Microsoft AD Report 0.5.0 (#13)

* Added CA Section

* Updated sample html report

* Added ShowDefinitionInfo Variable also delete unfinished sections

* Fix try/catch logic

* Added Site Subnet Section

* Fix Minor Heading Text

* Added Domain Controller DNS IP Configuration

* Added Zone Transfers also fix Heading and empty content

* Added GPO Central Store Repository

* added ShowDefinitionInfo variable to main report also fix heading text

* Added ShowDefinitionInfo content to ReadMe file

* Added v0.5.0 changes

Author: rebelinux

AsBuiltReport.Microsoft.AD.json

@@ -9,16 +9,14 @@
         "ShowTableCaptions": true
     },
     "Options": {
-
+        "ShowDefinitionInfo": false
     },
     "InfoLevel": {
         "_comment_": "0 = Disabled, 1 = Enabled, 2 = Adv Summary, 3 = Detailed",
         "Forest": 1,
         "Domain": 1,
         "DHCP": 1,
-        "DNS": 1,
-        "CA": 0,
-        "Security": 0
+        "DNS": 1
     },
     "HealthCheck": {
         "Domain": {
@@ -27,19 +25,24 @@
         },
         "DomainController": {
             "Diagnostic": true,
-            "Services": true
+            "Services": true,
+            "Software": true
         },
         "Site": {
             "Replication": true
         },
         "DNS": {
-            "Aging": true
+            "Aging": true,
+            "DP": true
         },
         "DHCP": {
             "Summary": true,
             "Credential": true,
             "Statistics": true,
             "BP": true
+        },
+        "CA": {
+            "Status": true
         }
     }
 }

CHANGELOG.md

@@ -1,5 +1,26 @@
 # :arrows_counterclockwise: Microsoft AD As Built Report Changelog
 
+## [0.5.0] - 2021-10-29
+
+### Added
+
+- Added ShowDefinitionInfo Option (Allows the user to choose whether to enable AD term explanations.)
+- Explanation of the ShowDefinitionInfo option has been added to the ReadMe file.
+- Added Dynamic DNS Credentials Health Check.
+- Added updated HTML Sample Report.
+
+### Changed
+
+- The spelling of the section title has been revised.
+- Moved DNS Zone section to InfoLevel 2.
+- Moved Role and Feature section to InfoLevel 3.
+- Removed Unused InfoLevels (CA & Security).
+
+### Fixed
+
+- Fix try/catch error messages (globally)
+- Fix try/catch logic on the DNS Section (Fix [#11](https://github.com/AsBuiltReport/AsBuiltReport.Microsoft.AD/issues/11))
+
 ## [0.4.0] - 2021-10-08
 
 ### Added

README.md

@@ -141,6 +141,11 @@ The **Report** schema provides configuration of the Microsoft AD report informat
 
 The **Options** schema allows certain options within the report to be toggled on or off.
 
+| Sub-Schema      | Setting      | Default | Description                                                                                                                                                                                 |
+|-----------------|--------------|---------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| ShowDefinitionInfo | true/false  | false    | Toggle to enable/disable Microsoft AD term explanations
+
+
 ### InfoLevel
 
 The **InfoLevel** schema allows configuration of each section of the report at a granular level. The following sections can be set.

Samples/Sample Microsoft AD As Built Report.html

@@ -0,0 +1,70 @@
+function Get-AbrADCARoot {
+    <#
+    .SYNOPSIS
+    Used by As Built Report to retrieve Microsoft Active Directory Root Certification Authority information.
+    .DESCRIPTION
+
+    .NOTES
+        Version:        0.5.0
+        Author:         Jonathan Colon
+        Twitter:        @jcolonfzenpr
+        Github:         rebelinux
+    .EXAMPLE
+
+    .LINK
+
+    #>
+    [CmdletBinding()]
+    param (
+    )
+
+    begin {
+        Write-PscriboMessage "Collecting AD Certification Authority Per Domain information."
+    }
+
+    process {
+        try {
+            Section -Style Heading3 "$($ForestInfo.toUpper()) Enterprise Root Certificate Authority" {
+                Paragraph "The following section provides the  of the DHCP servers IPv6 Scope Server Options information."
+                BlankLine
+                $OutObj = @()
+                Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())."
+                $CAs = Get-CertificationAuthority -Enterprise | Where-Object {$_.IsRoot -eq 'True'}
+                foreach ($CA in $CAs) {
+                    Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
+                    Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
+                    $inObj = [ordered] @{
+                        'CA Name' = $CA.DisplayName
+                        'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
+                        'Type' = $CA.Type
+                        'Config String' = $CA.ConfigString
+                        'Operating System' = $CA.OperatingSystem
+                        'Certificate' = $CA.Certificate
+                        'Status' = $CA.ServiceStatus
+                    }
+                    $OutObj += [pscustomobject]$inobj
+                }
+
+                if ($HealthCheck.CA.Status) {
+                    $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
+                }
+
+                $TableParams = @{
+                    Name = "Certification Authority Summary Information - $($ForestInfo.ToString().ToUpper())"
+                    List = $true
+                    ColumnWidths = 40, 60
+                }
+                if ($Report.ShowTableCaptions) {
+                    $TableParams['Caption'] = "- $($TableParams.Name)"
+                }
+                $OutObj | Table @TableParams
+            }
+        }
+        catch {
+            Write-PscriboMessage -IsWarning $_.Exception.Message
+        }
+    }
+
+    end {}
+
+}

Src/Private/Get-AbrADCARoot.ps1

@@ -0,0 +1,75 @@
+function Get-AbrADCAPerDomain {
+    <#
+    .SYNOPSIS
+    Used by As Built Report to retrieve Microsoft Active Directory Subordinate Certification Authority information.
+    .DESCRIPTION
+
+    .NOTES
+        Version:        0.5.0
+        Author:         Jonathan Colon
+        Twitter:        @jcolonfzenpr
+        Github:         rebelinux
+    .EXAMPLE
+
+    .LINK
+
+    #>
+    [CmdletBinding()]
+    param (
+        [Parameter (
+            Position = 0,
+            Mandatory)]
+            [string]
+            $Domain,
+            $Session,
+            [string]
+            $Server
+    )
+
+    begin {
+        Write-PscriboMessage "Collecting AD Certification Authority Per Domain information."
+    }
+
+    process {
+        $OutObj = @()
+        if ($Domain) {
+            foreach ($Item in $Domain) {
+                Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())."
+                $CAs =  Get-CertificationAuthority -Enterprise
+                foreach ($CA in $CAs) {
+                    Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
+                    try {
+                        Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
+                        $inObj = [ordered] @{
+                            'CA Name' = $CA.DisplayName
+                            'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
+                            'Type' = $CA.Type
+                            'Status' = $CA.ServiceStatus
+                        }
+                        $OutObj += [pscustomobject]$inobj
+                    }
+                    catch {
+                        Write-PscriboMessage -IsWarning $_.Exception.Message
+                    }
+                }
+            }
+
+            if ($HealthCheck.CA.Status) {
+                $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
+            }
+
+            $TableParams = @{
+                Name = "Certification Authority Summary Information - $($ForestInfo.ToString().ToUpper())"
+                List = $false
+                ColumnWidths = 33, 33, 22, 12
+            }
+            if ($Report.ShowTableCaptions) {
+                $TableParams['Caption'] = "- $($TableParams.Name)"
+            }
+            $OutObj | Table @TableParams
+        }
+    }
+
+    end {}
+
+}

Src/Private/Get-AbrADCASubordinate.ps1

@@ -0,0 +1,65 @@
+function Get-AbrADCASummary {
+    <#
+    .SYNOPSIS
+    Used by As Built Report to retrieve Microsoft AD Certification Authority information.
+    .DESCRIPTION
+
+    .NOTES
+        Version:        0.5.0
+        Author:         Jonathan Colon
+        Twitter:        @jcolonfzenpr
+        Github:         rebelinux
+    .EXAMPLE
+
+    .LINK
+
+    #>
+    [CmdletBinding()]
+    param (
+    )
+
+    begin {
+        Write-PscriboMessage "Collecting AD Certification Authority information."
+    }
+
+    process {
+        $OutObj = @()
+        if ($ForestInfo) {
+            Write-PscriboMessage "Discovering Active Directory Certification Authority information in $($ForestInfo.toUpper())."
+            $CAs =  Get-CertificationAuthority -Enterprise
+            foreach ($CA in $CAs) {
+                Write-PscriboMessage "Discovered '$(($CAs | Measure-Object).Count)' Active Directory Certification Authority in domain $ForestInfo."
+                try {
+                    Write-PscriboMessage "Collecting AD Certification Authority Summary information of $CA."
+                    $inObj = [ordered] @{
+                        'CA Name' = $CA.DisplayName
+                        'Server Name' = $CA.ComputerName.ToString().ToUpper().Split(".")[0]
+                        'Type' = $CA.Type
+                        'Status' = $CA.ServiceStatus
+                    }
+                    $OutObj += [pscustomobject]$inobj
+                }
+                catch {
+                    Write-PscriboMessage -IsWarning $_.Exception.Message
+                }
+            }
+        }
+
+        if ($HealthCheck.CA.Status) {
+            $OutObj | Where-Object { $_.'Service Status' -notlike 'Running'} | Set-Style -Style Critical -Property 'Service Status'
+        }
+
+        $TableParams = @{
+            Name = "Certification Authority Summary Information - $($ForestInfo.ToString().ToUpper())"
+            List = $false
+            ColumnWidths = 33, 33, 22, 12
+        }
+        if ($Report.ShowTableCaptions) {
+            $TableParams['Caption'] = "- $($TableParams.Name)"
+        }
+        $OutObj | Table @TableParams
+    }
+
+    end {}
+
+}

Src/Private/Get-AbrADCASummary.ps1

@@ -5,7 +5,7 @@ function Get-AbrADDCDiag {
     .DESCRIPTION
 
     .NOTES
-        Version:        0.4.0
+        Version:        0.5.0
         Author:         Jonathan Colon
         Twitter:        @jcolonfzenpr
         Github:         rebelinux
@@ -60,8 +60,7 @@ function Get-AbrADDCDiag {
                 $OutObj | Table @TableParams
             }
             catch {
-                Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation."
-                Write-PScriboMessage -IsDebug $_.Exception.Message
+                Write-PscriboMessage -IsWarning $_.Exception.Message
             }
         }
     }

Src/Private/Get-AbrADDCDiag.ps1

@@ -5,7 +5,7 @@ function Get-AbrADDCRoleFeature {
     .DESCRIPTION
 
     .NOTES
-        Version:        0.4.0
+        Version:        0.5.0
         Author:         Jonathan Colon
         Twitter:        @jcolonfzenpr
         Github:         rebelinux
@@ -42,7 +42,7 @@ function Get-AbrADDCRoleFeature {
                     $Features = Invoke-Command -Session $DCPssSession -ScriptBlock {Get-WindowsFeature | Where-Object {$_.installed -eq "True"}}
                     Remove-PSSession -Session $DCPssSession
                     foreach ($Feature in $Features) {
-                        Write-PscriboMessage "Collecting Domain Controller Role & Features on $DC."
+                        Write-PscriboMessage "Collecting DC Role & Features: $($Feature.DisplayName) on $DC."
                         $inObj = [ordered] @{
                             'Name' = $Feature.DisplayName
                             'Parent' = $Feature.FeatureType
@@ -64,8 +64,7 @@ function Get-AbrADDCRoleFeature {
             }
         }
         catch {
-            Write-PscriboMessage -IsWarning "Error: Connecting to remote server $DC failed: WinRM cannot complete the operation."
-            Write-PScriboMessage -IsDebug $_.Exception.Message
+            Write-PscriboMessage -IsWarning "$($_.Exception.Message) (Role & Features)"
         }
     }