So, since I’ve been going down the “audit new and existing clients” trail at work, I’ve been venturing into PowerShell to pull the obvious things so I can see what’s going on in brief at a client.
Yes, we do have existing paid software that can do this, but to give you an idea it took Network Detective twelve hours to run and the report writing has been churning for another 24 so far and it’s still not done.
It’s definitely still a work in progress, but it’s up at https://github.com/Kleines/ScriptTheWorld - so far it:
- Pulls all GPOs and performs analysis of possible optimizations (disabling user and/or computer halves, finds unlinked, etc.)
- Looks at all users and dumps out unexpiring passwords, disabled user accounts, and password not required
- Dumps out all groups, then separates to mail-enabled, empty, and nested groups
- Polls for all DHCP servers and PKI installations
- And finally, polls for all AD computers’ and their OS.
The stale users report doesn’t work yet.
Feel free to pull and add your own stuff.