Two other non data gathering scripts I should mention. These were for very specific use cases.
AddUsersToSecurityGroup - This will add users in an OU tree to a specified AD security group. Comes in handy for those large, nasty, very deep OU structures. Customer wanted to add all users in an OU and all sub OUs to a security group. Problem was that the OU tree at that level had over 600 sub OUs. This is a very simple script that adds every user account found (they didn't want me exclude disabled accounts) CreateGPOFromCSV (can't remember what I actually named it) - for the rare time when a GPO is corrupt and can't be restored or imported but you do have the registry.pol file from the Machine and or User side of the policy (basically the administrative templates and a few other sections). Uses GPOGuy's polviewer utility to open the registry.pol file and export the settings to CSV. Script takes the CSV and creates a new (uncorrupted) GPO. If the original GPO had both Machine and User settings, run the script twice and the policy is created the first run and updated the second run. I have actually had to use this script on a couple of projects lately. Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> ________________________________ From: [email protected] <[email protected]> on behalf of Webster <[email protected]> Sent: Wednesday, February 3, 2016 2:25 PM To: [email protected] Subject: [NTSysADM] New PowerShell scripts being developed I do a lot of basic AD Assessments and am starting to create scripts to automate a lot of the data gathering. The customers (with good admins who like to automate) want the scripts to be able to run as a scheduled task and then email them the results. If you would like to help test any of the scripts, please send me an email OFF LIST. [email protected] GetGposWithInvalidSIDs - Finds GPOs with invalid SIDs in Security Filtering and Delegation GetGPOsWithDenies - Finds all GPOs with Denies set in Delegation (still in progress) GetMissingSubnets - Finds missing subnets (IP Addresses) from the NetLogon.log file from all DCs in a domain Right now, scripts have hard coded values which you will need to change. The public version of the scripts will have full help text and all necessary parameters. I will change the scripts when I get home next week. Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/>
