Windows - Setup an automated task that clear up Older log files automatically.
Windows Script - Fetching Ownership details, Inheritance status and NTFS Permissions of Root and all it's Subfolders
<# Created By Abhishek Bansal
Read Note
Script Usage - Useful in fetching Owners details, Inheritance status, NTFS Permissons of Parent / Root folder & all the sub folders.
Pre requisites :: Copy all the code into a text file, save it with an extension ".PS1".Once saved, run this script as Administrato / from ID that has access to the folders.
Execution & Outputs :: Once executed, there will be multiple Outifle files created which would be -
FolderInheritance.csv - Containing Root folder and subfolders Ownnership details along with inheritance status.
FolderACL.csv - Containing Root folder and subfolders NTFS permissions.
Along with above, Errorlogs.csv can also be produced if there are any errors encountered while executing this script.#>
$RootPath = Read-Host "Enter Full Absolute Path of the Root folder = "
$subfolders = Get-ChildItem -Path "$RootPath" -Filter * -Recurse -Directory | Select * #Listing all the Subfolders inside Root Path.
Get-Acl -Path $RootPath | Select-Object -Property @{n="Path";e={$RootPath}},Owner,@{n="Inheritance Blocked";e={$_.AreAccessRulesProtected}} | Export-Csv ./FolderInheritance.csv -NoTypeInformation -Append
(Get-Acl -Path $RootPath).Access | Select @{n="Path";e={$RootPath}},IdentityReference,FileSystemRights,AccessControlType | Export-Csv ./FolderACL.csv -NoTypeInformation -Append
foreach($Subfolder in $subfolders)
{
$Subfolderpath = $Subfolder.FullName
try{
Get-Acl -Path $Subfolderpath | Select-Object -Property @{n="Path";e={$Subfolderpath}},Owner,@{n="Inheritance Blocked";e={$_.AreAccessRulesProtected}} | Export-Csv ./FolderInheritance.csv -NoTypeInformation -Append
(Get-Acl -Path $Subfolderpath).Access | Select @{n="Path";e={$Subfolderpath}},IdentityReference,FileSystemRights,AccessControlType | Export-Csv ./FolderACL.csv -NoTypeInformation -Append
}
catch{
$Subfolderpath | Select @{n="Path";e={$Subfolderpath}},@{n="Errorinfo";e={"Path Not accessible."}} | Export-Csv ./Errorlogs.csv -NoTypeInformation -Append
}
}
AD Script - Fetching User's manager details from Active Directory
<#Created By - Abhishek Bansal
Read Note
Script Usage :: Fetching User details along with their Manager's name & email ID from AD.
Pre requisites :: Copy all the code into a text file, save it with an extension ".PS1". A file named Input.txt needs to be created, this file will be containing User Samaccount name. Once saved run it with Admin rights.
Execution & Outputs :: Output_.csv fill will be containing all the results. #>
function getdetails($mgrdn)
{
$mgrdata = Get-ADUser -Properties * -Filter{DistinguishedName -like $mgrdn} | Select Samaccountname,Name,EmailAddress
return $mgrdata
}
$inputuser = Get-Content ./Input.txt
$line = 0
$linecount = $inputuser.count
$percentagecomplete= 0
$filename = "Output_"+(Get-Date -Format "yyyy_MM_dd")+".csv"
foreach($userid in $inputuser)
{
$line++
$percentagecomplete = ($line / $linecount) * 100
$userid = $userid.trim()
Write-Progress -Activity "Checking Status.." -PercentComplete $percentagecomplete -Status "$line out of $linecount"
[String]$dn = (Get-ADUser -Properties * -Identity $userid).Manager
$managerdetails = getdetails -mgrdn "$dn"
$Error.Clear()
try
{
Get-ADUser -Properties * -Identity $userid | Select Samaccountname,Name,EmailAddress,co,@{n="Manager_Samaccountname";e={$managerdetails.Samaccountname}},@{n="Manger Name";e={$managerdetails.Name}},@{n="Manager Mail";e={$managerdetails.EmailAddress}} `
| Export-Csv ./$filename -NoTypeInformation -Append
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
$userid | Select @{n="Samaccountname";e={$userid}},@{n="Name";e={$Error.Exception.Message}},EmailAddress,co,@{n="Manager_Samaccountname";e={}},@{n="Manger Name";e={}},@{n="Manager Mail";e={}} `
| Export-Csv ./$filename -NoTypeInformation -Append
}
}
AD Script - Exporting AD Group Membership containing Large count of members
<#Created By - Abhishek Bansal
Read Note
Script Usage :: Fetching AD Group membership containing large number of members. There are cases where Get-ADGroupMember fails. ( More then 5K /6K ). Script is capable of exporting not only users objects but others too. ( Ex Groups ).
Pre requisites :: Copy all the code into a text file, save it with an extension ".PS1". Once saved run it with Admin rights.
Execution & Outputs :: User need to input AD Group name when prompt & results can be checked in Groupname_Membership.csv file. #>
$group = Read-Host "Enter AD Group Name = "
$dn = Get-ADGroup -Identity $group -Properties * | Select objectClass -ExpandProperty Member
$line = 0
$linecount = $dn.Count
$percentagecomplete= 0
foreach($row in $dn)
{
$line++
$percentagecomplete = ($line/$linecount)*100
$row = $row.trim()
Write-Progress -Activity "Checking Status.." -PercentComplete $percentagecomplete -Status "$line out of $linecount"
Get-ADObject -Properties * -Filter{DistinguishedName -like $row} | Select Name,Samaccountname,@{n="Member Category";e={$_.ObjectClass}} | Export-Csv ./$group.Membership.csv -NoTypeInformation -Append
}
AD Script - Remove Computer Objects from Active Directory
<#Created By - Abhishek Bansal
Script Usage - Deleting Computer Objects mentioned in Input.txt from AD.
Incase of Access Denied, run ISE as Administrator & make sure account used should have sufficient rights to delete a Computer Object.
For using it on any other server, just copy the entire folder, edit .ps1 into PS ISE & run it.
#>
$servers = Get-Content -Path .\Input.txt
$line = 0
$linecount = $servers.Count
$percentagecomplete= 0
$filename = "Output_"+(Get-Date -Format "yyyy_MM_dd")+".csv"
foreach($server in $servers)
{
$error.Clear()
$server = $server.trim()
$line++
$percentagecomplete = $line / $linecount * 100
Write-Progress -Activity "Removing Computer Objects.." -PercentComplete $percentagecomplete -Status "$line out of $linecount"
try{
Remove-ADComputer -Identity $server -Confirm:$false
$server | Select-Object -Property @{n="Computer Name";e={$server}},@{n="Status";e={("Deleted Succesfully")}} | Export-csv ./$filename -NoTypeInformation -Append
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
$server | Select-Object -Property @{n="Computer Name";e={$server}},@{n="Status";e={$error.exception.Message}} | Export-csv ./$filename -NoTypeInformation -Append
}
}