Scribd
Upload
396 views29 pages

Adreport ps1 v2

This PowerShell script collects and reports on various Active Directory configuration details for a specified domain, including domain, OU, user, group and computer object counts and properties. It retrieves information such as the domain name, FSMO roles, domain controllers, global catalogs, default password policy, and operating system versions of domain computers. The collected data is outputted to the screen in an easy to read format.

Uploaded by

Aman Juneja
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
396 views29 pages

Adreport ps1 v2

This PowerShell script collects and reports on various Active Directory configuration details for a specified domain, including domain, OU, user, group and computer object counts and properties. It retrieves information such as the domain name, FSMO roles, domain controllers, global catalogs, default password policy, and operating system versions of domain computers. The collected data is outputted to the screen in an easy to read format.

Uploaded by

Aman Juneja
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 29

################################################################################

################################################################################
## Script description
##
##
##
## Name
: ADReport.ps1
##
## Version : 0.2
##
## Date
: 2014-12-15
##
## Language : PowerShell cmd-lets
##
## License : Proprietary
##
## Owner
: Krzysztof Pytko (iSiek)
##
## Authors : Krzysztof Pytko (iSiek) <kpytko at go2 dot pl>
##
################################################################################
################################################################################
# Load PowerShell module for Active Directory
Import-Module ActiveDirectory
# Custom function to scan specified AD domain and collect data
function Get-DomainInfo($DomainName)
{
Write-Host ""
Write-Host -ForegroundColor white -BackgroundColor black "Collecting Act
ive Directory data..."
# Start of data collection for specified domain by function
$DomainInfo = Get-ADDomain $DomainName
# Variables definition
$domainSID = $DomainInfo.DomainSID
$domainDN = $DomainInfo.DistinguishedName
$domain = $DomainInfo.DNSRoot
$NetBIOS = $DomainInfo.NetBIOSName
$dfl = $DomainInfo.DomainMode
# Domain FSMO roles
$FSMOPDC = $DomainInfo.PDCEmulator
$FSMORID = $DomainInfo.RIDMaster
$FSMOInfrastructure = $DomainInfo.InfrastructureMaster
$DClist = $DomainInfo.ReplicaDirectoryServers
$RODCList = $DomainInfo.ReadOnlyReplicaDirectoryServers
$cmp_location = $DomainInfo.ComputersContainer
$usr_location = $DomainInfo.UsersContainer
$FGPPNo = "feature not supported"

# Get Domain Controller with at least Windows Server 2008 R2 OS


$DCListFiltered = Get-ADDomainController -Server $domain -Filter { opera
tingSystem -like "Windows Server 2008 R2*" -or operatingSystem -like "Windows Se
rver 2012*" -or operatingSystem -like "Windows Server Technical Preview" } | Se
lect * -ExpandProperty Name

$DCListFiltered | %{ $DCListFilteredIndex = $DCListFilteredIndex+1 }


# End of 2008R2 DC list
# if only one Windows Server 2008R2 Domain Controller exists
if ( $DCListFilteredIndex -eq 1 )
{
# Get information about Default Domain Password Policy
$pwdGPO = Get-ADDefaultDomainPasswordPolicy -Server $DCListFilte
red
# check DFL and get Fine-Grained Password Policies
if ( $dfl -like "Windows2008Domain" -or $dfl -like "Windows2008R
2Domain" -or $dfl -like "Windows2012Domain" -or $dfl -like "Windows2012R2Domain"
)
{
$FGPPNo = (Get-ADFineGrainedPasswordPolicy -Server $DCLi
stFiltered -Filter * | Measure-Object).Count
}
# End of Fine-Grained Password Policies section
# Get information about built-in domain Administrator account
$builtinAdmin = Get-ADuser -Identity $domainSID-500 -Server $DCL
istFiltered -Properties Name, LastLogonDate, PasswordLastSet, PasswordNeverExpir
es, whenCreated, Enabled

# Get total number of Domain Administrator group members


$domainAdminsNo = (Get-ADGroup -Identity $domainSID-512 -Server
$DCListFiltered | Get-ADGroupMember -Recursive | Measure-Object).Count
}
# End main IF section

# if there are more than one Windows Server 2008R2 Domain Controllers
else
{
# Get information about Default Domain Password Policy from the
first DC on the list
$pwdGPO = Get-ADDefaultDomainPasswordPolicy -Server $DCListFilte

red[0]

# check DFL and get Fine-Grained Password Policies


if ( $dfl -like "Windows2008Domain" -or $dfl -like "Windows2008R
2Domain" -or $dfl -like "Windows2012Domain" -or $dfl -like "Windows2012R2Domain"
)
{
$FGPPNo = (Get-ADFineGrainedPasswordPolicy -Server $DCLi
stFiltered[0] -Filter * | Measure-Object).Count
}
# End of Fine-Grained Password Policies section

# Get information about built-in domain Administrator account


$builtinAdmin = Get-ADuser -Identity $domainSID-500 -Server $DCL
istFiltered[0] -Properties Name, LastLogonDate, PasswordLastSet, PasswordNeverEx
pires, whenCreated, Enabled

# Get total number of Domain Administrators group members


$domainAdminsNo = (Get-ADGroup -Identity $domainSID-512 -Server
$DCListFiltered[0] | Get-ADGroupMember -Recursive | Measure-Object).Count
}
# End main ELSE section
$usr_objectsNo = 0
$usr_active_objectsNo = 0
$usr_inactive_objectsNo = 0
$usr_locked_objectsNo = 0
$usr_pwdnotreq_objectsNo = 0
$usr_pwdnotexp_objectsNo = 0
$grp_objectsNo = 0
$grp_objects_localNo = 0
$grp_objects_universalNo = 0
$grp_objects_globalNo = 0
$cmp_objectsNo = 0
$cmp_os_2000 = 0
$cmp_os_xp = 0
$cmp_os_7 = 0
$cmp_os_8 = 0
$cmp_os_81 = 0
$cmp_srvos_2000 =
$cmp_srvos_2003 =
$cmp_srvos_2008 =
$cmp_srvos_2008r2
$cmp_srvos_2012 =

0
0
0
= 0
0

$cmp_srvos_2012r2 = 0
# Get information about Active Directory objects
$ou_objectsNo = (Get-ADOrganizationalUnit -Server $domain -Filter * | Me
asure-Object).Count
$cmp_objects = Get-ADComputer -Server $domain -Filter * -Properties oper
atingSystem
$cmp_objectsNo = $cmp_objects.Count
$cmp_objects | %{ if ($_.operatingSystem
l*") { $cmp_os_2000 = $cmp_os_2000 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem
xp = $cmp_os_xp + 1 } }
$cmp_objects | %{ if ($_.operatingSystem
= $cmp_os_7 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem
8 = $cmp_os_8 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem
_81 = $cmp_os_81 + 1 } }

-like "Windows 2000 Professiona


-like "Windows XP*") { $cmp_os_
-like "Windows 7*") { $cmp_os_7
-like "Windows 8 *") { $cmp_os_
-like "Windows 8.1*") { $cmp_os

$cmp_objects | %{ if ($_.operatingSystem -like "Windows 2000 Server*") {


$cmp_srvos_2000 = $cmp_srvos_2000 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem -like "Windows Server 2003*") {
$cmp_srvos_2003 = $cmp_srvos_2003 + 1 } }
$cmp_objects | %{ if ( ($_.operatingSystem -like "Windows Server 2008*")
-and ($_.operatingSystem -notlike "Windows Server 2008 R2*") ) { $cmp_srvos_200
8 = $cmp_srvos_2008 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem -like "Windows Server 2008 R2*"
) { $cmp_srvos_2008r2 = $cmp_srvos_2008r2 + 1 } }
$cmp_objects | %{ if ( ($_.operatingSystem -like "Windows Server 2012 *"
) -and ($_.operatingSystem -notlike "Windows Server 2012 R2*") ) { $cmp_srvos_20
12 = $cmp_srvos_2012 + 1 } }
$cmp_objects | %{ if ($_.operatingSystem -like "Windows Server 2012 R2*"
) { $cmp_srvos_2012r2 = $cmp_srvos_2012r2 + 1 } }
$grp_objects = Get-ADGroup -Server $domain -Filter * -Properties GroupSc
ope
$grp_objectsNo = $grp_objects.Count
$grp_objects | %{ if ($_.GroupScope -eq "DomainLocal") { $grp_objects_lo
calNo = $grp_objects_localNo + 1 } }
$grp_objects | %{ if ($_.GroupScope -eq "Universal") { $grp_objects_univ
ersalNo = $grp_objects_universalNo + 1 } }
$grp_objects | %{ if ($_.GroupScope -eq "Global") { $grp_objects_globalN
o = $grp_objects_globalNo + 1 } }
$usr_objects = Get-ADUser -Server $domain -Filter * -Properties Enabled,
LockedOut, PasswordNeverExpires, PasswordNotRequired
$usr_objectsNo = $usr_objects.Count
$usr_objects | %{ if ($_.Enabled -eq $True) { $usr_active_objectsNo = $u
sr_active_objectsNo + 1 } }
$usr_objects | %{ if ($_.Enabled -eq $False) { $usr_inactive_objectsNo =
$usr_inactive_objectsNo + 1 } }
$usr_objects | %{ if ($_.LockedOut -eq $True) { $usr_locked_objectsNo =
$usr_locked_objectsNo + 1 } }
$usr_objects | %{ if ($_.PasswordNotRequired -eq $True) { $usr_pwdnotreq
_objectsNo = $usr_pwdnotreq_objectsNo + 1 } }
$usr_objects | %{ if ($_.PasswordNeverExpires -eq $True) { $usr_pwdnotex
p_objectsNo = $usr_pwdnotexp_objectsNo + 1 } }

# Display gathered domain details on the screen


Write-Host ""
Write-Host ""
Write-Host -ForegroundColor yellow -BackgroundColor black "Current domai
n details:"
Write-Host ""
Write-Host "DNS domain name"
Write-Host -ForegroundColor green $domain
Write-Host ""
Write-Host "NetBIOS domain name"
Write-Host -ForegroundColor green $NetBIOS
Write-Host ""

# Check and display DFL


Write-Host "Domain Functional Level"
switch ($dfl)
{
Windows2000Domain { Write-Host -ForegroundColor green "Windows 2
000 native" }
Windows2003Domain { Write-Host -ForegroundColor green "Windows S
erver 2003" }
Windows2008Domain { Write-Host -ForegroundColor green "Windows S
erver 2008" }
Windows2008R2Domain { Write-Host -ForegroundColor green "Windows
Server 2008 R2" }
Windows2012Domain { Write-Host -ForegroundColor green "Windows S
erver 2012" }
Windows2012R2Domain { Write-Host -ForegroundColor green "Windows
Server 2012 R2" }
default { Write-Host -ForegroundColor red "Unknown Domain Functi
onal Level:"$dfl }
}
Write-Host ""
# End DFL section

# SYSVOL replication method


Write-Host "SYSVOL replication method"
$FRSsysvol = "CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,"+(Get-ADDomain $domain).DistinguishedName
$DFSRsysvol = "CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,
"+(Get-ADDomain $domain).DistinguishedName

$frs = Get-ADObject -Filter { distinguishedName -eq $FRSsysvol }


$dfsr = Get-ADObject -Filter { distinguishedName -eq $DFSRsysvol }
if ( $frs -ne $nul ) { Write-Host -ForegroundColor red "FRS" }
elseif ( $dfsr -ne $nul ) { Write-Host -ForegroundColor green "DFS-R
" }
else { Write-Host -ForegroundColor Red "unknown" }
Write-Host ""
# End of SYSVOL replication section

# List of Domain Controllers


Write-Host "List of Domain Controllers"
$DCList | Sort | %{ Write-Host -ForegroundColor green $_.TrimEnd($domain
).toUpper() }
Write-Host ""
Write-Host "List of Read-Only Domain Controllers"
if ( $RODCList.Count -ne 0 )
{
$RODCList | %{ Write-Host -ForegroundColor green $_.TrimEnd($dom
ain).toUpper() }
}
else
{
Write-Host -ForegroundColor green "(none)"
}
Write-Host ""
# End of Domain Controllers list section

# Global Catalogs in a domain


Write-Host "Global Catalog servers in the domain"
$ForestGC | Sort | %{ if ( $_ -match $DomainName -and ((( $_ -replace $D
omainName ) -split "\.").Count -eq 2 ))
{
Write-Host -ForegroundColor green ($_.TrimEnd($domain).toUpper()
) }

}
Write-Host ""
# End of Global Catalogs section

# Display information about domain objects


# Domain computer objects location
Write-Host "Default domain computer objects location"
if ($cmp_location.Contains("CN=Computers"))
{
Write-Host -ForegroundColor green $cmp_location -NoNewLine
Write-Host -ForegroundColor yellow " (not redirected)"
}
else
{
Write-Host -ForegroundColor green $cmp_location -NoNewLine
Write-Host -ForegroundColor red " (redirected)"
}
Write-Host ""
# End of domain computer objects location
# Domain user objects location
Write-Host "Default domain user objects location"
if ($usr_location.Contains("CN=Users"))
{
Write-Host -ForegroundColor green $usr_location -NoNewLine
Write-Host -ForegroundColor yellow " (not redirected)"
}
else
{
Write-Host -ForegroundColor green $usr_location -NoNewLine
Write-Host -ForegroundColor red " (redirected)"
}
Write-Host ""
# End of domain user objects location

# Check if orphaned objects exist


Write-Host ""
Write-Host -ForegroundColor Yellow -BackgroundColor Black "Domain object
s statistic:"
Write-Host ""
$orphaned = Get-ADObject -Filter * -SearchBase "cn=LostAndFound,$($domai
nDN)" -SearchScope OneLevel | Measure-Object
if ($orphaned.Count -ne 0)
{
Write-Host -ForegroundColor Red "$($orphaned.Count) orphaned obj
ects have been found!"
}
else
{
Write-Host -ForegroundColor Green "No orphaned objects have been
found"
}
# End of orphaned objects check

# Check if lingering objects or conflict replication objects exist


$lingConfRepl = Get-ADObject -LDAPFilter "(cn=*\0ACNF:*)" -SearchBase $d
omainDN -SearchScope SubTree | Measure-Object
if ($lingConfRepl.Count -ne 0)
{
Write-Host -ForegroundColor Red "$($lingConfRepl.Count) lingerin
g or replication conflict objects have been found!"
}
else
{
Write-Host -ForegroundColor Green "No lingering or replication c
onflict objects have been found"
}
Write-Host ""
Write-Host ""

# End of lingering objects check


# Total number of Organizational Units
Write-Host "Total number of Organizational Unit objects : " -NoNewLine
Write-Host -ForegroundColor green $ou_objectsNo
Write-Host ""
Write-Host "Total number of computer objects : " -NoNewLine
Write-Host -ForegroundColor green $cmp_objectsNo
Write-Host ""
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host

" Client systems"


-ForegroundColor yellow " Windows 2000

: "

-ForegroundColor green $cmp_os_2000


-ForegroundColor yellow " Windows XP

: "

-ForegroundColor green $cmp_os_xp


-ForegroundColor yellow " Windows 7

: "

-ForegroundColor green $cmp_os_7


-ForegroundColor yellow " Windows 8

: "

-ForegroundColor green $cmp_os_8


-ForegroundColor yellow " Windows 8.1

: "

-ForegroundColor green $cmp_os_81

Write-Host ""
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host
Write-host
-NoNewLine
Write-Host

" Server systems"


-ForegroundColor yellow " Windows 2000 Server

: "

-ForegroundColor green $cmp_srvos_2000


-ForegroundColor yellow " Windows Server 2003

: "

-ForegroundColor green $cmp_srvos_2003


-ForegroundColor yellow " Windows Server 2008

: "

-ForegroundColor green $cmp_srvos_2008


-ForegroundColor yellow " Windows Server 2008R2

: "

-ForegroundColor green $cmp_srvos_2008r2


-ForegroundColor yellow " Windows Server 2012

: "

-ForegroundColor green $cmp_srvos_2012


-ForegroundColor yellow " Windows Server 2012R2

: "

-ForegroundColor green $cmp_srvos_2012r2

Write-Host ""
# End of total OUs number
# Total number of domain users
Write-Host ""

Write-Host "Total number of user objects : " -NoNewLine


Write-Host -ForegroundColor green $usr_objectsNo
Write-host -ForegroundColor yellow " Active

: " -N

oNewLine
Write-Host -ForegroundColor green $usr_active_objectsNo
Write-host -ForegroundColor yellow " Inactive

: " -N

oNewLine
Write-Host -ForegroundColor green $usr_inactive_objectsNo
Write-host -ForegroundColor yellow " Locked out

: " -N

oNewLine
Write-Host -ForegroundColor green $usr_locked_objectsNo
Write-host -ForegroundColor yellow " Password not required

: " -N

oNewLine
Write-Host -ForegroundColor green $usr_pwdnotreq_objectsNo
Write-host -ForegroundColor yellow " Password never expires

: " -N

oNewLine
Write-Host -ForegroundColor green $usr_pwdnotexp_objectsNo
Write-Host ""
# End of total domain users number
# Total number of domain groups
Write-Host "Total number of group objects : " -NoNewLine
Write-Host -ForegroundColor green $grp_objectsNo
Write-Host -ForegroundColor yellow " Global

: " -N

oNewLine
Write-Host -ForegroundColor green $grp_objects_globalNo
Write-Host -ForegroundColor yellow " Universal

: " -N

oNewLine
Write-Host -ForegroundColor green $grp_objects_universalNo
Write-Host -ForegroundColor yellow " Domain Local
oNewLine
Write-Host -ForegroundColor green $grp_objects_localNo
Write-Host ""
# End of total domain groups number

# Total number of domain administrators


Write-Host ""
Write-Host "Total number of Domain Administrators: " -NoNewline
if ( $domainAdminsNo -ge 1 -and $domainAdminsNo -le 5 )
{
Write-Host -ForegroundColor green $domainAdminsNo
}
else
{
Write-Host -ForegroundColor red $domainAdminsNo

: " -N

}
Write-Host ""
Write-Host ""
# End of total domain administrators number

# Details about built-in domain Administrator account


Write-Host -ForegroundColor yellow -BackgroundColor black "Built-in Doma
in Administrator account details:"
Write-Host ""
Write-Host "Account name: " -NoNewline
Write-Host -ForegroundColor green $builtinAdmin.Name
Write-Host "Account status: " -NoNewline
if ( $builtinAdmin.Enabled )
{
Write-Host -ForegroundColor red "enabled"
}
else
{
Write-Host -ForegroundColor green "disabled"
}
Write-Host "Password never expires: " -NoNewline
if ( $builtinAdmin.PasswordNeverExpires )
{
Write-Host -ForegroundColor red "yes"
}
else
{
Write-Host -ForegroundColor green "no"
}
Write-Host ""
Write-Host "Promoted to domain account"
Write-Host -ForegroundColor green $builtinAdmin.whenCreated
Write-Host ""

Write-Host "Last password change"


Write-Host -ForegroundColor green $builtinAdmin.PasswordLastSet
Write-Host ""
Write-Host "Last logon date"
Write-Host -ForegroundColor green $builtinAdmin.LastLogonDate
Write-Host ""
Write-Host ""
# End of domain objects information section

# FSMO roles for domain


Write-Host -ForegroundColor yellow -BackgroundColor black "FSMO roles de
tails:"
Write-Host ""
Write-Host "PDC Emulator master"
Write-Host -ForegroundColor green $FSMOPDC.toUpper()
Write-Host ""
Write-Host "RID master"
Write-Host -ForegroundColor green $FSMORID.toUpper()
Write-Host ""
Write-Host "Infrastructure master"
Write-Host -ForegroundColor green $FSMOInfrastructure.toUpper()
Write-Host ""
# End of domain FSMO section

# Check default domain policy existance


$gpoDefaultDomain = Get-ADObject -Server $domain -LDAPFilter "(&(objectC
lass=groupPolicyContainer)(cn={31B2F340-016D-11D2-945F-00C04FB984F9}))"
$gpoDefaultDomainController = Get-ADObject -Server $domain -LDAPFilter "
(&(objectClass=groupPolicyContainer)(cn={6AC1786C-016F-11D2-945F-00C04fB984F9}))
"
Write-Host -ForegroundColor yellow -BackgroundColor black "Default Domai
n policies check:"
Write-Host ""
if ($gpoDefaultDomain -ne $nul)
{
Write-Host "Default Domain policy
Write-Host -ForegroundColor Green "exists"
}

: " -NoNewLine

else
{
Write-Host -ForegroundColor Red "does not exist"
}
if ($gpoDefaultDomainController -ne $nul)
{
Write-Host "Default Domain Controllers policy : " -NoNewLine
Write-Host -ForegroundColor Green "exists"
}
else
{
Write-Host -ForegroundColor Red "does not exist"
}
Write-Host ""
# End of default domain policies check

# Default Domain Password Policy details


Write-Host -ForegroundColor yellow -BackgroundColor black "Default Domai
n Password Policy details:"
Write-Host ""
Write-Host
Write-Host
Write-Host
Write-Host
Write-Host
Write-Host

"Minimum password age: " -NoNewLine


-ForegroundColor green $pwdGPO.MinPasswordAge.days "day(s)"
"Maximum password age: " -NoNewLine
-ForegroundColor green $pwdGPO.MaxPasswordAge.days "day(s)"
"Minimum password length: " -NoNewline
-ForegroundColor green $pwdGpo.MinPasswordLength "character(s

)"
Write-Host "Password history count: " -NoNewLine
Write-Host -ForegroundColor green $pwdGPO.PasswordHistoryCount "unique p
assword(s)"
Write-Host "Password must meet complexity: " -NoNewLine
if ( $pwdGPO.ComplexityEnabled )
{
Write-Host -ForegroundColor green "yes"
}
else

{
Write-Host -ForegroundColor red "no"
}
Write-Host "Password uses reversible encryption: " -NoNewLine
if ( $pwdGPO.ReversibleEncryptionEnabled )
{
Write-Host -ForegroundColor red "yes"
}
else
{
Write-Host -ForegroundColor green "no"
}
Write-Host ""
Write-Host "Account lockout treshold: " -NoNewLine
if ($pwdGPO.LockoutThreshold -eq 0 )
{
Write-Host -ForegroundColor red "Account never locks out"
}
else
{
Write-Host -ForegroundColor green $pwdGPO.LockoutThreshold "inva
lid logon attempts"
Write-Host "Account lockout duration time: " -NoNewline
if ( $pwdGPO.LockoutDuration.days -eq 0 -and $pwdGPO.LockoutDura
tion.hours -eq 0 -and $pwdGPO.LockoutDuration.minutes -eq 0 )
{
Write-Host -ForegroundColor red "Password may be unlocke
d by an administrator only"
}
else
{
Write-Host -ForegroundColor yellow $pwdGPO.LockoutDurati
on.days "day(s)"$pwdGPO.LockoutDuration.hours "hour(s)"$pwdGPO.LockoutDuration.m

inutes "min(s)"
Write-Host "Account lockout counter resets after: " -NoN
ewline
Write-Host -ForegroundColor yellow $pwdGPO.LockoutObserv
ationWindow.days "day(s)"$pwdGPO.LockoutObservationWindow.hours "hour(s)"$pwdGPO
.LockoutObservationWindow.minutes "min(s)"
}
}
# End of Default Domain Password Policy details

# Display total number of Fine-Grained Password Policies


Write-Host ""
Write-Host "Fine-Grained Password Policies: " -NoNewline
Write-Host -ForegroundColor green $FGPPNo
Write-Host ""
}
# End of custom Get-DomainInfo function

# Main script section


Clear-Host
Write-Host -ForegroundColor white -BackgroundColor black "Collecting Active
Directory data..."
# Checking if PowerShell script was executed with a parameter
if ( $args.Length -gt 0 )
{
# Collecting information about specified Forest configuration
$ForestInfo=Get-ADForest $args[0]
}
else
{
# Collecting information about current Forest configuration
$ForestInfo=Get-ADForest
}
# End of parameter check

# Forest variables definition


$forest=$ForestInfo.RootDomain
$allDomains=$ForestInfo.Domains
$ForestGC=$ForestInfo.GlobalCatalogs
$UPNsuffix=$ForestInfo.UPNSuffixes
$ffl=$ForestInfo.ForestMode
$FSMODomainNaming=$ForestInfo.DomainNamingMaster
$FSMOSchema=$ForestInfo.SchemaMaster
$forestDomainSID = Get-ADDomain (Get-ADForest).Name | Select domainSID
$ADRecBinSupport="feature not supported"
if ( $ffl -like "Windows2008R2Forest" -or $ffl -like "Windows2012Forest" -or
$ffl -like "Windows2012R2Forest" )
{
$ADRecBin=(Get-ADOptionalFeature -Server $forest -Identity 766ddcd8acd0-445e-f3b9-a7f9b6744f2a).EnabledScopes | Measure-Object
if ( $ADRecBin.Count -ne 0 )
{
$ADRecBinSupport="Enabled"
}
else
{
$ADRecBinSupport="Disabled"
}
}
# End of forest variables section

# Define Schema partition variables


$SchemaPartition = $ForestInfo.PartitionsContainer.Replace("CN=Partitions","
CN=Schema")
$SchemaVersion = Get-ADObject -Server $forest -Identity $SchemaPartition -Pr
operties * | Select objectVersion
# End of Schema partition variables definition
$forestDN = $ForestInfo.PartitionsContainer.Replace("CN=Partitions,CN=Config
uration,","")

$configPartition = $ForestInfo.PartitionsContainer.Replace("CN=Partitions,",
"")

# Display collected data


Clear-Host
Write-Host -ForegroundColor white -BackgroundColor black "Active Directory r
eport v0.2 by Krzysztof Pytko (iSiek)"
Write-Host ""
Write-Host ""
# Display information about Forest
Write-Host -ForegroundColor yellow -BackgroundColor black "Forest details:"
Write-Host ""
Write-Host "Forest name"
Write-Host -ForegroundColor green $forest
Write-Host ""

# Determine and display schema version


Write-Host "Active Directory schema version"
switch ($SchemaVersion.objectVersion)
{
13 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows 2000 Server" }
30 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2003" }
31 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2003 R2" }
44 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2008" }
47 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2008 R2" }
51 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 8 Developers Preview" }
52 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 8 Beta" }
56 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2012" }
69 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server 2012 R2" }
72 { Write-Host -ForegroundColor green $SchemaVersion.objectVersion
"- Windows Server Technical Preview" }
default { Write-Host -ForegroundColor red "unknown - "$SchemaVersion
.objectVersion }
}
Write-Host ""

# End of schema version section

# Determine and display Exchange version


Write-Host "Microsoft Exchange version"
$ExchangeSystemObjects = Get-ADObject -Server $forest -LDAPFilter "(&(object
Class=container)(name=Microsoft Exchange System Objects))" -SearchBase $forestDN
-Properties objectVersion
$ExchangeSchemaVersion = Get-ADObject -Server $forest -LDAPFilter "(&(object
Class=attributeSchema)(name=ms-Exch-Schema-Version-Pt))" -SearchBase $SchemaPart
ition -Properties rangeUpper
$ExchangeSchema = $ExchangeSystemObjects.objectVersion + $ExchangeSchemaVers
ion.rangeUpper
if ($ExchangeSchemaVersion -ne $nul)
{
switch ($ExchangeSchema)
{
13806 { Write-Host -ForegroundColor green "Exchange Server
2003" }
21265 { Write-Host -ForegroundColor green "Exchange Server 2
007" }
22337 { Write-Host -ForegroundColor green "Exchange
007 Service Pack 1" }
25843 { Write-Host -ForegroundColor green "Exchange
007 Service Pack 2" }
25846 { Write-Host -ForegroundColor green "Exchange
007 Service Pack 3" }
27261 { Write-Host -ForegroundColor green "Exchange
010" }
27766 { Write-Host -ForegroundColor green "Exchange
010 Service Pack 1" }
27772 { Write-Host -ForegroundColor green "Exchange
010 Service Pack 2" }
27774 { Write-Host -ForegroundColor green "Exchange
010 Service Pack 3" }
28373 { Write-Host -ForegroundColor green "Exchange
013" }
28490 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 1" }
28517 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 2" }
28519 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 3" }
28528 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 4 - Service Pack 1" }
28536 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 5" }
28539 { Write-Host -ForegroundColor green "Exchange
013 Cumulative Update 6" }
default { Write-Host -ForegroundColor red "unknown
angeSchemaVersion.rangeUpper }

Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
Server 2
- "$Exch

}
$ExchOrganization = (Get-ADObject -Server $forest -Identity "cn=Micr
osoft Exchange,cn=Services,$configPartition" -Properties templateRoots).template
Roots
$ExchOrgName = (Get-ADObject -Server $forest -Identity $($ExchOrgani
zation -Replace "cn=Addressing," , "") -Properties name).name
Write-Host ""
Write-Host "Microsoft Exchange Organization name"
Write-Host -ForegroundColor Green $ExchOrgName
} #end if
else
{
Write-Host -ForegroundColor green "(not present)"
}
Write-Host ""
# End of Exchange version

# Determine and display Lync version


Write-Host "Microsoft Lync server version"
$LyncSchemaVersion = Get-ADObject -Server $forest -LDAPFilter "(&(objectClas
s=attributeSchema)(name=ms-RTC-SIP-SchemaVersion))" -SearchBase $SchemaPartition
-Properties rangeUpper
if ($LyncSchemaVersion -ne $nul)
{
switch ($LyncSchemaVersion.rangeUpper)
{
1006 { Write-Host -ForegroundColor green "Live Communication
s Server 2005" }
1007 { Write-Host -ForegroundColor green "Office Communicati
ons Server 2007 Release 1" }
1008 { Write-Host -ForegroundColor green "Office Communicati
ons Server 2007 Release 2" }
1100 { Write-Host -ForegroundColor green "Lync Server 2010"
}
1150 { Write-Host -ForegroundColor green "Lync Server 2013"
}
default { Write-Host -ForegroundColor red "unknown - "$Lync
SchemaVersion.rangeUpper }
}
}# end if

else
{
Write-Host -ForegroundColor green "(not present)"
}
Write-Host ""
# End of Lync version

# Determine and display FFL


Write-Host "Forest Functional Level"
switch ($ffl)
{
Windows2000Forest { Write-Host -ForegroundColor green "Windows 2000"
}
Windows2003Forest { Write-Host -ForegroundColor green "Windows Serve
r 2003" }
Windows2008Forest { Write-Host -ForegroundColor green "Windows Serve
r 2008" }
Windows2008R2Forest { Write-Host -ForegroundColor green "Windows Ser
ver 2008 R2" }
Windows2012Forest { Write-Host -ForegroundColor green "Windows Serve
r 2012" }
Windows2012R2Forest { Write-Host -ForegroundColor green "Windows Ser
ver 2012 R2" }
default { Write-Host -ForegroundColor red "Unknown Forest Functional
Level:"$ffl }
}
Write-Host ""
# End of FFL section

# Forest tombstoneLifetime
$tombstoneLifetime = (Get-ADobject -Server $forest -Identity "cn=Directory S
ervice,cn=Windows NT,cn=Services,$configPartition" -Properties tombstoneLifetime
).tombstoneLifetime
Write-Host "Tombstone lifetime"
if ($tombstoneLifetime -ne $nul)
{
Write-Host -ForegroundColor Green $tombstoneLifetime" day(s)"
}
else
{

Write-Host -ForegroundColor Green "60 days (default setting)"


}
Write-Host ""
# End of forest tombstoneLifetime

# AD Recycle Bin support


Write-Host "Active Directory Recycle Bin"
Write-Host -ForegroundColor green $ADRecBinSupport
Write-Host ""
# End of AD Recycle Bin section

# List of all Domains in a Forest


Write-Host "Domains in this forest"
$allDomains | Sort | %{ Write-Host -ForegroundColor green $_ }
Write-Host ""
# End of list section

# Trusts enumeration
Write-Host "List of trusts"
$ADTrusts = Get-ADObject -Server $forest -Filter { objectClass -eq "trustedD
omain" } -Properties CanonicalName,trustDirection
if ($ADTrusts.Count -gt 0)
{
foreach ($Trust in $ADTrusts)
{
switch ($Trust.trustDirection)
{
3 { $trustInfo=($Trust.CanonicalName).Replace("/Syst
em/"," <===> ") }
2 { $trustInfo=($Trust.CanonicalName).Replace("/Syst
em/"," <---- ") }
1 { $trustInfo=($Trust.CanonicalName).Replace("/Syst
em/"," ----> ") }
}

Write-Host -ForegroundColor green $trustInfo


}
}
else
{
Write-Host -ForegroundColor green "(none)"
}
Write-Host ""
# End of trusts list

# List of all partitions in a forest


$partitions = Get-ADObject -Server $forest -Filter * -SearchBase $ForestInfo
.PartitionsContainer -SearchScope OneLevel -Properties name,nCName,msDS-NC-Repli
ca-Locations | Select name,nCName,msDS-NC-Replica-Locations | Sort-Object name
Write-Host "List of all partitions"
Write-Host ""
foreach ($part in $partitions)
{
Write-Host -BackgroundColor Yellow -ForegroundColor Black $part.name
Write-Host -ForegroundColor Green $part.nCName
Write-Host ""
$DNSServers = $part."msDS-NC-Replica-Locations" | Sort-Object
# If any DNS server holds partition
if ($DNSServers -ne $nul)
{
Write-Host -ForegroundColor Yellow "DNS servers"
# Get DNS Servers for selected partition
foreach ($DNSServer in $DNSServers)
{
Write-Host ( ($DNSServer -Split ",")[1] -Replace "CN
=","")
}

# End of DNS servers list for selected partition


}
# End IF section for DNS servers
Write-Host ""
Write-Host ""
}
Write-Host ""
# End of list of all partitions in a forest
Write-Host "Sites and Subnets information"
Write-Host ""

# Sites enumeration
$ConfigurationPart = ($ForestInfo.PartitionsContainer -Replace "CN=Partition
s,","")
$AllSites = Get-ADObject -Server $forest -Filter { objectClass -eq "site" }
-SearchBase $ConfigurationPart -Properties *
# Loop for Sites and Subnets
foreach ( $Site in $AllSites )
{
Write-Host -ForegroundColor black -BackgroundColor yellow "Site:"$Si
te.Name
Write-Host
Write-Host -ForegroundColor yellow "Server(s) in site:"
Write-Host
$ServersInSite = Get-ADObject -Server $forest -Filter { objectClass
-eq "server" } -SearchBase $Site.distinguishedName -SearchScope Subtree -Propert
ies Name | Select Name | Sort-Object Name
# Loop for Domain Controller details
foreach ($Server in $ServersInSite)
{
# If any DC is in Site
if ( $Server -ne $nul )
{
$dcDetails = Get-ADDomainController $Server.Name
$dcDN = $dcDetails.ComputerObjectDN -Replace $dcDeta
ils.Name,""
$dcDN = $dcDN -Replace "CN=,",""
$dcFRS = "CN=Domain System Volume (SYSVOL share),CN=

NTFRS Subscriptions,$($dcdetails.computerobjectdn)"
$dcDFSR = "CN=SYSVOL Subscription,CN=Domain System V
olume,CN=DFSR-LocalSettings,$($dcdetails.computerobjectdn)"
$dcFRSinfo = Get-ADObject -Filter { distinguishedNam
e -eq $dcFRS } -Properties fRSRootPath
$dcDFSRinfo = Get-ADObject -Filter { distinguishedNa
me -eq $dcDFSR } -Properties msDFSR-RootPath, msDFSR-RootSizeInMb

# Display Domain Controller details


Write-Host -ForegroundColor green "$($Server.Name) (
$($dcDN))"
Write-Host "IP address (v4)

: "$dcDetails.ipv4add

ress
# IPv6 address
if ($dcDetails.ipv6address -ne $nul)
{
Write-Host "IP address (v6)

: "$dcDetails

Write-Host "IP address (v6)

: (none)"

.ipv6address
}
else
{

}
# End of IPv6 address section

# Operating system type and its service pack level


Write-Host "OS type
: "$dcDetails.operati
ngSystem
if ($dcDetails.operatingSystemServicePack -ne $nul)
{
Write-Host "Service Pack

: "$dcDetails

.operatingSystemServicePack
}
# End of operating system and service pack level sec
tion

# SYSVOL replication method on DC


# SYSVOL FRS section
if ($dcFRSinfo -ne $nul)

{
Write-Host "SYSVOL replication : FRS"
Write-Host "SYSVOL location
: "$dcFRSinfo
.fRSRootPath.toUpper()
}
# End of SYSVOL FRS section

# SYSVOL DFS-R section


if ($dcDFSRinfo -ne $nul)
{
Write-Host "SYSVOL replication : DFS-R"
Write-Host "SYSVOL location
: "$dcDFSRinf
o."msDFSR-RootPath".toUpper()
# SYSVOL size
if ($dcDFSRinfo."msDFSR-RootSizeInMb" -ne $n
ul)
{
Write-Host "SYSVOL quota

: "$d

Write-Host "SYSVOL quota

: 4G

cDFSRinfo."msDFSR-RootSizeInMb"
}
else
{
B (default setting)"
}
# End of SYSVOL size
}
# End of SYSVOL DFS-R section
}
# End of section where DC is in Site
# If no DC in Site
else
{
Write-Host -ForegroundColor green "(none)"
}
# End of section where no DC in Site

Write-Host ""
} # End of sub foreach for Domain Controllers details

# List Subnets for selected Site


$subnets = $Site.siteObjectBL
Write-Host -ForegroundColor yellow "Subnets:"
# If any Subnet assigned
if ( $subnets -ne $nul )
{
# List all Subnets for selected Site
foreach ($subnet in $subnets)
{
$SubnetSplit = $Subnet.Split(",")
Write-Host $SubnetSplit[0].Replace("CN=","")
}
# End of listing Subnets
}
# End of existing Subnets section
# If no Subnets in Site
else
{
Write-Host -ForegroundColor green "(none)"
}
# End of no Subnets section

# End of listing Subnets


Write-Host ""
Write-Host ""
} # End of main foreach for Sites and Subnets
# End of Sites section

# Site Links enumeration

Write-Host -ForegroundColor yellow -BackgroundColor black "Site link(s) info


rmation:"
Write-Host ""
$siteLinks = Get-ADObject -Server $forest -Filter { objectClass -eq "siteLin
k" } -SearchBase $ConfigurationPart -Properties name, cost, replInterval, siteLi
st | Sort-Object replInterval
foreach ($link in $siteLinks)
{
Write-Host
Write-Host
Write-Host
Write-Host
Write-Host
Write-Host
Write-Host

"Site link name


: " -NoNewLine
-ForegroundColor green $link.name
"Replication cost
: " -NoNewLine
-ForegroundColor green $link.cost
"Replication interval : " -NoNewLine
-ForegroundColor green $link.replInterval" minutes"
"Sites included
: " -NoNewLine

foreach ($linkList in $link.siteList)


{
$siteName = Get-ADObject -Identity $linkList -Properties Nam
e
Write-Host -ForegroundColor green $siteName.name"; " -NoNewL
ine
}
Write-Host ""
Write-Host ""
Write-Host ""
}
Write-Host ""
# End of Site Links section

# Get Global Catalogs in the forest


Write-Host "Global Catalog servers in the forest"
$ForestGC | Sort | %{ Write-Host -ForegroundColor green $_.toUpper() }
Write-Host ""
# End of Global Catalogs section

# Display additional suffixes


Write-Host "Additional UPN suffixes"
if ( $UPNSuffix.Count -ne 0 )
{
$UPNsuffix | Sort | %{ Write-Host -ForegroundColor green $_ }
}
else
{
Write-Host -ForegroundColor green "(none)"
}
Write-Host ""
Write-Host ""
# End of suffixes section

# Forest FSMO roles display


Write-Host -ForegroundColor yellow -BackgroundColor black "FSMO roles detail
s:"
Write-Host ""
Write-Host "Schema master"
Write-Host -ForegroundColor green $FSMOSchema.toUpper()
Write-Host ""
Write-Host "Domain Naming master"
Write-Host -ForegroundColor green $FSMODomainNaming.toUpper()
Write-Host ""
Write-Host ""
# End of Forest FSMO section

# Forest wide groups members


Write-Host -ForegroundColor yellow -BackgroundColor black "Forest wide group
s details:"
Write-Host ""
# Schema Administrators
$schemaGroupID = ((Get-ADDomain(Get-ADForest).name).domainSID).value+"-518"
$schemaAdminsNo = Get-ADGroup -Server $forest -Identity $schemaGroupID | Get
-ADGroupMember -Recursive
if ($schemaAdminsNo.Count -eq 2)
{

Write-Host "Total number of Schema Administrators


: " -NoNewLine
Write-Host -ForegroundColor Green $schemaAdminsNo.Count
}
else
{
Write-Host "Total number of Schema Administrators
: " -NoNewLine
Write-Host -ForegroundColor Red $schemaAdminsNo.Count
}
# Enterprise Admins
$entGroupID = ((Get-ADDomain(Get-ADForest).name).domainSID).value+"-519"
$enterpriseAdminsNo = Get-ADGroup -Server $forest -Identity $entGroupID | Ge
t-ADGroupMember -Recursive
if ($enterpriseAdminsNo.Count -eq 1)
{
Write-Host "Total number of Enterprise Administrators : " -NoNewLine
Write-Host -ForegroundColor Green $enterpriseAdminsNo.Count
}
else
{
Write-Host "Total number of Enterprise Administrators : " -NoNewLine
Write-Host -ForegroundColor Red $enterpriseAdminsNo.Count
}
Write-Host ""
# End of forest wide groups members

# Custom Get-DomainInfo function executed for every domain in the forest


$allDomains | Sort | %{ Get-DomainInfo ($_) }
# End of loop
Write-Host ""
Write-Host ""
Write-Host -ForegroundColor white -BackgroundColor black "The end of Active
Directory report"
Write-Host ""
Write-Host ""
# End of data display

You might also like