1 { $ComputerRole = "Member Workstation" }
2 { $ComputerRole = "Standalone Server" }
3 { $ComputerRole = "Member Server" }
4 { $ComputerRole = "Domain Controller" }
5 { $ComputerRole = "Domain Controller" }
default { $ComputerRole = "Information not available" }
}
$uptime = (Get-Date) - $OperatingSystem.ConvertToDateTime($OperatingSystem.Lastbootuptime)
$GeneralInfo =[ordered] @{
"ComputerName" = $ComputerSystem.Name
"OS" = $OperatingSystem.Caption
"OS Version" = $OperatingSystem.Version
"OSInstallDate" = $OperatingSystem.ConvertToDateTime($OperatingSystem.InstallDate)
"Domain Role" = $ComputerRole
"Domain Role Id" = $ComputerSystem.DomainRole
"Domain" = $ComputerSystem.Domain
"Uptime" = ("{0} days, {1} hours, {2} minutes, {3} seconds" -f $uptime.Days, $uptime.Hours, $uptime.Minutes, $uptime.Seconds)
}
return $GeneralInfo
}
function Get-HardwareInfo {
param (
[string]$Target
)
$ComputerSystem = Get-WmiObject -computername $Target Win32_ComputerSystem
$Processor = Get-WmiObject -computername $Target Win32_Processor
$Memory = Get-WmiObject -computername $Target Win32_PhysicalMemory
$Disk = Get-WmiObject -computername $Target Win32_LogicalDisk
$LogicalDrives = @()
Foreach ($LDrive in ($Disk | Where-Object {$_.DriveType -eq 3})){
$Details = [pscustomobject] @{
"Drive Letter" = $LDrive.DeviceID
"Label" = $LDrive.VolumeName
"File System" = $LDrive.FileSystem
"Disk Size (GB)" = [math]::round(($LDrive.size / 1GB))
"Disk Free Space" = [math]::round(($LDrive.FreeSpace / 1GB))
"% Free Space" = [Math]::Round(($LDrive.FreeSpace /1GB) / ($LDrive.Size / 1GB) * 100)
}
$LogicalDrives += $Details
}
$HardwareInfo = [ordered] @{
"Manufacturer" = $ComputerSystem.Manufacturer
"Model" = $ComputerSystem.Model
"Processor Cores" = $Processor.NumberOfCores
"Memory" = (($Memory | Measure-Object -Property capacity -Sum).sum /1gb)
"Disk" = $LogicalDrives
}
return $HardwareInfo
}
function Get-NetworkConfiguration {
param(
[string]$Target
)
$NetworkAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapterConfiguration | Where-Object { $_.IPEnabled -eq $true }
$NetworkConfiguration = @()
foreach ($Adapter in $NetworkAdapter) {
$netAdapter = Get-WmiObject -computername $Target Win32_NetworkAdapter | Where-Object { $_.DeviceID -eq $adapter.Index }
$NetworkInfo = [ordered] @{
"Interface Name" = $netAdapter.Name
"IP Address" = ($Adapter.IPAddress -join ", ")
"Subnet Mask" = ($Adapter.IPSubnet -join ", ")
"Default Gateway" = ($Adapter.DefaultIPGateway -join ", ")
"DHCP Enabled" = $Adapter.DHCPEnabled
"MAC Address" = $Adapter.MACAddress
"DNS Servers" = ($Adapter.DNSServerSearchOrder -join ", ")
}
$NetworkConfiguration += $NetworkInfo
}
return $NetworkConfiguration
}
function Get-FirewallInfo {
param(
[string]$Target
)
$FirewallProfiles = Invoke-Command -ComputerName $Target -ScriptBlock {
Get-NetFirewallProfile
}
$FirewallInfo = @()
foreach ($profile in $FirewallProfiles) {
$FirewallInfo += [pscustomobject]@{
"Profile Name" = $profile.Name
"Enabled" = $profile.Enabled
"Default Inbound Action" = $profile.DefaultInboundAction
"Default Outbound Action" = $profile.DefaultOutboundAction
#"AllowInboundRules" = $profile.AllowInboundRules
#"AllowLocalFirewallRules" = $profile.AllowLocalFirewallRules
#"AllowLocalIPsecRules" = $profile.AllowLocalIPsecRules
}
}
return $FirewallInfo
}
function Get-Roles {
param(
[string]$Target
)
$Roles = Invoke-Command -ComputerName $Target -ScriptBlock { Get-WindowsFeature | Where-Object { $_.Installed -eq $true }}
$RolesInfo = @()
foreach ($role in $Roles) {
$RolesInfo += [pscustomobject]@{
"Role Name" = $role.Name
"Description" = $role.Description
"Status" = $role.InstallState
}
}
return $RolesInfo
}
function Get-LocalUserAdmins {
param(
[string]$Target
)
$LocalUserAdmins = Invoke-Command -ComputerName $Target -ScriptBlock {
$SIDs = Get-LocalGroupMember -Group "Administrators" -ErrorAction SilentlyContinue | Where-Object {$_.PrincipalSource -eq "Local"} | Select-Object SID
if ($SIDs){
$LocalAdmins = Get-LocalUser -SID $SIDs.SID.Value
}else{
$LocalAdmins = ""
}
$LocalAdmins
}
$LocalAdminsInfo = @()
foreach ($user in $LocalUserAdmins) {
$lastLogon = if($user.LastLogon){
([string]((Get-Date) - $user.LastLogon).days) + " days ago"
}
$passwordLastSet = if($user.PasswordLastSet){
([string]((Get-Date) - $user.PasswordLastSet).days) + " days ago"
}
$LocalAdminsInfo += [pscustomobject]@{
"Username" = $user.Name
"Display Name" = $user.FullName
"Description" = $user.Description
"Enabled" = $user.Enabled
"Last Logon" = $lastLogon
"Password Last Set" = $passwordLastSet
}
}
return $LocalAdminsInfo
}
function Get-InstalledApplication {
param(
[string]$Target
)
#$InstalledApps = Get-WmiObject -Class Win32_Product -ComputerName $Target | Select-Object Name, Version, Vendor, InstallDate
$InstalledApps = Invoke-Command -ComputerName $Target -ScriptBlock {
$registryPaths = @(
"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\*",
"HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*",
"HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*"
)
$Apps = foreach ($path in $registryPaths) {
Get-ItemProperty -Path $path -ErrorAction SilentlyContinue | Where-Object { $_.DisplayName } | Select-Object @{Name='Name';Expression={$_.DisplayName}}, @{Name='Version';Expression={$_.DisplayVersion}}, @{Name='Publisher';Expression={$_.Publisher}}, @{Name='InstallDate';Expression={if ($_.InstallDate) { [datetime]::ParseExact($_.InstallDate, 'yyyyMMdd', $null) } else { $null }}}
}
$Apps
}
return $InstalledApps | Select-Object Name, Version, Publisher, InstallDate
}
function Get-Services {
param(
[string]$Target
)
$Services = Get-Service -ComputerName $Target
$ServicesInfo = @()
foreach ($service in $Services) {
$ServicesInfo += [pscustomobject]@{
"Service Name" = $service.Name
"Display Name" = $service.DisplayName
"Status" = $service.Status
"Start Mode" = $service.StartType
}
}
return $ServicesInfo
}
function Get-ScheduledTasks {
param(
[string]$Target
)
$ScheduledTasksInfo = Invoke-Command -ComputerName $Target -ScriptBlock {
$Tasks = Get-ScheduledTask
$ScheduledTasks = @()
foreach ($task in $Tasks) {
$TaskInfo = Get-ScheduledTaskInfo -TaskName $task.TaskName -TaskPath $task.TaskPath
$ScheduledTasks += [pscustomobject]@{
"Task Name" = $task.TaskName
"Task Path" = $task.TaskPath
"Task State" = $task.State
"RunAS" = $Task.Principal.UserId
"Task Last Run Time" = $TaskInfo.LastRunTime
"Task Next Run Time" = $TaskInfo.NextRunTime
"Last Task Result" = $TaskInfo.LastTaskResult
"Autor" = $Task.Author
}
}
$ScheduledTasks
}
return $ScheduledTasksInfo
}
<# function Get-WindowsUpdateSettings {
param(
[string]$Target
)
$WindowsUpdateSettings = Invoke-Command -ComputerName $Target -ScriptBlock {
$WindowsUpdates = (New-Object -ComObject "Microsoft.Update.AutoUpdate").Settings
$WindowsUpdates
}
return $WindowsUpdateSettings
} #>
#endregion
Write-Host "
_____ ____ _ _ _ _
|_ _/ ___| / \ _ _ __| (_) |_
| | \___ \ / _ \| | | |/ _` | | __|
| | ___) | / ___ \ |_| | (_| | | |_
|_| |____/ /_/ \_\__,_|\__,_|_|\__|
"
Write-Message -Message "Number of targets selected for audit $($Target.Count)" -Type "Info"
foreach ($server in $Target) {
Write-Message -Message "Starting audit on $server" -Type "Info"
Write-Message -Message "Testing connection to $server"
if (Test-Connection -ComputerName $server -Count 1 -Quiet) {
Write-Message -Type "Success"
} else {
Write-Message -Type "Error"
break
}
Write-Message -Message "Collecting general information"
$GeneralInfo = Get-GeneralInfo -Target $server
Write-Message -Type "Success"
Write-Verbose ($GeneralInfo | Out-String)
Write-Message -Message "Collecting hardware information"
$HardwareInfo = Get-HardwareInfo -Target $server
Write-Message -Type "Success"
Write-Verbose ($HardwareInfo | Out-String)
Write-Message -Message "Collecting network configuration"
$NetworkConfiguration = Get-NetworkConfiguration -Target $server
Write-Message -Type "Success"
Write-Verbose ($NetworkConfiguration | Out-String)
Write-Message -Message "Collecting firewall configuration"
$FirewallConfiguration = Get-FirewallInfo -Target $server
Write-Message -Type "Success"
Write-Verbose ($FirewallConfiguration | Out-String)
Write-Message -Message "Collecting information about local admins"
$LocalAdminsInfo = Get-LocalUserAdmins -Target $server
Write-Message -Type "Success"
Write-Verbose ($LocalAdminsInfo | Out-String)
Write-Message -Message "Collecting Scheduled Tasks information"
$ScheduledTasksInfo = Get-ScheduledTasks -Target $server
Write-Message -Type "Success"
Write-Verbose ($ScheduledTasksInfo | Out-String)
Write-Message -Message "Collecting server roles information"
if($GeneralInfo.'Domain Role Id' -ge 2) {
$ServerRoles = Get-Roles -Target $server
}else {
$ServerRoles = ""
}
Write-Message -Type "Success"
Write-Verbose ($ServerRoles | Out-String)
Write-Message -Message "Collecting installed applications"
$InstalledApplications = Get-InstalledApplication -Target $server
Write-Message -Type "Success"
Write-Verbose ($InstalledApplications| Out-String)
Write-Message -Message "Collecting information about services"
$ServicesInfo = Get-Services -Target $server
Write-Message -Type "Success"
Write-Verbose ($ServicesInfo | Out-String)
#region HTML Report
Write-Message -Message "Generating HTML report"
$dateTime = Get-Date -Format "yyyy-MM-dd_HH-mm-ss"
if(!$Path) {
$Path = $PSScriptRoot +"\" + $server + "_" + $dateTime + ".html"
}
New-HTML -TitleText "$server $dateTime" -Online:$true -FilePath $Path -ShowHTML {
New-HTMLHeader {
New-HTMLSection -Invisible {
New-HTMLPanel -Invisible {
New-HTMLImage -Source 'https://git.totalservice.cz/public/MSClientOnBoarding/raw/branch/main/logo/total_service_logo.png' -UrlLink 'https://totalservice.cz' -AlternativeText 'Total Service' -Class 'otehr' -Width '5%'
}
New-HTMLPanel -Invisible {
New-HTMLHeading -HeadingText "Audit: $server" -Heading h1
}
}
}
New-HTMLTab -TabName 'General Information' {
New-HTMLSection -HeaderText 'General Information' {
New-HTMLPanel {
New-HTMLTable -DataTable $GeneralInfo -ExcludeProperty 'Domain Role Id' -HideFooter -Simplify {
New-TableHeader -Title 'General Information'
}
}
New-HTMLPanel {
$data = [ordered] @{
"Manufacturer" = $HardwareInfo.Manufacturer
"Model" = $HardwareInfo.Model
"Processor Cores" = $HardwareInfo.'Processor Cores'
"Memory (GB)" = $HardwareInfo.Memory
}
New-HTMLTable -DataTable $data -HideFooter -Simplify {
New-TableHeader -Title 'Hardware'
}
}
New-HTMLPanel {
New-HTMLTable -DataTable $HardwareInfo.Disk -HideFooter -Simplify {
New-TableHeader -Title 'Disk' -Alignment 'left'
}
}
}
New-HTMLSection -HeaderText 'Users & Groups' {
New-HTMLPanel {
New-HTMLTable -DataTable $LocalAdminsInfo -HideFooter -HideButtons {
New-TableHeader -Title 'Local Admins'
}
}
}
New-HTMLSection -HeaderText 'Networking' {
New-HTMLPanel {
New-HTMLTable -DataTable $NetworkConfiguration -HideFooter -Simplify {
New-TableHeader -Title 'Network Configuration'
}
}
New-HTMLPanel {
New-HTMLTable -DataTable $FirewallConfiguration -HideFooter -Simplify {
New-TableHeader -Title 'Firewall Configuration'
}
}
}
New-HTMLSection -Invisible {
New-HTMLSection -HeaderText 'Scheduled Tasks' {
New-HTMLTable -DataTable $ScheduledTasksInfo -HideFooter -Title "$server $dateTime Scheduled Tasks" {
New-TableHeader -Title 'Task Scheduler'
}
}
New-HTMLSection -HeaderText 'Server Roles' {
New-HTMLPanel {
New-HTMLTable -DataTable $ServerRoles -HideFooter -HideButtons {
New-TableHeader -Title 'Server Roles'
}
}
}
}
}
New-HTMLTab -TabName 'Installed Applications' {
New-HTMLSection -HeaderText 'Applications list' {
New-HTMLPanel {
New-HTMLTable -DataTable $InstalledApplications -HideFooter -PagingLength 50 -Title "$server $dateTime Installed Apps" { # Title will be used for filename when using export
New-TableHeader -Title 'Installed Applications'
}
}
}
}
New-HTMLTab -TabName 'Services' {
New-HTMLSection -HeaderText 'Services' {
New-HTMLPanel {
New-HTMLTable -DataTable $ServicesInfo -HideFooter -PagingLength 50 -Title "$server $dateTime Installed Apps" { # Title will be used for filename when using export
New-TableHeader -Title 'Services'
}
}
}
}
}
Write-Message -Type "Success"
}
Reference in New Issue View Git Blame Copy Permalink