• Simplifed things and this works and gives me what I want.

    $CommonInternetKey = Invoke-Command -ComputerName $Computer -command {Get-ItemProperty -path "HKCU:SoftwareMicrosoftOffice16.0CommonInternet"}

    Also, you are correct on Profiles List from HKCU. Nothing to grabe there. Also, unable to parse HKEY_User for each value in $CommonInternetKey.

    I can get the GUID's by

    $hkeyUsersHIVE = [Microsoft.Win32.RegistryHive]::Users
    $hkeyUsers = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($hkeyUsersHIVE,$Computer)
    $hkeyUsersSubkeys = $hkeyUsers.GetSubKeyNames()
    $hkeyUsersSubkeys = $hkeyUsersSubkeys | Where{$_ -notmatch "Classes"}

    but trying to enumerte the $CommonInternetKey value from each one it elluding me. I can get it from HKCU and will have to settle for that I suppose.

     

     

     

  • Got it solved and don't know why I didn't do it earlier. Employing PSSession solves the problem. The value in UseRWHlinkNavigation is what I am looking for. However, not sure why I am getting an error on "Exit-PSSession" but that's not that big right now.

    Now I can enumerate all profiles on a remote computer by querying HKLM:SoftwareMicrosoftWindows NTCurrentVersionProfileList for all profile GUID's and then look to see if this value is present.

  • Got it solved and don't know why I didn't do it earlier. Employing PSSession solves the problem. The value in UseRWHlinkNavigation is what I am looking for. However, not sure why I am getting an error on "Exit-PSSession" but that's not that big right now.

    Now I can enumerate all profiles on a remote computer by querying HKLM:SoftwareMicrosoftWindows NTCurrentVersionProfileList for all profile GUID's and then look to see if this value is present.

  • OK, understood. But how do I do this? The reason for this is that I am build a script to audit the value of a registry on remote computers. I will have a list of Computers to check for a certain value to produce a report. How else would you do this. I have done this several times before without running into this.

  • These methods are not available.

    Methods not available

  • Seems simple and seen a lot of "complex" solutions but don't understand them. I am simply trying to get the data out of a remote computer registry. I can see the data but don't know how to retrieve it. What is the little secret to populate the Property info?

  • May be more than what you think you need, but trust me in large environments where group nesting has gone haywire, you need to be able to get a report on how many users are in a group.

    We had amateur admins granting access to data based upon a group not knowing that others were nested in the group. This caused a serious security breech since users in the nested groups were not supposed to have access to the data.

     

  • $ErrorActionPreference = "SilentlyContinue"
    
    #Create Encrypted Credentials in Needed #################################################################################################################################
    
    $Username = "adm.$env:username"
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    }
    
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring 
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password 
    
    ##########################################################################################################################################################################
    
    Function GetProxyPath {
    $i=0 
    $StartTime = Get-Date
    $NumberofComputers = $Computers.Count
    Write-Host "There are " -ForegroundColor Yellow -NoNewline
    Write-Host $NumberofComputers -ForegroundColor Red -NoNewline
    Write-Host " Computers in the list" -ForegroundColor Yellow
    Write-Host
    
    $i=0 
    $StartTime = Get-Date
    
        Foreach ($Computer in $Computers){    
        
        $PingResults = Test-Connection -Count 2 -Quiet -ComputerName $Computer
        $ComputerDetails = Get-ADComputer -Filter "Name -like '$Computer'" -Properties * -Credential $AdmAccount
        $Description = $ComputerDetails.Description
        $DistinguishedName = $ComputerDetails.DistinguishedName -creplace "^[^,]*,","" 
        $OrgUnit= $DistinguishedName.TrimEnd("DC=indyad,DC=local")
    
        $i++
        $SecondsElapsed = ((Get-Date) - $StartTime).TotalSeconds
        $SecondsRemaining = ($SecondsElapsed / ($i / $NumberofComputers)) - $SecondsElapsed
        Write-Progress -Activity "Getting IE Version on $($Computer) in $($OrgUnit): #$i of $($NumberofComputers)" -PercentComplete (($i/$($NumberofComputers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($i/$($NumberofComputers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
            If ($PingResults -ne "TRUE"){
                Write-Host
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan -NoNewline
                Write-Host " Is NOT Responding! Please check ASAP!" -ForegroundColor Red
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow            
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow  
                $ComputersDown = $Computer | Out-File "C:tempworkstations$CurrentDate Workstations Not Responding.txt" -Append
    
                $PCProxyPathAudit = New-Object PSObject
                $PCProxyPathAudit | Add-Member NoteProperty PingResults $PingResults
                $PCProxyPathAudit | Add-Member NoteProperty Computer $Computer
                $PCProxyPathAudit | Add-Member NoteProperty User $Description
                $PCProxyPathAudit | Add-Member NoteProperty OS $ComputerDetails.OperatingSystem
                $PCProxyPathAudit | Add-Member NoteProperty OrgUnit $OrgUnit
                $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL
                $PCProxyPathAudit | Add-Member NoteProperty OriginalIEVersion $IEInfo.Version
                $PCProxyPathAudit | Add-Member NoteProperty CurrentIEVersion $IEInfo.svcVersion
                $PCProxyPathAudit | Export-Csv -Path "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv" -NoTypeInformation -Append
            }
    
            Elseif ($PingResults -eq "TRUE"){ 
    
            Enter-PSSession -ComputerName $Commputer -Credential $AdmAccount
    
                $ProxyAutoConfigURL =Get-ItemProperty -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings" | Select AutoConfigURL -ExpandProperty AutoConfigURL       
                $IEInfo = Get-ItemProperty "HKLM:SOFTWAREMicrosoftInternet Explorer" 
                $IEVersion = $IEInfo.svcVersion
    
                Write-Host
                        
                Write-Host
                Write-Host "Computer - " -ForegroundColor Green -NoNewline
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan
    
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow
                
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow        
                
                Write-Host "Proxy Path Settings - " -ForegroundColor Green -NoNewline
                
                If (!$ProxyAutoConfigURL){Write-Host "No Proxy Path URL Received" -ForegroundColor Yellow}
    
                ElseIf($ProxyAutoConfigURL -notmatch "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Red}
    
                ElseIf($ProxyAutoConfigURL -match "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Cyan}    
                
                Write-Host "Original IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.Version -ForegroundColor Yellow  
                Write-Host "Current IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcVersion -ForegroundColor Cyan
                Write-Host "Windows Update KB Article - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcKBNumber -ForegroundColor Magenta
    
            Exit-PSSession 
    
                $PCProxyPathAudit = New-Object PSObject
                $PCProxyPathAudit | Add-Member NoteProperty PingResults $PingResults
                $PCProxyPathAudit | Add-Member NoteProperty Computer $Computer
                $PCProxyPathAudit | Add-Member NoteProperty User $Description
                $PCProxyPathAudit | Add-Member NoteProperty OS $ComputerDetails.OperatingSystem
                $PCProxyPathAudit | Add-Member NoteProperty OrgUnit $OrgUnit
                $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL
                $PCProxyPathAudit | Add-Member NoteProperty OriginalIEVersion $IEInfo.Version
                $PCProxyPathAudit | Add-Member NoteProperty CurrentIEVersion $IEInfo.svcVersion
                $PCProxyPathAudit | Export-Csv -Path "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv" -NoTypeInformation -Append
                
                 
            }      
            
            Clear-Variable Computer
            Clear-Variable ComputerDetails
            Clear-Variable InternetSettings
            Clear-Variable OrgUnit
            Clear-Variable PingResults
            Clear-Variable Description
            Clear-Variable ProxyAutoConfigURL
            Clear-Variable IEInfo
            
        }
    }
    
    CLS
    
    Write-Host "IE Version Audit" -ForegroundColor Cyan
    Write-Host "________________" -ForegroundColor Cyan
    Write-Host " "
    
    
    $CurrentDate = Get-Date 
    $StartDate = Get-date -Format F
    
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    Write-Host $StartDate -ForegroundColor Yellow
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
    
    Do {
      
        Write-Host "Do you want to check against one System, a List, Org Unit, or all Domain?" -ForegroundColor Yellow
        Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
        Write-Host " 1 " -NoNewline
        Write-Host "for just one ," -ForegroundColor Yellow -NoNewline 
        Write-Host " 2 " -NoNewline
        Write-Host "for list," -ForegroundColor Yellow -NoNewline  
        Write-Host " 3 " -NoNewline
        Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
        Write-Host " 4 " -NoNewline
        Write-Host "for Domain)" -ForegroundColor Yellow
    
    
        $Answer = Read-Host
    
            while("1","2","3","4" -notcontains $Answer){
            Write-Host "1, 2, 3, or 4 Please!" -ForegroundColor Red
            $Answer = Read-Host 
            }
    
    
    Switch ($Answer){
    
        1{
    
            Write-Host "Enter the name of the System you want to check?" -ForegroundColor Yellow
            $Computer = Read-Host
            $Computers = Get-ADComputer -Filter "Name -like '$Computer*'" -Credential $AdmAccount| select Name -ExpandProperty Name
                    
        }
    
        2{
            [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog.FilterIndex = 0
            $dialog.InitialDirectory = "C:TempServersLists"
            $dialog.Multiselect = $false
            $dialog.RestoreDirectory = $true
            $dialog.Title = "Select a script file"
            $dialog.ValidateNames = $true
            $dialog.ShowDialog()
            $dialog.FileName
    
            $Computers = Get-content $dialog.FileName
        
        }
        
        3{
           Write-Host "Check on a single OU or a list?" -ForegroundColor Yellow -NoNewline
           Write-Host " (Enter" -ForegroundColor Green -NoNewline
           Write-Host " 1 " -NoNewline -ForegroundColor Yellow
           Write-Host "for just one ," -ForegroundColor Green -NoNewline 
           Write-Host " 2 " -NoNewline -ForegroundColor Yellow
           Write-Host "for list)" -ForegroundColor Green
    
           $Response = Read-Host
    
            while("1","2" -notcontains $Response){
            Write-Host "1 or 2 Please!" -ForegroundColor Red
            $Response = Read-Host 
            }
    
            Switch ($Response){
    
                1{ 
                    Write-Host "Enter the name of the OU you want to check?" -ForegroundColor Yellow
                    $OrgUnit = Read-Host
                    
                    $DN = Get-ADOrganizationalUnit -Filter 'Name -like $OrgUnit'| select DistinguishedName -ExpandProperty DistinguishedName
                    $Computers = (Get-ADComputer -Filter * -SearchBase "$DN" -Credential $AdmAccount).Name  | Sort   
    
                }
    
    
                2{            
                    [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog.FilterIndex = 0
                    $dialog.InitialDirectory = "C:TempServersLists"
                    $dialog.Multiselect = $false
                    $dialog.RestoreDirectory = $true
                    $dialog.Title = "Select a script file"
                    $dialog.ValidateNames = $true
                    $dialog.ShowDialog()
                    $dialog.FileName
    
                    $OrgUnits = Get-content $dialog.FileName 
    
                        Foreach ($OrgUnit in $OrgUnits){
    
                        $Computer = (Get-ADComputer -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort
                        $Computers += $Computer 
    
                        }    
                
                }
    
            }
    
        }
    
        4{
    
            $Computers = Get-ADComputer -Filter  {OperatingSystem -like "Windows 7*" -or OperatingSystem -like "Windows 10*" -or OperatingSystem -like "Windows XP*"} -Properties * -Credential $AdmAccount| Sort Name |Select Name -ExpandProperty Name
    
        }
    
    }
    
        If (!$Computers){
    
            Write-Host
            Write-Host $computer.toUpper() -ForegroundColor Green -NoNewline
            Write-Host " does not exist!" -ForegroundColor Red
    
        }
    
    GetProxyPath
        Write-Host
        Write-Host "Do you want to view the report? (Y/N)" -ForegroundColor Yellow
        $ReportAnswer = Read-Host 
    
        while("y","n" -notcontains $ReportAnswer){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $ReportAnswer = Read-Host 
            }
    
            If($ReportAnswer -eq "Y"){Invoke-Item "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv"}   
            Else {}
    
        Write-Host " "
        Write-Host "Do you want to check some more? (Y/N)" -ForegroundColor Yellow
        $Continue = Read-Host 
    
            while("y","n" -notcontains $Continue){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $Continue = Read-Host 
            }
    
            If($Continue -eq "Y"){}        
    
    }
    
    until ($Continue -eq "N")

    Found a better way to retrieve remote registry info by using Enter-PSSession. Full updated script above and changes shown below.

    Enter-PSSession -ComputerName $Commputer -Credential $AdmAccount
    
                $ProxyAutoConfigURL =Get-ItemProperty -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings" | Select AutoConfigURL -ExpandProperty AutoConfigURL       
                $IEInfo = Get-ItemProperty "HKLM:SOFTWAREMicrosoftInternet Explorer" 
                $IEVersion = $IEInfo.svcVersion
    
                Write-Host
                        
                Write-Host
                Write-Host "Computer - " -ForegroundColor Green -NoNewline
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan
    
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow
                
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow        
                
                Write-Host "Proxy Path Settings - " -ForegroundColor Green -NoNewline
                
                If (!$ProxyAutoConfigURL){Write-Host "No Proxy Path URL Received" -ForegroundColor Yellow}
    
                ElseIf($ProxyAutoConfigURL -notmatch "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Red}
    
                ElseIf($ProxyAutoConfigURL -match "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Cyan}    
                
                Write-Host "Original IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.Version -ForegroundColor Yellow  
                Write-Host "Current IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcVersion -ForegroundColor Cyan
                Write-Host "Windows Update KB Article - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcKBNumber -ForegroundColor Magenta
    
            Exit-PSSession

     

     

  • BTW, the encrypted credentials are prefaced with "adm". In our environment, privileged accounts are called "adm.username". If you use this, simply substitute what your environment uses or just remove the "adm".

  • $ErrorActionPreference = "SilentlyContinue"
    
    #Create Encrypted Credentials in Neededed #################################################################################################################################
    
    $Username = "adm.$env:username"
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    }
    
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring 
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password 
    
    ##########################################################################################################################################################################
    $ADGroupMembers =@()
    $NestGroups =@()
    $FullName = $null
    
    Function GroupMembershipAudit{ 
    
        Foreach ($ADGroupName in $ADGroupNames){      
        
        If($ADGroupName -eq "OutlookAdHocUsers"){ $ADGroupName = "MoveITDMZUsers"}  
    
            $ADGroupDetails = Get-ADGroup $ADGroupName -Properties * -Credential $AdmAccount
            $MemberShipMembersList = $ADGroupDetails.Members
            $GroupName = $ADGroupDetails.SamAccountName
            $Description = $ADGroupDetails.Description
            $NumberofMembers = ($ADGroupDetails.Members).Count     
            $MemberShipMembersList = $ADGroupDetails.Members   
              
            Write-Host " "
            Write-Host "These are the members of the "  -ForegroundColor Green -NoNewline
            Write-Host $ADGroupName.ToUpper() -ForegroundColor Yellow -NoNewline
            Write-Host " Group" -ForegroundColor Green
            Write-Host $Description -ForegroundColor Cyan
            Write-Host "__________________________________________________________" -ForegroundColor Red
    
            If (!$MemberShipMembersList){
                Write-Host "This group doesn't have any members." -ForegroundColor Red
                Write-Host "OrgUnit - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow
                Write-Host
    
                $NoMembers = New-Object PSObject
                $NoMembers | Add-Member NoteProperty GroupName $ADGroupName
                $NoMembers | Add-Member NoteProperty OrgUnit $OrgUnit
                $NoMembers | Export-Csv "C:tempGroup AuditingEmpty Groups$CurrentDate Empty Groups.csv" -NoTypeInformation -Append
    
            }
    
            $Z=0
            $StartTimeZ = Get-Date
    
            Foreach ($Member in $MemberShipMembersList){
           
            $Z++
            $SecondsElapsed = ((Get-Date) - $StartTimeZ).TotalSeconds
            $SecondsRemaining = ($SecondsElapsed / ($z / $NumberofMembers)) - $SecondsElapsed
            Write-Progress -Activity "Enumerating Users in $($ADGroupName): #$z of $($NumberofMembers)" -Id 1 -PercentComplete (($z/$($NumberofMembers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($z/$($NumberofMembers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
            # Collect any nested groups and seperate them from users
    
                Try {
    
                $ADGroupMember = Get-ADUser $Member -Properties SAMAccountName | Select-Object SamAccountName -ExpandProperty SamAccountName
                $ADGroupMembers += $ADGroupMember | Out-File "C:TempGroup Auditing$CurrentDate $ADGroupName MEMBERS.txt" -Append
    
                }
    
                Catch {
    
                $NestedGroupsList = (($Member-split",")[0].Substring(3)) 
                $NestedGroups += $NestedGroupsList | Out-File "C:TempGroup Auditing$CurrentDate NestedGroups.txt" -Append
                }
    
            }#End of Foreach Member Line 56
                    
            $i=0
            $StartTime1 = Get-Date                   
                    
            $ADGroupMembers = Get-Content "C:TempGroup Auditing$CurrentDate $ADGroupName MEMBERS.txt"
            $NestedGroups = Get-Content "C:TempGroup Auditing$CurrentDate NestedGroups.txt"
                       
            Foreach ($Item in $ADGroupMembers){
    
            $i++
            $SecondsElapsed = ((Get-Date) - $StartTime1).TotalSeconds
            $SecondsRemaining = ($SecondsElapsed / ($i / $NumberofMembers)) - $SecondsElapsed
    
            Write-Progress -Activity "Getting Group Members in $($ADGroupName): #$i of $($NumberofMembers)" -ParentId 1   -PercentComplete (($i/$($NumberofMembers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($i/$($NumberofMembers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
    
            $ADGroupMember = Get-ADUser $Item -Properties *
            $whenChanged = $ADGroupMember.whenChanged
            $WhenChangedDay0fWeek = Get-Date $whenChanged -Format dddd
            $WhenChangedYear = Get-Date $whenChanged -Format yyyy
            $WhenChangedMonth = Get-Date $whenChanged -Format MMMM
            $WhenChangedDay = Get-Date $whenChanged -Format dd
            $WhenChangedHour = Get-Date $whenChanged -Format hh
            $WhenChangedMinute = Get-Date $whenChanged -Format mm
            $WhenChangedAMPM = Get-date $whenChanged -Format tt     
    
    
                If ($ADGroupMember.distinguishedname -match ""){
                                                
                    $DN1 = $ADGroupMember.distinguishedname -creplace  "^[^,]*,","" 
                    $DN = $DN1 -creplace "^[^,]*,",""
                }
    
                Else {$DN = $ADGroupMember.distinguishedname -creplace "^[^,]*,",""}
    
                $OrgUnit= $DN.TrimEnd("DC=indyad,DC=local") 
                            
            Write-Host ($ADGroupMember.SAMAccountName).toUpper() -ForegroundColor Cyan -NoNewline
            Write-Host " - " -NoNewline
            Write-Host $ADGroupMember.Surname -ForegroundColor Yellow -NoNewline
            Write-Host "," -NoNewline -ForegroundColor Yellow
            Write-Host $ADGroupMember.GivenName -ForegroundColor Yellow -NoNewline
            Write-Host " (" -NoNewline
            Write-Host $ADGroupMember.Department -NoNewline
            Write-Host ")"
            Write-host $OrgUnit -ForegroundColor Yellow
            Write-Host "Account Active?" -ForegroundColor cyan -NoNewline
            Write-Host " - " -NoNewline -ForegroundColor Cyan
                                                
                If($ADGroupMember.Enabled -match "True"){Write-Host "Yes"}
                ElseIf($ADGroupMember.Enabled -match "False"){Write-Host "NO" -ForegroundColor Red}
    
            Write-Host "When Created - " -ForegroundColor Yellow -NoNewline
            Write-Host $ADGroupMember.whenCreated -ForegroundColor Cyan
    
            Write-Host "Last Change - " -ForegroundColor Yellow -NoNewline
            Write-Host $WhenChangedDay0fWeek -ForegroundColor Cyan -NoNewline
            Write-Host ", " -ForegroundColor Cyan -NoNewline
            Write-Host $WhenChangedMonth $WhenChangedDay -ForegroundColor Cyan -NoNewline
            Write-Host ", " -ForegroundColor Cyan -NoNewline
            Write-Host $WhenChangedYear -ForegroundColor Cyan -NoNewline
            Write-Host " @ " -ForegroundColor Magenta -NoNewline
            Write-Host $WhenChangedHour -ForegroundColor Magenta -NoNewline
            Write-Host ":" -ForegroundColor Magenta -NoNewline
            Write-Host $WhenChangedMinute $WhenChangedAMPM -ForegroundColor Magenta   
    
            Write-Host 
    
            $obj = New-Object PSObject
            $obj | Add-Member NoteProperty AccountActive ($ADGroupMember.Enabled)
            $obj | Add-Member NoteProperty WhenCreated ($ADGroupMember.whenCreated)
            $obj | Add-Member NoteProperty LastChangeDayOfWeek $WhenChangedDay0fWeek
            $obj | Add-Member NoteProperty LastChangeYear $WhenChangedYear
            $obj | Add-Member NoteProperty LastChangeMonth $WhenChangedMonth
            $obj | Add-Member NoteProperty LastChangeDay $WhenChangedDay
            $obj | Add-Member NoteProperty LastChangeHour $WhenChangedHour
            $obj | Add-Member NoteProperty LastChangeMinute $WhenChangedMinute
            $obj | Add-Member NoteProperty LastChangeAMorPM $WhenChangedAMPM
            $obj | Add-Member NoteProperty LastName ($ADGroupMember.Surname)
            $obj | Add-Member NoteProperty FirstName ($ADGroupMember.GivenName)
            $obj | Add-Member NoteProperty SamAccount ($ADGroupMember.SAMAccountName)
            $obj | Add-Member NoteProperty Agency ($ADGroupMember.Department)
            $obj | Add-Member NoteProperty ADGroup ($ADGroupName)
            $obj | Add-Member NoteProperty OrgUnit $OrgUnit
            $obj | Add-Member NoteProperty NestedUnder "NONE"
            $Obj | export-csv "C:tempGroup Auditing$CurrentDate $ADGroupName MembershipAudit.csv" -NoTypeInformation -Append
    
            }#End of Foreach $Item Line 83
    
            #Enumerate users in Nested Groups
    
            If($NestedGroups) {
    
            $NestedGroups = Get-Content "C:TempGroup Auditing$CurrentDate NestedGroups.txt"
            $NumberofNestedGroups = $NestedGroups.count 
    
            Write-Host "There are " -ForegroundColor Red -NoNewline
            Write-Host $NumberofNestedGroups -ForegroundColor Yellow -NoNewline
            Write-Host " Nested Groups Shown Below" -ForegroundColor Red
            Write-Host "_____________________________________" -ForegroundColor Red
            $NestedGroups
    
            }
    
            Foreach ($NestedGroup in $NestedGroups){
    
            $StartTime3 = Get-Date
            $z = 0
                
                $MembersofNestedGroup = Get-ADGroupMember -Identity $NestedGroup -Credential $AdmAccount
                $NumbersOfMembersInNestedGroup = $MembersofNestedGroup.count
    
                Write-Host " "
                Write-Host "There are " -ForegroundColor Yellow -NoNewline
                Write-Host $NumbersOfMembersInNestedGroup -ForegroundColor Red -NoNewline
                Write-Host " Members in " -ForegroundColor Yellow -NoNewline
                Write-Host $NestedGroup -ForegroundColor Red 
                    
                Write-Host "These are the members of the "  -ForegroundColor Green -NoNewline
                Write-Host $NestedGroup.ToUpper() -ForegroundColor Yellow -NoNewline
                Write-Host " Group, nested under " -ForegroundColor Green -NoNewline
                Write-Host $ADGroupName.ToUpper() -ForegroundColor White
                Write-Host "_______________________________________________________________________________" -ForegroundColor Red
    
                $ADGroupMembers = (Get-ADGroupMember "$NestedGroup").SamAccountName | Get-ADUser -Properties *| Sort SurName
                    
                Foreach ($ADGroupMember in $ADGroupMembers) {
    
                    $z++
                    $SecondsElapsed = ((Get-Date) - $StartTime3).TotalSeconds
                    $SecondsRemaining = ($SecondsElapsed / ($z / $NumbersOfMembersInNestedGroup)) - $SecondsElapsed
    
                    Write-Progress -Activity "Auditing Nested Group $($NestedGroup.ToUpper()) under $($ADGroupName.ToUpper()): #$z of $($NumbersOfMembersInNestedGroup)" -ParentId 1 -PercentComplete (($z/$($NumbersOfMembersInNestedGroup)) * 100) -CurrentOperation "$("{0:N2}" -f ((($z/$($NumbersOfMembersInNestedGroup)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
                         
                    $whenChanged = $Item.whenChanged
                    $WhenChangedDay0fWeek = Get-Date $whenChanged -Format dddd
                    $WhenChangedYear = Get-Date $whenChanged -Format yyyy
                    $WhenChangedMonth = Get-Date $whenChanged -Format MMMM
                    $WhenChangedDay = Get-Date $whenChanged -Format dd
                    $WhenChangedHour = Get-Date $whenChanged -Format hh
                    $WhenChangedMinute = Get-Date $whenChanged -Format mm
                    $WhenChangedAMPM = Get-date $whenChanged -Format tt   
                            
                            
                    If ($ADGroupMember.distinguishedname -match ""){                
                        $DN1 = $ADGroupMember.distinguishedname -creplace  "^[^,]*,","" 
                        $DN = $DN1 -creplace "^[^,]*,",""
                    }
    
                    Else {$DN = $ADGroupMember.distinguishedname -creplace "^[^,]*,",""}
    
                    $OrgUnit= $DN.TrimEnd("DC=indyad,DC=local") 
                            
                    Write-Host ($ADGroupMember.SAMAccountName).toUpper() -ForegroundColor Cyan -NoNewline
                    Write-Host " - " -NoNewline
                    Write-Host $ADGroupMember.Surname -ForegroundColor Yellow -NoNewline
                    Write-Host "," -NoNewline -ForegroundColor Yellow
                    Write-Host $ADGroupMember.GivenName -ForegroundColor Yellow -NoNewline
                    Write-Host " (" -NoNewline
                    Write-Host $ADGroupMember.Department -NoNewline
                    Write-Host ")"
                    Write-host $DN -ForegroundColor Yellow
                    Write-Host "Account Active?" -ForegroundColor cyan -NoNewline
                    Write-Host " - " -NoNewline -ForegroundColor Cyan
    
                        If($ADGroupMember.Enabled -match "True"){Write-Host "Yes"}
                        ElseIf($ADGroupMember.Enabled -match "False"){Write-Host "NO" -ForegroundColor Red}
    
                    Write-Host "When Created - " -ForegroundColor Yellow -NoNewline
                    Write-Host $ADGroupMember.whenCreated -ForegroundColor Cyan
    
                    Write-Host "Last Change - " -ForegroundColor Yellow -NoNewline
                    Write-Host $WhenChangedDay0fWeek -ForegroundColor Cyan -NoNewline
                    Write-Host ", " -ForegroundColor Cyan -NoNewline
                    Write-Host $WhenChangedMonth $WhenChangedDay -ForegroundColor Cyan -NoNewline
                    Write-Host ", " -ForegroundColor Cyan -NoNewline
                    Write-Host $WhenChangedYear -ForegroundColor Cyan -NoNewline
                    Write-Host " @ " -ForegroundColor Magenta -NoNewline
                    Write-Host $WhenChangedHour -ForegroundColor Magenta -NoNewline
                    Write-Host ":" -ForegroundColor Magenta -NoNewline
                    Write-Host $WhenChangedMinute $WhenChangedAMPM -ForegroundColor Magenta  
    
                    Write-Host      
    
                    $obj = New-Object PSObject
                    $obj | Add-Member NoteProperty AccountActive ($ADGroupMember.Enabled)
                    $obj | Add-Member NoteProperty WhenCreated ($ADGroupMember.whenCreated)
                    $obj | Add-Member NoteProperty LastChangeDayOfWeek $WhenChangedDay0fWeek
                    $obj | Add-Member NoteProperty LastChangeYear $WhenChangedYear
                    $obj | Add-Member NoteProperty LastChangeMonth $WhenChangedMonth
                    $obj | Add-Member NoteProperty LastChangeDay $WhenChangedDay
                    $obj | Add-Member NoteProperty LastChangeHour $WhenChangedHour
                    $obj | Add-Member NoteProperty LastChangeMinute $WhenChangedMinute
                    $obj | Add-Member NoteProperty LastChangeAMorPM $WhenChangedAMPM
                    $obj | Add-Member NoteProperty LastName ($ADGroupMember.Surname)
                    $obj | Add-Member NoteProperty FirstName ($ADGroupMember.GivenName)
                    $obj | Add-Member NoteProperty SamAccount ($ADGroupMember.SAMAccountName)
                    $obj | Add-Member NoteProperty Agency ($ADGroupMember.Department)
                    $obj | Add-Member NoteProperty ADGroup ($NestedGroup)
                    $obj | Add-Member NoteProperty OrgUnit $OrgUnit 
                    $obj | Add-Member NoteProperty NestedUnder $ADGroupName
                    $Obj | export-csv "C:tempGroup Auditing$CurrentDate $ADGroupName MembershipAudit.csv" -NoTypeInformation -Append
    
                } #End of Foreach $ADGroupMember Line 203
                                       
            }#End of line 180 Foreach $NestGroup
    
         }# End of Foreach $ADGroupName Line 22
    
        If (Test-Path -Path "C:tempGroup Auditing$CurrentDate $ADGroupNames MembershipAudit.csv"){
        
        Write-Host "Do you want to open the report? Y/N" -ForegroundColor Yellow
        $Answer = Read-Host
    
            while("Y","N" -notcontains $Answer){
            Write-Host "Y or N please!" -ForegroundColor Red
            $Answer = Read-Host
            }
    
        If ($Answer -eq "Y"){Invoke-Item "C:tempGroup Auditing$CurrentDate $ADGroupNames MembershipAudit.csv"} 
    
        }
    
        If (Test-Path -Path "C:tempGroup Auditing$CurrentDate NoMembers.txt"){Invoke-Item "C:tempGroup Auditing$CurrentDate NoMembers.txt"}
       
    }#End of line 20 Function GroupMembershipAudit
    
    CLS
    
    Write-Host " "
    Write-Host "ACTIVE DIRECTORY GROUP MEMBERSHIP AUDIT UTILITY" -ForegroundColor Cyan
    Write-Host "_______________________________________________" -ForegroundColor Cyan
    Write-Host " "
    
    Do {
    
    If (!(Test-Path -Path 'C:tempGroup Auditing')) {New-Item 'C:tempGroup Auditing' -type directory}
    If (!(Test-Path -Path 'C:tempGroup AuditingArchive')) {New-Item 'C:tempGroup AuditingArchive' -type directory}
    If (!(Test-Path -Path 'C:tempGroup AuditingMerged')) {New-Item 'C:tempGroup AuditingMerged' -type directory}
    
    $CurrentDate = Get-Date 
    $StartDate = Get-date -Format F
    
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    Write-Host $StartDate -ForegroundColor Yellow
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
      
        Write-Host "Do you want to check against one Group, a List, Org Unit, or all of the Domain?" -ForegroundColor Yellow
        Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
        Write-Host " 1 " -NoNewline
        Write-Host "for just one ," -ForegroundColor Yellow -NoNewline 
        Write-Host " 2 " -NoNewline
        Write-Host "for list," -ForegroundColor Yellow -NoNewline  
        Write-Host " 3 " -NoNewline
        Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
        Write-Host " 4 " -NoNewline
        Write-Host "for Domain)" -ForegroundColor Yellow
        $Answer = Read-Host
    
            while("1","2","3","4" -notcontains $Answer){
            Write-Host "1, 2, 3 or 4 Please!" -ForegroundColor Red
            $Answer = Read-Host 
            }
    
            Switch ($Answer){
    
        1{
    
            Write-Host "Enter the AD Group whose membership is needed" -ForegroundColor Yellow
            $ADGroupNames = Read-Host            
            GroupMembershipAudit $ADGroupNames    
                  
        
        }
    
        2{
            Move-Item -Path 'C:TempGroup Auditing*.csv' -Destination 'C:TempGroup AuditingArchive' -Force
    
            [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog.FilterIndex = 0
            $dialog.InitialDirectory = "C:TempGroup Auditing"
            $dialog.Multiselect = $false
            $dialog.RestoreDirectory = $true
            $dialog.Title = "Select a script file"
            $dialog.ValidateNames = $true
            $dialog.ShowDialog()
            $dialog.FileName
    
            $ADGroupNames = Get-content $dialog.FileName
            $ADGroupNames
            GroupMembershipAudit $ADGroupNames
    
            Get-Content 'C:tempGroup Auditing*.csv' | Set-Content "C:tempGroup AuditingMerged$CurrentDate NestedGroupsMerged.csv"
    
            Write-Host "Do you want to open the report? Y/N" -ForegroundColor Yellow
            $Answer = Read-Host
    
                while("Y","N" -notcontains $Answer){
                Write-Host "Y or N please!" -ForegroundColor Red
                $Answer = Read-Host
                }
    
                If ($Answer -eq "Y"){Invoke-Item "C:tempGroup AuditingMerged$CurrentDate NestedGroupsMerged.csv"}
            }
        
        3{
    
            Write-Host "Enter the Distinguished name of the OU you want to check?" -ForegroundColor Yellow
            $OrgUnits = Read-Host  
    
            Foreach ($OrgUnit in $OrgUnits){
    
                $ADGroupNames = (Get-AdGroup -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort 
                        
            }    
    
            GroupMembershipAudit $ADGroupNames
        }
    
        4{
    
            $ADGroupNames = (Get-AdGroup -Filter * -Credential $AdmAccount).Name  | Sort 
            $TotalADGroups = $ADGroupNames.Count
            Write-Host "Total Groups in Active Directory - " -ForegroundColor Green -NoNewline
            Write-Host $TotalADGroups -ForegroundColor Yellow
    
            GroupMembershipAudit $ADGroupNames
    
        }
    
        
    }
            
    
        Write-Host " "
        Write-Host "Do you want to start over? (Y/N)" -ForegroundColor Yellow
        $Continue = Read-Host 
    
            while("y","n" -notcontains $Continue){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $Continue = Read-Host 
            }
    
            If($Continue -eq "Y"){}
    
    }
    
    until ($Continue -eq "N")

     

  • Thanks for that. Looks like you corrected it for me. Appreciated it. Discovered the error after I updated my script. Didn't want someone using something that would not work completely. Again Thanks.

  • Too bad you can't edit the code you enter. I found a typo in what I posted and no way to fix it.

    Line 110 should by $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL

  • Here is my completed script. This script will audit certain IE settings I have interest in such as proxy, IE version, Computer OU, etc. All you have to do is rung the script. It will prompt you for input.

    The script will ask you to save your administrator credentials to a folder on your C: drive called "Secure". By doing this, you can run this script under non-administrator context. The password environment for us begins with 'adm' so you will have to change that to suit yours. (ie. adm.username).

    I run all my scripts either from Powershell ISE or create little Powershell "apps" by creating shortcuts such as C:WindowsSystem32WindowsPowerShellv1.0powershell.exe C:PSScriptsPOWERSHELL SCRIPT.ps1. By doing this, I can simply click on the shortcut and immediately start my processing.

  • $ErrorActionPreference = "SilentlyContinue"
    
    #Create Encrypted Credentials in Neededed #################################################################################################################################
    
    $Username = "adm.$env:username"
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    }
    
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring 
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password 
    
    ##########################################################################################################################################################################
    
    Function GetProxyPath {
    $i=0 
    $StartTime = Get-Date
    $NumberofComputers = $Computers.Count
    Write-Host "There are " -ForegroundColor Yellow -NoNewline
    Write-Host $NumberofComputers -ForegroundColor Red -NoNewline
    Write-Host " Computers in the list" -ForegroundColor Yellow
    Write-Host
    
    $i=0 
    $StartTime = Get-Date
    
        Foreach ($Computer in $Computers){    
        Clear-Variable Description
    
        $PingResults = Test-Connection -Count 2 -Quiet -ComputerName $Computer
        $ComputerDetails = Get-ADComputer -Filter "Name -like '$Computer'" -Properties * -Credential $AdmAccount
        $Description = $ComputerDetails.Description
        $DistinguishedName = $ComputerDetails.DistinguishedName -creplace "^[^,]*,","" 
        $OrgUnit= $DistinguishedName.TrimEnd("DC=indyad,DC=local")
    
        $i++
        $SecondsElapsed = ((Get-Date) - $StartTime).TotalSeconds
        $SecondsRemaining = ($SecondsElapsed / ($i / $NumberofComputers)) - $SecondsElapsed
        Write-Progress -Activity "Getting IE Version on $($Computer) in $($OrgUnit): #$i of $($NumberofComputers)" -PercentComplete (($i/$($NumberofComputers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($i/$($NumberofComputers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
            If ($PingResults -ne "TRUE"){
                Write-Host
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan -NoNewline
                Write-Host " Is NOT Responding! Please check ASAP!" -ForegroundColor Red
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow            
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow  
                $ComputersDown = $Computer | Out-File "C:tempworkstations$CurrentDate Workstations Not Responding.txt" -Append
            }
    
            Elseif ($PingResults -eq "TRUE"){ 
                
                Invoke-Command -Computername $Computer {
    
                    New-PSDrive -PSProvider registry -Root HKEY_CURRENT_USER -Name HKCU
                    CD HKCU:
                    $InternetSettings = Get-Item -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings"
                    $BrowserSettings = Get-ItemProperty $InternetSettings 
                    $ProxyAutoConfigURL = $BrowserSettings.AutoConfigURL
                    $ProxyAutoConfigURL
            
                } -Credential $AdmAccount
    
    
                $IEInfo = Invoke-Command -ComputerName $Computer -command { Get-ItemProperty 'HKLM:SOFTWAREMicrosoftInternet Explorer'} -Credential $AdmAccount
                $ProxyPathURL = $InternetSettings.AutoConfigURL
    
                Write-Host
                Write-Host "Computer - " -ForegroundColor Green -NoNewline
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan
    
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow
                
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow        
                
                Write-Host "Proxy Path Settings - " -ForegroundColor Green -NoNewline
                
                If (!$ProxyAutoConfigURL){Write-Host "No Proxy Path URL Received" -ForegroundColor Yellow}
    
                ElseIf($ProxyAutoConfigURL -notmatch "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Red}
    
                ElseIf($ProxyAutoConfigURL -match "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Cyan}    
                
                Write-Host "Original IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.Version -ForegroundColor Yellow  
                Write-Host "Current IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcVersion -ForegroundColor Cyan
                Write-Host "Windows Update KB Article - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcKBNumber -ForegroundColor Magenta
                
                 
            }
    
            $PCProxyPathAudit = New-Object PSObject
            $PCProxyPathAudit | Add-Member NoteProperty PingResults $PingResults
            $PCProxyPathAudit | Add-Member NoteProperty Computer $Computer
            $PCProxyPathAudit | Add-Member NoteProperty User $Description
            $PCProxyPathAudit | Add-Member NoteProperty OS $ComputerDetails.OperatingSystem
            $PCProxyPathAudit | Add-Member NoteProperty OrgUnit $OrgUnit
            $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL
            $PCProxyPathAudit | Add-Member NoteProperty OriginalIEVersion $IEInfo.Version
            $PCProxyPathAudit | Add-Member NoteProperty CurrentIEVersion $IEInfo.svcVersion
            $PCProxyPathAudit | Export-Csv -Path "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv" -NoTypeInformation -Append
    
            
            Clear-Variable Computer
            Clear-Variable ComputerDetails
            Clear-Variable InternetSettings
            Clear-Variable OrgUnit
            Clear-Variable PingResults
            Clear-Variable ProxyPathURL
    
        }
    
    }
    
    CLS
    
    Write-Host "IE Version Audit" -ForegroundColor Cyan
    Write-Host "________________" -ForegroundColor Cyan
    Write-Host " "
    
    
    $CurrentDate = Get-Date 
    $StartDate = Get-date -Format F
    
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    Write-Host $StartDate -ForegroundColor Yellow
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
    
    Do {
      
        Write-Host "Do you want to check against one System, a List, Org Unit, or all of the Domain?" -ForegroundColor Yellow
        Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
        Write-Host " 1 " -NoNewline
        Write-Host "for just one ," -ForegroundColor Yellow -NoNewline 
        Write-Host " 2 " -NoNewline
        Write-Host "for list," -ForegroundColor Yellow -NoNewline  
        Write-Host " 3 " -NoNewline
        Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
        Write-Host " 4 " -NoNewline
        Write-Host "for IndyAd Domain)" -ForegroundColor Yellow
    
    
        $Answer = Read-Host
    
            while("1","2","3","4" -notcontains $Answer){
            Write-Host "1, 2, 3, or 4 Please!" -ForegroundColor Red
            $Answer = Read-Host 
            }
    
    
    Switch ($Answer){
    
        1{
    
            Write-Host "Enter the name of the System you want to check?" -ForegroundColor Yellow
            $Computer = Read-Host
            $Computers = Get-ADComputer -Filter "Name -like '$Computer*'" -Credential $AdmAccount| select Name -ExpandProperty Name
                    
        }
    
        2{
            [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog.FilterIndex = 0
            $dialog.InitialDirectory = "C:TempServersLists"
            $dialog.Multiselect = $false
            $dialog.RestoreDirectory = $true
            $dialog.Title = "Select a script file"
            $dialog.ValidateNames = $true
            $dialog.ShowDialog()
            $dialog.FileName
    
            $Computers = Get-content $dialog.FileName
        
        }
        
        3{
           Write-Host "Check on a single OU or a list?" -ForegroundColor Yellow -NoNewline
           Write-Host " (Enter" -ForegroundColor Green -NoNewline
           Write-Host " 1 " -NoNewline -ForegroundColor Yellow
           Write-Host "for just one ," -ForegroundColor Green -NoNewline 
           Write-Host " 2 " -NoNewline -ForegroundColor Yellow
           Write-Host "for list)" -ForegroundColor Green
    
           $Response = Read-Host
    
            while("1","2" -notcontains $Response){
            Write-Host "1 or 2 Please!" -ForegroundColor Red
            $Response = Read-Host 
            }
    
            Switch ($Response){
    
                1{ 
                    Write-Host "Enter the name of the OU you want to check?" -ForegroundColor Yellow
                    $OrgUnit = Read-Host
                    
                    $DN = Get-ADOrganizationalUnit -Filter 'Name -like $OrgUnit'| select DistinguishedName -ExpandProperty DistinguishedName
                    $Computers = (Get-ADComputer -Filter * -SearchBase "$DN" -Credential $AdmAccount).Name  | Sort   
    
                }
    
    
                2{            
                    [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog.FilterIndex = 0
                    $dialog.InitialDirectory = "C:TempServersLists"
                    $dialog.Multiselect = $false
                    $dialog.RestoreDirectory = $true
                    $dialog.Title = "Select a script file"
                    $dialog.ValidateNames = $true
                    $dialog.ShowDialog()
                    $dialog.FileName
    
                    $OrgUnits = Get-content $dialog.FileName 
    
                        Foreach ($OrgUnit in $OrgUnits){
    
                        $Computer = (Get-ADComputer -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort
                        $Computers += $Computer 
    
                        }    
                
                }
    
            }
    
        }
    
        4{
    
            $Computers = Get-ADComputer -Filter  {OperatingSystem -like "Windows 7*" -or OperatingSystem -like "Windows 10*" -or OperatingSystem -like "Windows XP*"} -Properties * -Credential $AdmAccount| Sort Name |Select Name -ExpandProperty Name
    
        }
    
    }
    
        If (!$Computers){
    
            Write-Host
            Write-Host $computer.toUpper() -ForegroundColor Green -NoNewline
            Write-Host " does not exist!" -ForegroundColor Red
    
        }
    
    GetProxyPath
        Write-Host
        Write-Host "Do you want to view the report? (Y/N)" -ForegroundColor Yellow
        $ReportAnswer = Read-Host 
    
        while("y","n" -notcontains $ReportAnswer){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $ReportAnswer = Read-Host 
            }
    
            If($ReportAnswer -eq "Y"){Invoke-Item "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv"}   
            Else {}
    
        Write-Host " "
        Write-Host "Do you want to check some more? (Y/N)" -ForegroundColor Yellow
        $Continue = Read-Host 
    
            while("y","n" -notcontains $Continue){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $Continue = Read-Host 
            }
    
            If($Continue -eq "Y"){}        
    
    }
    
    until ($Continue -eq "N") 
    
    
    
    
    

     

  • Solved the issue by adding

    $BrowserSettings = Get-ItemProperty $InternetSettings
    $ProxyAutoConfigURL = $BrowserSettings.AutoConfigURL
    $ProxyAutoConfigURL

     

  • New-PSDrive -PSProvider registry -Root HKEY_CURRENT_USER -Name HKCU
        CD HKCU:
        $InternetSettings = Get-Item -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings"
        $InternetSettings

    Internet Settings

    The script works but I want to capture the value of the AutoConfigURL into a variable. I cannot figure out how to do this. If I enter $InternetSettings.Property I just get a list shown below:

    IE5_UA_Backup_Flag
    User Agent
    EmailName
    PrivDiscUiShown
    EnableHttp1_1
    WarnOnIntranet
    MimeExclusionListForCache
    AutoConfigProxy
    UseSchannelDirectly
    WarnOnPost
    UrlEncoding
    SecureProtocols
    PrivacyAdvanced
    ZonesSecurityUpgrade
    DisableCachingOfSSLPages
    WarnonZoneCrossing
    CertificateRevocation
    EnableNegotiate
    MigrateProxy
    ProxyEnable
    EnableAutodial
    NoNetAutodial
    AutoConfigURL

     

    I want to retrieve the value of any of these but specifically the "AutoConfigURL". How can I get this?

  • I thought I responded about this but maybe it didn't make it.

    The Powershell version on the target Windows 2008 servers is the issue. They are only running version 2.0. I don't have authority to upgrade them without approval in our organization since they are production servers.

  • The script does employ "-append" on the CSV export. And, the W2K8 servers are only running PowerShell 2.0. Don't know how to work around that since I am not a liberty to upgrade PowerShell without permission from Management. Thanks.

    #$ErrorActionPreference = "SilentlyContinue"
    #Create Encrypted Credentials in Neededed #################################################################################################################################
    $Username = "adm.$env:username"
    
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    
    }
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring
    
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password
    ##########################################################################################################################################################################
    Function GetAppPools{
    $CurrentDate = Get-Date
    
    $StartDate = Get-date -Format F
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    
    Write-Host $StartDate -ForegroundColor Yellow
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
    foreach ($Computer in $Computers) {
    Invoke-Command -ComputerName $Computer -command {If (!(Test-Path -Path 'F:TEMPIIS')){New-Item 'F:TEMPIIS' -type directory}} -Credential $AdmAccount
    
    Invoke-Command -ComputerName $Computer -command {If ((Test-Path -Path 'F:TEMPIIS*.CSV')){Remove-Item 'F:TEMPIIS*.CSV'}} -Credential $AdmAccount
    Write-Host
    
    Write-Host "Getting AppPool Details from " -ForegroundColor Green -NoNewline
    
    Write-Host $Computer -ForegroundColor Yellow
    
    Write-Host "++++++++++++++++++++++++++++++++++++++++++++++++++++++" -ForegroundColor Magenta
    Invoke-command  -ComputerName $Computer -ScriptBlock{
    # Ensure to import the WebAdministration module
    Import-Module WebAdministration
    
    set-Location IIS:AppPools
    
    $CurrentDate = Get-Date
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
    #Get the Application Pools of the server
    $appPoolCollections = dir
    
    $appPoolNames = $appPoolCollections.name
    
    #$NumberofAppPools = $appPoolNames.count
    foreach ($pool in $appPoolCollections){
    # Loop through the collection and find the status of the appPool
    $WEBServer = [System.Net.Dns]::GetHostName()
    
    $appPoolName = $pool.Name
    
    $appPoolState = $pool.state
    
    $appPoolVersion= $pool.managedRuntimeVersion
    
    $Identity = $Pool.processModel.identityType
    
    $Account = $Pool.processModel.UserName
    Write-Host "App Pool Name - " -ForegroundColor Cyan -NoNewline
    
    Write-Host  $appPoolName -ForegroundColor Yellow
    Write-Host "App Pool State - " -ForegroundColor Cyan -NoNewline
    
    Write-Host  $appPoolState -ForegroundColor Yellow
    Write-Host "App Pool Version - " -ForegroundColor Cyan -NoNewline
    
    Write-Host  $appPoolVersion -ForegroundColor Yellow
    Write-Host "Identity - " -ForegroundColor Cyan -NoNewline
    
    Write-Host  $Identity -ForegroundColor Yellow
    If (!$Account){}
    Else {
    Write-Host "UserName - " -ForegroundColor Cyan -NoNewline
    
    Write-Host  $Account -ForegroundColor Yellow
    
    }
    
    Write-Host
    
    $AppPoolAudit = New-Object PSObject
    
    $AppPoolAudit | Add-Member NoteProperty WebServer $WebServer
    
    $AppPoolAudit | Add-Member NoteProperty AppPoolName $appPoolName
    
    $AppPoolAudit | Add-Member NoteProperty AppPoolState $appPoolState
    
    $AppPoolAudit | Add-Member NoteProperty App Pool Version $appPoolVersion
    
    $AppPoolAudit | Add-Member NoteProperty Identity $Identity
    
    $AppPoolAudit | Add-Member NoteProperty AccountUsed $Account
    
    $AppPoolAudit | Export-Csv -Path "F:tempIISAppPool.csv" -NoTypeInformation -Append -Force
    
    }
    
    } -Credential $AdmAccount
    
    Write-Host "++++++++++++++++++++++++++++++++++++++++++++++++++++++" -ForegroundColor Magenta
    
    }
    
    }
    
    CLS
    
    Write-Host " "
    
    Write-Host "Audit AppPools on Web Servers" -ForegroundColor Cyan
    
    Write-Host "_____________________________" -ForegroundColor Cyan
    
    Write-Host " "
    
    Do {
    
    Write-Host "Do you want to check against one System, a List, Org Unit, or all Domain?" -ForegroundColor Yellow
    
    Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
    
    Write-Host " 1 " -NoNewline
    
    Write-Host "for just one ," -ForegroundColor Yellow -NoNewline
    
    Write-Host " 2 " -NoNewline
    
    Write-Host "for list," -ForegroundColor Yellow -NoNewline
    
    Write-Host " 3 " -NoNewline
    
    Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
    
    Write-Host " 4 " -NoNewline
    
    Write-Host "for Domain)" -ForegroundColor Yellow
    
    $Answer = Read-Host
    
    while("1","2","3","4" -notcontains $Answer){
    
    Write-Host "1, 2, 3, or 4 Please!" -ForegroundColor Red
    
    $Answer = Read-Host
    
    }
    
    Switch ($Answer){
    
    1{
    
    Write-Host "Enter the name of the System you want to check?" -ForegroundColor Yellow
    
    $Computer = Read-Host
    
    $Computers = Get-ADComputer -Filter "Name -like '$Computer*'" -Credential $AdmAccount| select Name -ExpandProperty Name
    
    }
    
    2{
    
    [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
    
    $dialog = New-Object System.Windows.Forms.OpenFileDialog
    
    $dialog = New-Object System.Windows.Forms.OpenFileDialog
    
    $dialog.FilterIndex = 0
    
    $dialog.InitialDirectory = "C:TempIIS"
    
    $dialog.Multiselect = $false
    
    $dialog.RestoreDirectory = $true
    
    $dialog.Title = "Select a script file"
    
    $dialog.ValidateNames = $true
    
    $dialog.ShowDialog()
    
    $dialog.FileName
    
    $Computers = Get-content $dialog.FileName
    
    }
    
    3{
    
    Write-Host "Enter the Distinguished name of the OU you want to check?" -ForegroundColor Yellow
    
    $OrgUnits = Read-Host
    
    Foreach ($OrgUnit in $OrgUnits){
    
    $Computers = (Get-ADComputer -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort
    
    }
    
    }
    
    4{
    
    $Computers = Get-ADComputer -Filter  {OperatingSystem -like "Windows Server*" -or OperatingSystem -like "RHEL*" -or OperatingSystem -like "Centos*" -or OperatingSystem -like "OneFS*" -or OperatingSystem -like "Data Domain OS*"} -Properties * -Credential $AdmAccount| Sort Name |Select Name -ExpandProperty Name
    
    }
    
    }
    
    GetAppPools
    
    Write-Host " "
    
    Write-Host "Do you want to check some more? (Y/N)" -ForegroundColor Yellow
    
    $Continue = Read-Host
    
    while("y","n" -notcontains $Continue){
    
    Write-Host "Y or N Please!" -ForegroundColor Red
    
    $Continue = Read-Host
    
    }
    
    If($Continue -eq "Y"){}
    
    }
    
    until ($Continue -eq "N")
  • The attached script is flawless except for the inability for the data to be exported to a Windows 2008 Server.

    The script is designed to retrieve the AppPool Information from Webservers. As is runs it displays the results to the screen and then will should export the data to a CSV file.

    The script ensures that the paths exist on the target servers and cleans any leftover files. I did this because under the Invoke option I can't get the data to write back to my PC where I am executing the script. (If there is a way to do this, I would like to know).

    Since I couldn't figure out how to have the data written back to my PC, I decided to have it write to each server that is parsed from a list. Then I would harvest these files from each server and combine them into one CSV that I could run an Excel Pivot Table on.

    This was all working except I discovered that the export-csv was not writing to any Windows 2008 server in the list. Other than that is is fine.

    Why isn't it writing to the Windows 2008 servers?

    I really just want to have the CSV written to my PC.

    I have attached the script for review. Thanks.

  • Load More