Showing posts with label Get-ADComputer. Show all posts
Showing posts with label Get-ADComputer. Show all posts

Saturday, August 23, 2014

Powershell - get all host files on domain.


Purpose: This script will search AD for Window computers and attempted to connect to each one. Then it will read the contents of the host file and write them to a csv file.

Note: This will take a while to run unless someone wants to make it multithreaded.
I just wrote this so there may need to be some bug fixes but in general it seemed to work. 

#Read all host files and write to CSV file


Import-Module ActiveDirectory

$PATH = "c:\temp\hostfiles.csv"


   $myCol = @()
   
$AllComputers = Get-ADComputer -Filter {OperatingSystem -Like "Windows*"} -Property * | Select -Expand Name

foreach ($Computer in $AllComputers){
$i++

Write-Progress -activity "Scanning Machine $Computer " -status "Scanned: $i of $($AllComputers.Count)" -percentComplete (($i / $AllComputers.Count)  * 100)
 Get-Content -Path "\\$Computer\c$\windows\system32\drivers\etc\hosts" |             
 where {!$_.StartsWith("#")} |            
 foreach {            
  if ($_ -ne ""){            
  $data = $_ -split " ",2            
  $Hosts = New-Object -TypeName PSObject -Property @{            
     Host = $Computer
  IPAddress = $data[0].Trim()   
  Node = $data[1].Trim()            
              
   }            
  } 
  $myCol += $Hosts
 }    
 $myCol |Select Host,Node,IPAddress| Export-Csv -Path $PATH -NoTypeInformation
}
- No comments:
Labels: , , , , , , , , ,

Thursday, May 9, 2013

Powershell: Read servers from AD and search for shares and return ACL permissions


Purpose:
Connects to active directory and pulls a list of all computer objects that are servers and check ACL permissions 

  
Import-Module ActiveDirectory
#Most of the information to do this was from this site.
#http://blogs.technet.com/b/heyscriptingguy/archive/2009/09/14/hey-scripting-guy-september-14-2009.aspx

Function Get-ACLPermissions($Share){

    $acl = Get-Acl -Path $Share

return $ACL

}


function Get-MyShares

{
#Function by
#http://www.peetersonline.nl/2008/11/finding-shares-with-powershell/

     param([string]$Server)
     $Shares = Get-WmiObject -Class Win32_Share -ComputerName $Server
     $output = @()
         ForEach ($Share in $Shares)
         {
              $fullpath = “\\{0}\{1}” -f $server, $share.name
              Add-Member -MemberType NoteProperty -InputObject $Share -Name FullPath -Value $fullpath
              $output += $Share
         }
         Return $output
}

#Path to where the CSV file is written to
$PathtoCSV = "C:\temp\AuditACL.csv"

#Create Header in CSV
"Server;Share;Username;FileSystemRights;AccessControlType;IsInherited;InheritanceFlags" > $PathtoCSV 
#Get all computers that are servers from AD
$Servers = Get-ADComputer -Filter {OperatingSystem -Like "Windows Server*"} -Property * | Select -Expand Name
$i = 0
foreach ($Server in $Servers)
# update counter and write progress
{
   $i++
   Write-Progress -activity "Scanning Machine $Server" -status "Scanned: $i of $($Servers.Count)" -percentComplete (($i / $Servers.Count)  * 100)
   
# Get all Shares on server
    $Shares = Get-MyShares $Server | Select -ExpandProperty Name 
        foreach ($Share_Current in $Shares){
        #Process all Shares on Server
            $fullpath = "\\$Server\$Share_Current"
            $ShareACL = Get-ACLPermissions $fullpath
            $o = 0
            $ShareACL.Access | ForEach-Object {
            $FileSystemRights = $ShareACL.Access[$o] | Select -ExpandProperty FileSystemRights #Example ReadAndExecute
            $AccessControlType = $ShareACL.Access[$o] | Select -ExpandProperty AccessControlType #Example Allow/Deny
            $IdentityReference = $ShareACL.Access[$o] | Select -ExpandProperty IdentityReference #Example Everyone,Username
            $IsInherited = $ShareACL.Access[$o] | Select -ExpandProperty IsInherited #Are Permissions inherited
            $InheritanceFlags = $ShareACL.Access[$o] | Select -ExpandProperty InheritanceFlags #Type of Inheritance ContainerInherit
            $PropagationFlags = $ShareACL.Access[$o] | Select -ExpandProperty PropagationFlags #PropagationFlags
            $o++

            switch -wildcard ($FileSystemRights) 
            { #Should be a better way to do this via function
                "268435456*" {$FileSystemRights = "FullControl"} 
                "-536805376*" {$FileSystemRights = "Modify, Synchronize"} 
                "-1610612736*" {$FileSystemRights = "ReadAndExecute, Synchronize"} 
            }
            $Combine = $Server,$fullpath,$IdentityReference,$FileSystemRights,$AccessControlType,$IsInherited,$InheritanceFlags
            Write-Host "$Combine to $PathtoCSV"
            $Combine -join ";" >> $PathtoCSV
        } 
}
}
- No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)

Powershell: Microsoft Graph to add new roles to application registration

PowerShell Script Bulk add new roles to application registration in azure. Update $roles with ,Us...