Add functions

Author: SamErde

Active Directory/Domain Services/Check all DCs.ps1

@@ -0,0 +1,7 @@
+#WIP
+
+# Get all DC records and test them for connectivity
+Get-ADDomainController -Filter * | Sort-Object Name | Format-Table Name, Enabled, IsGlobalCatalog, ComputerObjectDN
+foreach ($dc in $dcs) {
+    Test-NetConnection $dc.DnsHostname | Select-Object ComputerName, RemoteAddress, PingSucceeded | Format-Table
+}

Active Directory/Domain Services/Get-ADForestBackups.ps1

@@ -0,0 +1,42 @@
+Get-ADForestDomainControllerBackups {
+    <#
+    .SYNOPSIS
+    Get the last backup date of Active Directory domain controllers in the forest.
+
+    .DESCRIPTION
+    Get-ADForestDomainControllerBackups retrieves the last successful backup date of each domain controller in the forest.
+
+    .EXAMPLE
+    Get-ADForestDomainControllerBackups
+    Get the last backup date of all domain controllers in the forest.
+
+    .NOTES
+    Author: Sam Erde, Sentinel Technologies, Inc.
+    Version: 0.0.1
+    Modified: 2024-11-18
+    #>
+    [CmdletBinding()]
+    param ()
+
+    begin {
+        $ForestDomainControllers = foreach ($domain in (Get-ADForest).domains) {
+            Get-ADDomainController -Server $domain -Filter *
+        }
+    }
+    process {
+        foreach ($DC in $ForestDomainControllers) {
+            $DCName = Get-ADObject -Identity $DC.NTDSSettingsObjectDN -Properties *
+            $BackupTime = Get-ADObject -Identity $DCName -Properties BackupLastSuccessful
+            if ($backupTime.BackupLastSuccessful) {
+                "Last backup time for $($DC.Name): $($backupTime.BackupLastSuccessful)"
+            } else {
+                'No backup information available.'
+            }
+            #[PSCustomObject]@{
+            #    Hostname = $DC.HostName
+            #    LastBackupDate = $BackupDate
+            #}
+        }
+    }
+    end {}
+}

Active Directory/Domain Services/Get-ADSitesInDefaultLink.ps1

@@ -0,0 +1,10 @@
+Import-Module ActiveDirectory
+$sites = Get-ADReplicationSite -Filter *
+foreach ($site in $sites) {
+    $siteLinks = Get-ADReplicationSiteLink -Filter { SitesIncluded -match $($site.Name) }
+    [PSCustomObject]@{
+        SiteName  = $site.Name
+        SiteLinks = $siteLinks.Name -join ', '
+    }
+}
+Get-ADReplicationSiteLink -Filter 'SitesIncluded -contains "Default-First-Site-Name"' | Select-Object -ExpandProperty Name

Active Directory/Domain Services/Get-ADSitesWithoutLinks.ps1

@@ -0,0 +1,59 @@
+function Get-ADSitesWithoutLinks {
+    <#
+    .SYNOPSIS
+    Get all Active Directory sites that are not included in any site link.
+
+    .DESCRIPTION
+    Get-ADSitesWithoutLinks gets all Active Directory replication sites and site links, and then determines which sites are not included in any site link.
+
+    .EXAMPLE
+    Get-ADSitesWithoutLinks
+
+    .EXAMPLE
+    Get-AdSitesWithoutLinks | Format-Table @{Name = 'Site'; Expression = { $_.Key } }, @{Name = 'SiteLink[s]'; Expression = { $_.Value -join ', '}}
+
+    Format the output as a table with custom headers.
+
+    .NOTES
+    Author: Sam Erde, Sentinel Technologies, Inc.
+    Version: 0.0.1
+    Modified: 2024-11-18
+    #>
+    [CmdletBinding()]
+    param ( )
+
+    begin { }
+
+    process {
+        # Create an ordered dictionary hash table from $ADSites that stores the site name as the key and the site object as the value.
+        $ADSites = [ordered]@{}
+        foreach ($site in (Get-ADReplicationSite -Filter * -Properties * -ErrorAction SilentlyContinue | Sort-Object -Property Name)) {
+            $ADSites[$site.Name] = $site
+        }
+
+        $ADSiteLinks = Get-ADReplicationSiteLink -Filter * | Sort-Object -Property Name
+
+        $SiteLinkMap = [ordered]@{}
+        foreach ( $siteName in ($ADSites.GetEnumerator()).Name ) {
+
+            foreach ($link in $ADSiteLinks) {
+                foreach ($siteIncluded in $link.SitesIncluded) {
+                    if ( (Get-ADReplicationSite $siteIncluded).Name -eq $siteName ) {
+                        $SiteLinkMap[$SiteName] += "$($link).Name, " # need to remove the last comma and space from the last item
+                    }
+                }
+            }
+        }
+
+        foreach ($siteLink in $SiteLinkMap.GetEnumerator()) {
+            if ($null -eq $siteLink.Value) {
+                Write-Warning -Message "The site $($siteLink.Key) is not found in any site link."
+            }
+        }
+        #endregion Sites without SiteLinks
+    }
+
+    end {
+        $SiteLinkMap
+    }
+}

Active Directory/Domain Services/Get-DCTimeConfig.ps1

@@ -0,0 +1,36 @@
+# WIP
+
+# Check domain controllers' time sources.
+$DomainControllers = Get-ADDomainController -Filter *
+foreach ($DC in $DomainControllers) {
+    $TimeSource = w32tm /query /status /computer:$DC.HostName | Select-String 'Source'
+    [PSCustomObject]@{
+        Hostname   = $DC.HostName
+        TimeSource = $TimeSource -replace 'Source: ', ''
+    }
+}
+
+# Check the time settings on each domain controller using Get-CimInstance
+foreach ($DC in $DomainControllers) {
+    $TimeSettings = Get-CimInstance -ClassName Win32_TimeZone -ComputerName $DC.HostName
+    [PSCustomObject]@{
+        Hostname     = $DC.HostName
+        Caption      = $TimeSettings.Caption
+        Description  = $TimeSettings.Description
+        StandardName = $TimeSettings.StandardName
+        DaylightName = $TimeSettings.DaylightName
+    }
+}
+
+# Check the NTP server and Win32Time service status on each domain controller using Get-CimInstance
+foreach ($DC in $DomainControllers) {
+    $NTPServer = Get-CimInstance -ClassName Win32_ComputerSystem -ComputerName $DC.HostName | Select-Object -ExpandProperty DomainRole
+    $Win32TimeService = Get-CimInstance -ClassName Win32_Service -Filter "Name='w32time'" -ComputerName $DC.HostName
+
+    [PSCustomObject]@{
+        Hostname                  = $DC.HostName
+        NTPServer                 = $NTPServer
+        Win32TimeServiceState     = $Win32TimeService.State
+        Win32TimeServiceStartMode = $Win32TimeService.StartMode
+    }
+}

Active Directory/Domain Services/Get-DomainControllerLastBackup.ps1

@@ -0,0 +1,11 @@
+# WIP
+
+# Check the last backup date of Active Directory domain controllers
+foreach ($DC in $ForestDomainControllers) {
+    $BackupDate = Get-ADObject -Filter { ObjectClass -eq 'msDS-LastSuccessfulBackup' } -SearchBase "CN=NTDS Settings,CN=$($DC.Name),CN=Servers,CN=$($DC.Site),CN=Sites,CN=Configuration,$((Get-ADRootDSE).ConfigurationNamingContext)" -Property msDS-LastSuccessfulBackup | Select-Object -ExpandProperty msDS-LastSuccessfulBackup
+
+    [PSCustomObject]@{
+        Hostname       = $DC.HostName
+        LastBackupDate = $BackupDate
+    }
+}

Active Directory/Domain Services/Get-FSMORoleDetails.ps1

@@ -0,0 +1,15 @@
+#WIP
+
+# Get the hostname and AD site location of domain controllers that hold the AD FSMO roles.
+$FSMORoles = Get-ADForest | Select-Object -ExpandProperty SchemaMaster, DomainNamingMaster
+$FSMORoles += Get-ADDomain | Select-Object -ExpandProperty PDCEmulator, RIDMaster, InfrastructureMaster
+
+# Get the details of each FSMO role holder
+foreach ($role in $FSMORoles) {
+    $DC = Get-ADDomainController -Identity $role
+    [PSCustomObject]@{
+        Hostname  = $DC.HostName
+        IPAddress = $DC.IPAddress
+        ADSite    = $DC.Site
+    }
+}

DDI/Get-ServiceRecords.ps1

@@ -0,0 +1,13 @@
+# WIP
+
+# Get all DNS zones
+$zones = Get-DnsServerZone -ComputerName (Get-Domain) | Where-Object { $_.ZoneType -eq 'Primary' }
+
+# Loop through each zone and get SRV records
+foreach ($zone in $zones) {
+    $srvRecords = Get-DnsServerResourceRecord -ZoneName $zone.ZoneName -RRType SRV | Where-Object { $_.HostName -notmatch 'ldap' -and $_.HostName -notmatch 'gc' -and $_.HostName -notmatch 'kerberos' }
+    foreach ($record in $srvRecords) {
+        Write-Host "Name: $($record.HostName), Target: $($record.RecordData.Target), Port: $($record.RecordData.Port), Priority: $($record.RecordData.Priority), Weight: $($record.RecordData.Weight)"
+        Write-Host "$zone"
+    }
+}