diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 35a6ee4..f91948f 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -1,9 +1,20 @@ name: Bug Report description: File a bug report +title: "[Bug]: " labels: ["bug"] assignees: - rebelinux body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report :) + - Kindly **DO NOT** ask for instructions. + - Use [Discussions](https://github.com/orgs/AsBuiltReport/discussions) section if you have a query or doubts or any other relevant question. + - You may join [Slack community](https://the-code-community.slack.com#asbuiltreport) to interact with fellow contributors and users + - Read project's [Web Site](https://www.asbuiltreport.com/user-guide/installation/) for detailed documentation. + - Read project's [FAQs](https://www.asbuiltreport.com/support/faq/) section for Frequently asked questions. + - Search for previous [Issues](https://github.com/AsBuiltReport/AsBuiltReport.NetApp.ONTAP/issues)/[Pull Requests](https://github.com/AsBuiltReport/AsBuiltReport.NetApp.ONTAP/pulls) if this issue is already reported or fix has been created. - type: textarea id: bug-description attributes: @@ -89,10 +100,3 @@ body: - label: >- I have read and followed the [bug reporting guidelines](https://www.asbuiltreport.com/about/contributing/#reporting-issues-and-bugs). required: true - - label: >- - I have read [the documentation](https://www.asbuiltreport.com/user-guide/new-asbuiltconfig), - and referred to the [known issues](https://www.asbuiltreport.com/user-guide/known-issues/) before submitting this bug report. - required: true - - label: >- - I have checked for previously opened & closed [issues](https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/issues) before submitting this bug report. - required: true diff --git a/.github/ISSUE_TEMPLATE/change_request.yml b/.github/ISSUE_TEMPLATE/change_request.yml index 47f8f5c..2a9a9d5 100644 --- a/.github/ISSUE_TEMPLATE/change_request.yml +++ b/.github/ISSUE_TEMPLATE/change_request.yml @@ -1,9 +1,20 @@ name: Change Request description: Request a new change or an improvement +title: "[Change Request]: " labels: ["change request"] assignees: - rebelinux body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this enahancement form :) + - Kindly **DO NOT** ask for instructions. + - Use [Discussions](https://github.com/orgs/AsBuiltReport/discussions) section if you have a query or doubts or any other relevant question. + - You may join [Slack community](https://the-code-community.slack.com#asbuiltreport) to interact with fellow contributors and users + - Read project's [Web Site](https://www.asbuiltreport.com/user-guide/installation/) for detailed documentation. + - Read project's [FAQs](https://www.asbuiltreport.com/support/faq/) section for Frequently asked questions. + - Search for previous [Issues](https://github.com/AsBuiltReport/AsBuiltReport.NetApp.ONTAP/issues)/[Pull Requests](https://github.com/AsBuiltReport/AsBuiltReport.NetApp.ONTAP/pulls) if this issue is already reported or fix has been created. - type: textarea id: description attributes: diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml new file mode 100644 index 0000000..0d08e26 --- /dev/null +++ b/.github/workflows/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "github-actions" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" diff --git a/AsBuiltReport.Microsoft.AD.psd1 b/AsBuiltReport.Microsoft.AD.psd1 index d9d5f0c..4e0b58b 100644 --- a/AsBuiltReport.Microsoft.AD.psd1 +++ b/AsBuiltReport.Microsoft.AD.psd1 @@ -12,7 +12,7 @@ RootModule = 'AsBuiltReport.Microsoft.AD.psm1' # Version number of this module. - ModuleVersion = '0.8.2' + ModuleVersion = '0.9.0' # Supported PSEditions # CompatiblePSEditions = @() @@ -58,7 +58,7 @@ }, @{ ModuleName = 'PSPKI'; - ModuleVersion = '3.7.2' + ModuleVersion = '4.2.0' }, @{ ModuleName = 'PScriboCharts'; @@ -66,11 +66,11 @@ }, @{ ModuleName = 'Diagrammer.Microsoft.AD'; - ModuleVersion = '0.2.3' + ModuleVersion = '0.2.6' }, @{ ModuleName = 'Diagrammer.Core'; - ModuleVersion = '0.2.1' + ModuleVersion = '0.2.10' } ) diff --git a/CHANGELOG.md b/CHANGELOG.md index 022cf05..740b4d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +##### This project is community maintained and has no sponsorship from Microsoft, its employees or any of its affiliates. + +## [0.9.0] - 2024-10-13 + +### Added + +- Initial support for Server 2025 +- Add Dependabot action + +### Changed + +- Increase Diagrammer.Core minumum requirement +- Increase Diagrammer.Microsoft.AD minumum requirement +- Improve detection of Domain Controller availability (Test-WSMan) + ## [0.8.2] - 2024-06-15 ### Added diff --git a/README.md b/README.md index b8a4202..d03b52f 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,8 @@ Buy Me a Coffee at ko-fi.com

+#### This project is community maintained and has no sponsorship from Microsoft, its employees or any of its affiliates. + # Microsoft AD As Built Report Microsoft AD As Built Report is a PowerShell module which works in conjunction with [AsBuiltReport.Core](https://github.com/AsBuiltReport/AsBuiltReport.Core). @@ -38,7 +40,7 @@ Please refer to the AsBuiltReport [website](https://www.asbuiltreport.com) for m # :books: Sample Reports -## Sample Report - Custom Style 1 +## Sample Report - Default Style with EnableHealthCheck Sample Microsoft AD As Built report HTML file: [Sample Microsoft AD As-Built Report.html](https://htmlpreview.github.io/?https://raw.githubusercontent.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/dev/Samples/Sample%20Microsoft%20AD%20As%20Built%20Report.html) @@ -68,6 +70,8 @@ PowerShell 5.1, and the following PowerShell modules are required for generating - [AsBuiltReport.Core Module](https://github.com/AsBuiltReport/AsBuiltReport.Core) - [AsBuiltReport.Microsoft.AD Module](https://www.powershellgallery.com/packages/AsBuiltReport.Microsoft.AD/) - [PScribo Module](https://github.com/iainbrighton/PScribo) +- [PSGraph Module](https://github.com/KevinMarquette/PSGraph) +- [Diagrammer.Core Module](https://github.com/rebelinux/Diagrammer.Core) - [Diagrammer.Microsoft.AD Module](https://github.com/rebelinux/Diagrammer.Microsoft.AD) - [PScriboCharts Module](https://github.com/iainbrighton/PScriboCharts) - [ActiveDirectory Module](https://docs.microsoft.com/en-us/powershell/module/activedirectory/?view=windowsserver2019-ps) @@ -93,6 +97,8 @@ Due to a limitation of the WinRM component, a domain-joined machine is needed, a ```powershell Install-Module -Name PSPKI +Install-Module -Name PSGraph +Install-Module -Name Diagrammer.Core Install-Module -Name Diagrammer.Microsoft.AD Install-Module -Name AsBuiltReport.Microsoft.AD Install-WindowsFeature -Name RSAT-AD-PowerShell @@ -105,6 +111,9 @@ Install-WindowsFeature -Name GPMC ```powershell Install-Module -Name PSPKI +Install-Module -Name PSGraph +Install-Module -Name Diagrammer.Core +Install-Module -Name Diagrammer.Microsoft.AD Install-Module -Name AsBuiltReport.Microsoft.AD Add-WindowsCapability -online -Name 'Rsat.ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0' Add-WindowsCapability -Online -Name 'Rsat.CertificateServices.Tools~~~~0.0.1.0' diff --git a/Src/Private/Get-AbrADDCDiag.ps1 b/Src/Private/Get-AbrADDCDiag.ps1 index 22658ff..4cc96c8 100644 --- a/Src/Private/Get-AbrADDCDiag.ps1 +++ b/Src/Private/Get-AbrADDCDiag.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDCDiag { .DESCRIPTION .NOTES - Version: 0.8.1 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -30,7 +30,7 @@ function Get-AbrADDCDiag { } process { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DCDIAG = Invoke-DcDiag -DomainController $DC if ($DCDIAG) { diff --git a/Src/Private/Get-AbrADDNSInfrastructure.ps1 b/Src/Private/Get-AbrADDNSInfrastructure.ps1 index 96a09b5..684e9f8 100644 --- a/Src/Private/Get-AbrADDNSInfrastructure.ps1 +++ b/Src/Private/Get-AbrADDNSInfrastructure.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDNSInfrastructure { .DESCRIPTION .NOTES - Version: 0.8.1 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -36,7 +36,7 @@ function Get-AbrADDNSInfrastructure { BlankLine $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DNSSetting = Get-DnsServerSetting -CimSession $TempCIMSession -ComputerName $DC $inObj = [ordered] @{ @@ -74,7 +74,7 @@ function Get-AbrADDNSInfrastructure { Paragraph "The following section provides Directory Partition information." BlankLine foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() @@ -129,7 +129,7 @@ function Get-AbrADDNSInfrastructure { Section -Style Heading4 "Response Rate Limiting (RRL)" { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DNSSetting = Get-DnsServerResponseRateLimiting -CimSession $TempCIMSession -ComputerName $DC $inObj = [ordered] @{ @@ -173,7 +173,7 @@ function Get-AbrADDNSInfrastructure { Section -Style Heading4 "Scavenging Options" { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DNSSetting = Get-DnsServerScavenging -CimSession $TempCIMSession -ComputerName $DC $inObj = [ordered] @{ @@ -234,7 +234,7 @@ function Get-AbrADDNSInfrastructure { Section -Style Heading4 "Forwarder Options" { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DNSSetting = Get-DnsServerForwarder -CimSession $TempCIMSession -ComputerName $DC $Recursion = Get-DnsServerRecursion -CimSession $TempCIMSession -ComputerName $DC | Select-Object -ExpandProperty Enable @@ -304,7 +304,7 @@ function Get-AbrADDNSInfrastructure { Paragraph "The following section provides Root Hints information from domain $($Domain)." BlankLine foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { Section -ExcludeFromTOC -Style NOTOCHeading5 $($DC.ToString().ToUpper().Split(".")[0]) { $OutObj = @() @@ -409,7 +409,7 @@ function Get-AbrADDNSInfrastructure { Section -Style Heading4 "Zone Scope Recursion" { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DNSSetting = Get-DnsServerRecursionScope -CimSession $TempCIMSession -ComputerName $DC $inObj = [ordered] @{ diff --git a/Src/Private/Get-AbrADDomainController.ps1 b/Src/Private/Get-AbrADDomainController.ps1 index b13fc72..4148754 100644 --- a/Src/Private/Get-AbrADDomainController.ps1 +++ b/Src/Private/Get-AbrADDomainController.ps1 @@ -5,7 +5,7 @@ function Get-AbrADDomainController { .DESCRIPTION .NOTES - Version: 0.8.2 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -67,12 +67,12 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { $DCInfo = Invoke-Command -Session $TempPssSession { Get-ADDomainController -Identity $using:DC -Server $using:DC } $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DCNetSettings' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "DC Net Settings Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession ) { @@ -151,13 +151,13 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { $DCInfo = Invoke-Command -Session $TempPssSession { Get-ADDomainController -Identity $using:DC -Server $using:DC } $DCComputerObject = try { Invoke-Command -Session $TempPssSession -ErrorAction Stop { Get-ADComputer ($using:DCInfo).ComputerObjectDN -Properties * -Server $using:DC } } catch { Out-Null } $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DCNetSettings' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "DC Net Settings Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -342,7 +342,7 @@ function Get-AbrADDomainController { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllerHardware' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "Domain Controller Hardware Inventory Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -431,11 +431,11 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DNSIPConfiguration' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "DNS IP Configuration Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } try { @@ -539,12 +539,12 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'NTDS' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "NTDS Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -589,12 +589,12 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'TimeSource' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "Time Source Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -650,7 +650,7 @@ function Get-AbrADDomainController { try { $OutObj = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $CimSession = try { New-CimSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'SRVRecordsStatus' -ErrorAction Stop } catch { Write-PScriboMessage -IsWarning "SRV Records Status Section: New-CimSession: Unable to connect to $($DC): $($_.Exception.MessageId)" } $PDCEmulator = Invoke-Command -Session $TempPssSession { (Get-ADDomain $using:Domain -ErrorAction Stop).PDCEmulator } @@ -765,12 +765,12 @@ function Get-AbrADDomainController { try { if ($HealthCheck.DomainController.BestPractice) { $OutObj = foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllersFileShares' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "Domain Controllers File Shares Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -833,13 +833,13 @@ function Get-AbrADDomainController { try { $DCObj = @() $DCObj += foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $Software = @() $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllerInstalledSoftware' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "Domain Controller Installed Software Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession) { @@ -911,13 +911,13 @@ function Get-AbrADDomainController { try { $DCObj = @() $DCObj += foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $Software = @() $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'DomainControllerPendingMissingPatch' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { $ErrorMessage = $_.FullyQualifiedErrorId - } else {$ErrorMessage = $_.Exception.MessageId} + } else { $ErrorMessage = $_.Exception.MessageId } Write-PScriboMessage -IsWarning "Domain Controller Pending Missing Patch Section: New-PSSession: Unable to connect to $($DC): $ErrorMessage" } if ($DCPssSession ) { diff --git a/Src/Private/Get-AbrADForest.ps1 b/Src/Private/Get-AbrADForest.ps1 index 4714796..20a680e 100644 --- a/Src/Private/Get-AbrADForest.ps1 +++ b/Src/Private/Get-AbrADForest.ps1 @@ -5,7 +5,7 @@ function Get-AbrADForest { .DESCRIPTION .NOTES - Version: 0.8.2 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -32,6 +32,7 @@ function Get-AbrADForest { $ValuedsHeuristics = Invoke-Command -Session $TempPssSession { Get-ADObject -Identity "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,$(($using:DomainDN))" -Properties dsHeuristics -ErrorAction SilentlyContinue } If ($ADVersion -eq '88') { $server = 'Windows Server 2019' } + ElseIf ($ADVersion -eq '91') { $server = 'Windows Server 2025' } ElseIf ($ADVersion -eq '87') { $server = 'Windows Server 2016' } ElseIf ($ADVersion -eq '69') { $server = 'Windows Server 2012 R2' } ElseIf ($ADVersion -eq '56') { $server = 'Windows Server 2012' } diff --git a/Src/Private/Get-AbrADSite.ps1 b/Src/Private/Get-AbrADSite.ps1 index 05996c0..386cc93 100644 --- a/Src/Private/Get-AbrADSite.ps1 +++ b/Src/Private/Get-AbrADSite.ps1 @@ -5,7 +5,7 @@ function Get-AbrADSite { .DESCRIPTION .NOTES - Version: 0.8.2 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -211,7 +211,7 @@ function Get-AbrADSite { foreach ($Domain in $ADSystem.Domains | Where-Object { $_ -notin $Options.Exclude.Domains }) { $DomainInfo = Invoke-Command -Session $TempPssSession { Get-ADDomain $using:Domain -ErrorAction Stop } foreach ($DC in ($DomainInfo.ReplicaDirectoryServers | Where-Object { $_ -notin $Options.Exclude.DCs })) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { try { $DCPssSession = try { New-PSSession -ComputerName $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name 'MissingSubnetinAD' -ErrorAction Stop } catch { if (-Not $_.Exception.MessageId) { @@ -695,7 +695,7 @@ function Get-AbrADSite { foreach ($Domain in $ADSystem.Domains | Where-Object { $_ -notin $Options.Exclude.Domains }) { $DomainInfo = Invoke-Command -Session $TempPssSession { Get-ADDomain $using:Domain -ErrorAction Stop } foreach ($DC in ($DomainInfo.ReplicaDirectoryServers | Where-Object { $_ -notin $Options.Exclude.DCs })) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { $DCCIMSession = try { New-CimSession $DC -Credential $Credential -Authentication $Options.PSDefaultAuthentication -Name "SysvolReplication" -ErrorAction Stop } catch { Write-PScriboMessage -IsWarning "Sysvol Replication Section: New-CimSession: Unable to connect to $($DC): $($_.Exception.MessageId)" } if ($DCCIMSession) { diff --git a/Src/Private/Get-AbrADSiteReplication.ps1 b/Src/Private/Get-AbrADSiteReplication.ps1 index c80b630..51ce571 100644 --- a/Src/Private/Get-AbrADSiteReplication.ps1 +++ b/Src/Private/Get-AbrADSiteReplication.ps1 @@ -5,7 +5,7 @@ function Get-AbrADSiteReplication { .DESCRIPTION .NOTES - Version: 0.8.2 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -33,7 +33,7 @@ function Get-AbrADSiteReplication { try { $ReplInfo = @() foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { $Replication = Invoke-Command -Session $TempPssSession -ScriptBlock { Get-ADReplicationConnection -Server $using:DC -Properties * } if ($Replication) { try { diff --git a/Src/Private/Get-AbrDNSSection.ps1 b/Src/Private/Get-AbrDNSSection.ps1 index 1c1274f..4a294c2 100644 --- a/Src/Private/Get-AbrDNSSection.ps1 +++ b/Src/Private/Get-AbrDNSSection.ps1 @@ -5,7 +5,7 @@ function Get-AbrDNSSection { .DESCRIPTION .NOTES - Version: 0.8.2 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -47,10 +47,12 @@ function Get-AbrDNSSection { Section -Style Heading2 "$($Domain.ToString().ToUpper())" { Paragraph "The following section provides a configuration summary of the DNS service." BlankLine - Get-AbrADDNSInfrastructure -Domain $Domain + if ($TempCIMSession) { + Get-AbrADDNSInfrastructure -Domain $Domain + } $DCs = Invoke-Command -Session $TempPssSession { Get-ADDomain $using:Domain | Select-Object -ExpandProperty ReplicaDirectoryServers | Where-Object { $_ -notin ($using:Options).Exclude.DCs } } foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { Get-AbrADDNSZone -Domain $Domain -DC $DC } } diff --git a/Src/Private/Get-AbrDomainSection.ps1 b/Src/Private/Get-AbrDomainSection.ps1 index b9a0232..e41f196 100644 --- a/Src/Private/Get-AbrDomainSection.ps1 +++ b/Src/Private/Get-AbrDomainSection.ps1 @@ -5,7 +5,7 @@ function Get-AbrDomainSection { .DESCRIPTION .NOTES - Version: 0.8.1 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -86,7 +86,7 @@ function Get-AbrDomainSection { if ($InfoLevel.Domain -ge 2) { $RolesObj = foreach ($DC in $DCs) { - $DCStatus = Test-Connection -ComputerName $DC -Quiet -Count 2 + $DCStatus = Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue if (-Not $DCStatus) { Write-PScriboMessage -IsWarning "Unable to connect to $DC. Removing it from the $Domain report" } @@ -104,7 +104,7 @@ function Get-AbrDomainSection { if ($HealthCheck.DomainController.Diagnostic) { try { $DCDiagObj = foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { Get-AbrADDCDiag -Domain $Domain -DC $DC } } @@ -122,7 +122,7 @@ function Get-AbrDomainSection { } try { $ADInfraServices = foreach ($DC in $DCs) { - if (Test-Connection -ComputerName $DC -Quiet -Count 2) { + if (Test-WSMan -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ComputerName $DC -ErrorAction SilentlyContinue) { Get-AbrADInfrastructureService -DC $DC } } diff --git a/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 b/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 index 3fad7c0..5747788 100644 --- a/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 +++ b/Src/Public/Invoke-AsBuiltReport.Microsoft.AD.ps1 @@ -5,7 +5,7 @@ function Invoke-AsBuiltReport.Microsoft.AD { .DESCRIPTION Documents the configuration of Microsoft AD in Word/HTML/Text formats using PScribo. .NOTES - Version: 0.8.1 + Version: 0.9.0 Author: Jonathan Colon Twitter: @jcolonfzenpr Github: rebelinux @@ -21,10 +21,20 @@ function Invoke-AsBuiltReport.Microsoft.AD { [PSCredential] $Credential ) - Write-PScriboMessage -IsWarning "Please refer to the AsBuiltReport.Microsoft.AD github website for more detailed information about this project." - Write-PScriboMessage -IsWarning "Do not forget to update your report configuration file after each new release." - Write-PScriboMessage -IsWarning "Documentation: https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD" - Write-PScriboMessage -IsWarning "Issues or bug reporting: https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/issues" + #Requires -Version 5.1 + #Requires -PSEdition Desktop + #Requires -RunAsAdministrator + + if ($psISE) { + Write-Error -Message "You cannot run this script inside the PowerShell ISE. Please execute it from the PowerShell Command Window." + break + } + + Write-PScriboMessage -Plugin "Module" -IsWarning "Please refer to the AsBuiltReport.Microsoft.AD github website for more detailed information about this project." + Write-PScriboMessage -Plugin "Module" -IsWarning "Do not forget to update your report configuration file after each new release." + Write-PScriboMessage -Plugin "Module" -IsWarning "Documentation: https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD" + Write-PScriboMessage -Plugin "Module" -IsWarning "Issues or bug reporting: https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/issues" + Write-PScriboMessage -Plugin "Module" -IsWarning "This project is community maintained and has no sponsorship from Microsoft, its employees or any of its affiliates." Try { $InstalledVersion = Get-Module -ListAvailable -Name AsBuiltReport.Microsoft.AD -ErrorAction SilentlyContinue | Sort-Object -Property Version -Descending | Select-Object -First 1 -ExpandProperty Version @@ -41,14 +51,6 @@ function Invoke-AsBuiltReport.Microsoft.AD { Write-PScriboMessage -IsWarning $_.Exception.Message } - $currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent()) - - if (-not $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { - - throw "The requested operation requires elevation: Run PowerShell console as administrator" - } - - #Validate Required Modules and Features $OSType = (Get-ComputerInfo).OsProductType if ($OSType -eq 'WorkStation') { @@ -87,13 +89,29 @@ function Invoke-AsBuiltReport.Microsoft.AD { #---------------------------------------------------------------------------------------------# foreach ($System in $Target) { + if (Select-String -InputObject $System -Pattern "^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$") { + throw "Please use the FQDN instead of an IP address to connect to the Domain Controller: $System" + } + Try { - Write-PScriboMessage "Connecting to Domain Controller Server '$System'." + Write-PScriboMessage "Connecting to Domain Controller through PSSession $System" $script:TempPssSession = New-PSSession $System -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ErrorAction Stop -Name "Global:TempPssSession" - $script:TempCIMSession = New-CimSession $System -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ErrorAction Stop -Name "Global:TempCIMSession" + } Catch { + throw "Unable to connect to the Domain Controller through PSSession: $System" + } + + Try { + Write-PScriboMessage "Connecting to Domain Controller through CimSession '$System'." + $script:TempCIMSession = New-CimSession $System -Credential $Credential -Authentication $Options.PSDefaultAuthentication -ErrorAction Continue -Name "Global:TempCIMSession" + } Catch { + Write-PScriboMessage -IsWarning "Unable to connect to the Domain Controller through CimSession: $System" + } + + Try { + Write-PScriboMessage "Connecting to get Forest information from Domain Controller '$System'." $script:ADSystem = Invoke-Command -Session $TempPssSession { Get-ADForest -ErrorAction Stop } } Catch { - throw "Unable to connect to the Domain Controller: $System" + throw "Unable to get Forest information from Domain Controller: $System" } $script:ForestInfo = $ADSystem.RootDomain.toUpper() @@ -113,13 +131,18 @@ function Invoke-AsBuiltReport.Microsoft.AD { # PKI Section Get-AbrPKISection - # Remove used PSSession - Write-PScriboMessage "Clearing PowerShell Session $($TempPssSession.Id)" - Remove-PSSession -Session $TempPssSession + if ($TempPssSession) { + # Remove used PSSession + Write-PScriboMessage "Clearing PowerShell Session $($TempPssSession.Id)" + Remove-PSSession -Session $TempPssSession + } + + if ($TempCIMSession) { + # Remove used CIMSession + Write-PScriboMessage "Clearing CIM Session $($TempCIMSession.Id)" + Remove-CimSession -CimSession $TempCIMSession + } - # Remove used CIMSession - Write-PScriboMessage "Clearing CIM Session $($TempCIMSession.Id)" - Remove-CimSession -CimSession $TempCIMSession }#endregion foreach loop }