Merge pull request #204 from AsBuiltReport/dev

v0.9.4] public release

Author: rebelinux

.github/workflows/PSScriptAnalyzerSettings.psd1

@@ -1,6 +1,7 @@
 @{
     ExcludeRules = @(
         'PSUseToExportFieldsInManifest'
+        'PSAvoidUsingWriteHost'
     )
     Rules = @{
         PSAvoidExclaimOperator = @{
@@ -12,5 +13,11 @@
         UseCorrectCasing = @{
             Enable = $true
         }
+        PSAvoidUsingCmdletAliases = @{
+            Enable = $true
+        }
+        PSUseConsistentWhitespace = @{
+            Enable = $true
+        }
     }
 }

.github/workflows/Release.yml

@@ -41,29 +41,29 @@ jobs:
         shell: pwsh
         run: |
           Publish-Module -Path ./ -NuGetApiKey ${{ secrets.PSGALLERY_API_KEY }} -Verbose
-  tweet:
-    needs: publish-to-gallery
-    runs-on: ubuntu-latest
-    steps:
-      - uses: Eomm/why-don-t-you-tweet@v2
-        # We don't want to tweet if the repository is not a public one
-        if: ${{ !github.event.repository.private }}
-        with:
-          # GitHub event payload
-          # https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#release
-          tweet-message: "[New Release] ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}! Check out what's new! ${{ github.event.release.html_url }} #Microsoft #ActiveDirectory #AsBuiltReport #PowerShell #MicrosoftMVP #MVPBuzz #cybersecurity #infosec"
-        env:
-          TWITTER_CONSUMER_API_KEY: ${{ secrets.TWITTER_CONSUMER_API_KEY }}
-          TWITTER_CONSUMER_API_SECRET: ${{ secrets.TWITTER_CONSUMER_API_SECRET }}
-          TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
-          TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
-  bsky-post:
-    needs: publish-to-gallery
-    runs-on: ubuntu-latest
-    steps:
-      - uses: zentered/bluesky-post-action@v0.1.0
-        with:
-          post: "[New Release] ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}! Check out what's new! ${{ github.event.release.html_url }} #Microsoft #ActiveDirectory #AsBuiltReport #PowerShell #MicrosoftMVP #MVPBuzz #cybersecurity #infosec"
-        env:
-          BSKY_IDENTIFIER: ${{ secrets.BSKY_IDENTIFIER }}
-          BSKY_PASSWORD: ${{ secrets.BSKY_PASSWORD }}
+  # tweet:
+  #   needs: publish-to-gallery
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: Eomm/why-don-t-you-tweet@v2
+  #       # We don't want to tweet if the repository is not a public one
+  #       if: ${{ !github.event.repository.private }}
+  #       with:
+  #         # GitHub event payload
+  #         # https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#release
+  #         tweet-message: "[New Release] ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}! Check out what's new! ${{ github.event.release.html_url }} #Microsoft #ActiveDirectory #AsBuiltReport #PowerShell #MicrosoftMVP #MVPBuzz #cybersecurity #infosec"
+  #       env:
+  #         TWITTER_CONSUMER_API_KEY: ${{ secrets.TWITTER_CONSUMER_API_KEY }}
+  #         TWITTER_CONSUMER_API_SECRET: ${{ secrets.TWITTER_CONSUMER_API_SECRET }}
+  #         TWITTER_ACCESS_TOKEN: ${{ secrets.TWITTER_ACCESS_TOKEN }}
+  #         TWITTER_ACCESS_TOKEN_SECRET: ${{ secrets.TWITTER_ACCESS_TOKEN_SECRET }}
+  # bsky-post:
+  #   needs: publish-to-gallery
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: zentered/bluesky-post-action@v0.2.0
+  #       with:
+  #         post: "[New Release] ${{ github.event.repository.name }} ${{ github.event.release.tag_name }}! Check out what's new! ${{ github.event.release.html_url }} #Microsoft #ActiveDirectory #AsBuiltReport #PowerShell #MicrosoftMVP #MVPBuzz #cybersecurity #infosec"
+  #       env:
+  #         BSKY_IDENTIFIER: ${{ secrets.BSKY_IDENTIFIER }}
+  #         BSKY_PASSWORD: ${{ secrets.BSKY_PASSWORD }}

.github/workflows/Stale.yml

@@ -0,0 +1,18 @@
+name: 'Close stale issues and PRs'
+on:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v9
+        with:
+          stale-issue-message: 'This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.'
+          days-before-stale: 30
+          days-before-close: 7
+          exempt-pr-labels: 'help wanted,enhancement,security,pinned'
+          stale-pr-label: 'wontfix'
+          stale-issue-label: 'wontfix'
+          exempt-issue-labels: 'help wanted,enhancement,security,pinned'

AsBuiltReport.Microsoft.AD.json

@@ -21,7 +21,26 @@
         "WinRMSSL": false,
         "WinRMFallbackToNoSSL": true,
         "WinRMSSLPort": 5986,
-        "WinRMPort": 5985
+        "WinRMPort": 5985,
+        "EnableDiagrams": true,
+        "EnableDiagramDebug": false,
+        "DiagramTheme": "White",
+        "DiagramObjDebug": false,
+        "DiagramWaterMark": "",
+        "DiagramType": {
+            "CertificateAuthority": false,
+            "Forest": false,
+            "Sites": false,
+            "SitesInventory": false,
+            "Trusts": false
+        },
+        "ExportDiagrams": false,
+        "ExportDiagramsFormat": [
+            "png"
+        ],
+        "EnableDiagramSignature": false,
+        "SignatureAuthorName": "",
+        "SignatureCompanyName": ""
     },
     "InfoLevel": {
         "_comment_": "0 = Disabled, 1 = Enabled, 2 = Adv Summary, 3 = Detailed",
@@ -56,12 +75,11 @@
             "DP": true,
             "Zones": true,
             "BestPractice": true
-
         },
         "CA": {
             "Status": true,
             "Statistics": true,
             "BestPractice": true
         }
     }
-}
+}

AsBuiltReport.Microsoft.AD.psd1

@@ -12,7 +12,7 @@
     RootModule = 'AsBuiltReport.Microsoft.AD.psm1'
 
     # Version number of this module.
-    ModuleVersion = '0.9.3'
+    ModuleVersion = '0.9.4'
 
     # Supported PSEditions
     # CompatiblePSEditions = @()
@@ -54,7 +54,7 @@
     RequiredModules = @(
         @{
             ModuleName = 'AsBuiltReport.Core';
-            ModuleVersion = '1.4.2'
+            ModuleVersion = '1.4.3'
         },
         @{
             ModuleName = 'PSPKI';
@@ -66,11 +66,11 @@
         },
         @{
             ModuleName = 'Diagrammer.Microsoft.AD';
-            ModuleVersion = '0.2.8'
+            ModuleVersion = '0.2.14'
         },
         @{
             ModuleName = 'Diagrammer.Core';
-            ModuleVersion = '0.2.15'
+            ModuleVersion = '0.2.24'
         }
 
     )

CHANGELOG.md

@@ -7,6 +7,45 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ##### This project is community maintained and has no sponsorship from Microsoft, its employees or any of its affiliates.
 
+## [0.9.4] - 2025-04-28
+
+### Added
+
+- Add a new section in Get-AbrDomainSection to retrieve and sort DCs while excluding specified ones, enhancing the overall structure and clarity of the script.
+- Add diagram options to configuration file for various sections.
+- Introduced Get-AbrDiagrammer function to generate diagrams in multiple formats.
+
+### Changed
+
+- Increase AsBuiltReport.Core to v1.4.3
+- Increase Diagrammer.Core minimum requirement
+- Increase Diagrammer.Microsoft.AD minumum requirement
+- Improve Get-ValidCimSession,Get-ValidPSSession to detect current connected DC
+  - Reuse the WinRM session
+  - Reuse the CIM session
+- Improve DNS settings retrieval by filtering only active network adapters in Get-AbrADDomainController function
+- Update Sample report
+- Improve Get-AbrADSite to handle cases where information cannot be collected from DCs, ensuring that the output remains informative and consistent.
+- Update existing functions to utilize new diagram features and handle domain status.
+- Improve error handling and reporting for offline domains and DCs.
+- Updated Get-AbrDNSSection to better handle domain status checks and improve logging clarity.
+- Refined Get-AbrDomainSection to ensure consistent domain information retrieval and improved error handling.
+- Updated Get-AbrADOU to utilize DNSRoot for domain references and improved error handling.
+- Modified Get-AbrADSecurityAssessment to enhance domain information retrieval and output formatting.
+- Enhanced Get-AbrADSiteReplication to streamline domain controller handling and improve logging messages.
+- Revised Get-AbrADTrust to ensure consistent use of DNSRoot and improved trust information retrieval.
+- Enhanced SharedUtilsFunctions to improve session management and error handling for WinRM connections.
+  - Get-ValidCIMSession
+  - Get-ValidPSSession
+
+### Fixed
+
+- Fix issue with WinRM connection setup in Domain Controller section
+
+### Removed
+
+- Remove DCDiag section as it is not functioning properly
+
 ## [0.9.3] - 2025-02-21
 
 ### Added

README.md

@@ -172,18 +172,30 @@ The **Report** schema provides configuration of the Microsoft AD report informat
 
 The **Options** schema allows certain options within the report to be toggled on or off.
 
-| Sub-Schema              | Setting            | Default   | Description                                                                                                               |
-| ----------------------- | ------------------ | --------- | ------------------------------------------------------------------------------------------------------------------------- |
-| ShowDefinitionInfo      | true/false         | False     | Toggle to enable/disable Microsoft AD term explanations                                                                   |
-| PSDefaultAuthentication | Negotiate/Kerberos | Negotiate | Allow to set the value of the PSRemoting authentication method. For Workgroup authentication Negotiate value is required. |
-| Exclude.Domains         | Array List         | Empty     | Allow to filter on AD Domain FQDN                                                                                         |
-| Exclude.DCs             | Array List         | Empty     | Allow to filter on AD Domain Controller Server FQDN.                                                                      |
-| Include.Domains         | Array List         | Empty     | Allow only a list of Active Directory Domain Controller FQDN to document.                                                 |
-| Include.DCs             | Array List         | Empty     | Allow only a list of Active Directory Domain FQDN to document.                                                            |
-| WinRMSSL                | Bool               | True      | Allow to enable SSL for WINRM connection                                                                                  |
-| WinRMFallbackToNoSSL | Bool               | True      | Allow to fallback to WINRM without SSL                                                                                    |
-| WinRMSSLPort            | Int                | 5986      | Allow to set tcp port for WinRM over SSL                                                                                  |
-| WinRMPort               | Int                | 5985      | Allow to set tcp port for WinRM                                                                                           |
+| Sub-Schema              | Setting            | Default   | Description                                                                   |
+| ----------------------- | ------------------ | --------- | ----------------------------------------------------------------------------- |
+| DiagramTheme            | string             | White     | Set the diagram theme (Black/White/Neon)                                      |
+| DiagramType             | true / false       | true      | Toggle to enable/disable the export of individual diagram diagrams            |
+| DiagramWaterMark        | string             | empty     | Set the diagram watermark                                                     |
+| EnableDiagrams          | true / false       | false     | Toggle to enable/disable infrastructure diagrams                              |
+| EnableDiagramsDebug     | true / false       | false     | Toggle to enable/disable diagram debug option                                 |
+| EnableDiagramSignature  | true / false       | false     | Toggle to enable/disable diagram signature (bottom right corner)              |
+| EnableHardwareInventory | true / false       | false     | Toggle to enable/disable hardware information                                 |
+| ExportDiagrams          | true / false       | true      | Toggle to enable/disable diagram export option                                |
+| ExportDiagramsFormat    | string array       | png       | Set the format used to export the infrastructure diagram (dot, png, pdf, svg) |
+| Exclude.DCs             | Array List         | Empty     | Allow to filter on AD Domain Controller Server FQDN.                          |
+| Exclude.Domains         | Array List         | Empty     | Allow to filter on AD Domain FQDN                                             |
+| Include.DCs             | Array List         | Empty     | Allow only a list of Active Directory Domain FQDN to document.                |
+| Include.Domains         | Array List         | Empty     | Allow only a list of Active Directory Domain Controller FQDN to document.     |
+| PSDefaultAuthentication | Negotiate/Kerberos | Negotiate | Allow to set the value of the PSRemoting authentication method.               |
+|                         |                    |           | For Workgroup authentication Negotiate value is required.                     |
+| ShowDefinitionInfo      | true/false         | False     | Toggle to enable/disable Microsoft AD term explanations                       |
+| SignatureAuthorName     | string             | empty     | Set the signature author name                                                 |
+| SignatureCompanyName    | string             | empty     | Set the signature company name                                                |
+| WinRMFallbackToNoSSL    | Bool               | True      | Allow to fallback to WINRM without SSL                                        |
+| WinRMPort               | Int                | 5985      | Allow to set tcp port for WinRM                                               |
+| WinRMSSL                | Bool               | True      | Allow to enable SSL for WINRM connection                                      |
+| WinRMSSLPort            | Int                | 5986      | Allow to set tcp port for WinRM over SSL                                      |
 
 
 ### InfoLevel