• I rarely use it in ISE but the option to view the command add-on is not displaying anything. The "Modules" box should show "ALL" or let me select some but it is grayed out. How can I get this working again.  I am using PowerShell 5.1.

     

    No Modules Available

    0
  • I am marking this as resolved thanks to your help, even though the software is getting a failure code on installation. That is beyond the scope of this question. Thanks.

    0
  • Yes the "$Setup" variable needed to be changed for the whole process and I took out the "Z" drive specification and just user (root). I didn't get an Exitcode of 0 (zero) though. I did find the log file specified in the parameters shown below. I don't know what "5" means but at least it did run.

    [InstallShield Silent]
    Version=v7.00
    File=Log File
    [ResponseResult]
    ResultCode=-5

    By the way, my installation is running on a remote computer. It looks like you tested yours locally. We need this to run remotely and be successful. Thanks for the help so far.

    Invoke-Command -Computername $Computer -ScriptBlock {$Setup = Start-process -filepath "iNovah_SQLExpress2014iNovah2PrereqInstaller2014-x64.exe"`
             -Argumentlist '/s /sms /f1.iNovah_SQLExpress2014Prerequisites.iss /f2WindowsTempiNovah2PrereqInstallx64_SQLExpress2014.log'-Wait -PassThru} -Credential $AdmAccount
                
                If($Setup.exitcode -eq "0"){
            
                Write-Host "Software Installed Successfully on " -ForegroundColor Cyan -NoNewline
                Write-Host $Computer -ForegroundColor Yellow
        
                }

     

    0
  • Thanks again, but this is exactly what I started with before I asked for help here.

    0
  • Thanks for taking the time to help. However, after applying your recommendation, I still get the same error.

    0
  • An associate was trying to deploy software from SCCM but claims it always failed so he asked me if  I could do it with Powershell. Since this is to be done an on a remote machine, I first connect via PSDrive and get Z as the new drive. After that I copy the source files to the remote machine using Z: and this all works fine.

    Next I try to run the installation and it all works except it claims my Argument list is null and fails. I can't seem to find the proper syntax to pass all of the arguments to the installation line.

    New-PSDrive -Name Z -PSProvider FileSystem -Root "$Computerc$" -Credential $AdmAccount
            If (!(Test-Path -Path  'Z:iNovah_SQLExpress2014')) {New-Item 'Z:iNovah_SQLExpress2014' -type directory -Force | Out-Null}
            Copy-Item -Path "isipp01appsapps$SCCMSourceapplicationsiNovah_SQLExpress2014*.*" -Destination "Z:iNovah_SQLExpress2014"
    
            
            Invoke-Command -Computername $Computer -ScriptBlock {Start-process $Setup = -filepath "Z:iNovah_SQLExpress2014iNovah2PrereqInstaller2014-x64.exe"`
             -argumentlist '/s /sms /f1.Z:iNovah_SQLExpress2014Prerequisites.iss /f2Z:WindowsTempiNovah2PrereqInstallx64_SQLExpress2014.log' -Wait} 
                
                If($Setup.exitcode -eq "0"){
            
                Write-Host "Software Installed Successfully on " -ForegroundColor Cyan -NoNewline
                Write-Host $Computer -ForegroundColor Yellow
        
                }

    A positional parameter cannot be found that accepts argument '$null'.
    + CategoryInfo : InvalidArgument: (:) [Start-Process], ParameterBindingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.StartProcessCommand

    0
  • Simplifed things and this works and gives me what I want.

    $CommonInternetKey = Invoke-Command -ComputerName $Computer -command {Get-ItemProperty -path "HKCU:SoftwareMicrosoftOffice16.0CommonInternet"}

    Also, you are correct on Profiles List from HKCU. Nothing to grabe there. Also, unable to parse HKEY_User for each value in $CommonInternetKey.

    I can get the GUID's by

    $hkeyUsersHIVE = [Microsoft.Win32.RegistryHive]::Users
    $hkeyUsers = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($hkeyUsersHIVE,$Computer)
    $hkeyUsersSubkeys = $hkeyUsers.GetSubKeyNames()
    $hkeyUsersSubkeys = $hkeyUsersSubkeys | Where{$_ -notmatch "Classes"}

    but trying to enumerte the $CommonInternetKey value from each one it elluding me. I can get it from HKCU and will have to settle for that I suppose.

     

     

     

    0
  • Got it solved and don't know why I didn't do it earlier. Employing PSSession solves the problem. The value in UseRWHlinkNavigation is what I am looking for. However, not sure why I am getting an error on "Exit-PSSession" but that's not that big right now.

    Now I can enumerate all profiles on a remote computer by querying HKLM:SoftwareMicrosoftWindows NTCurrentVersionProfileList for all profile GUID's and then look to see if this value is present.

    0
  • Got it solved and don't know why I didn't do it earlier. Employing PSSession solves the problem. The value in UseRWHlinkNavigation is what I am looking for. However, not sure why I am getting an error on "Exit-PSSession" but that's not that big right now.

    Now I can enumerate all profiles on a remote computer by querying HKLM:SoftwareMicrosoftWindows NTCurrentVersionProfileList for all profile GUID's and then look to see if this value is present.

    0
  • OK, understood. But how do I do this? The reason for this is that I am build a script to audit the value of a registry on remote computers. I will have a list of Computers to check for a certain value to produce a report. How else would you do this. I have done this several times before without running into this.

    0
  • Seems simple and seen a lot of "complex" solutions but don't understand them. I am simply trying to get the data out of a remote computer registry. I can see the data but don't know how to retrieve it. What is the little secret to populate the Property info?

    0
  • May be more than what you think you need, but trust me in large environments where group nesting has gone haywire, you need to be able to get a report on how many users are in a group.

    We had amateur admins granting access to data based upon a group not knowing that others were nested in the group. This caused a serious security breech since users in the nested groups were not supposed to have access to the data.

     

    0
  • $ErrorActionPreference = "SilentlyContinue"
    
    #Create Encrypted Credentials in Needed #################################################################################################################################
    
    $Username = "adm.$env:username"
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    }
    
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring 
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password 
    
    ##########################################################################################################################################################################
    
    Function GetProxyPath {
    $i=0 
    $StartTime = Get-Date
    $NumberofComputers = $Computers.Count
    Write-Host "There are " -ForegroundColor Yellow -NoNewline
    Write-Host $NumberofComputers -ForegroundColor Red -NoNewline
    Write-Host " Computers in the list" -ForegroundColor Yellow
    Write-Host
    
    $i=0 
    $StartTime = Get-Date
    
        Foreach ($Computer in $Computers){    
        
        $PingResults = Test-Connection -Count 2 -Quiet -ComputerName $Computer
        $ComputerDetails = Get-ADComputer -Filter "Name -like '$Computer'" -Properties * -Credential $AdmAccount
        $Description = $ComputerDetails.Description
        $DistinguishedName = $ComputerDetails.DistinguishedName -creplace "^[^,]*,","" 
        $OrgUnit= $DistinguishedName.TrimEnd("DC=indyad,DC=local")
    
        $i++
        $SecondsElapsed = ((Get-Date) - $StartTime).TotalSeconds
        $SecondsRemaining = ($SecondsElapsed / ($i / $NumberofComputers)) - $SecondsElapsed
        Write-Progress -Activity "Getting IE Version on $($Computer) in $($OrgUnit): #$i of $($NumberofComputers)" -PercentComplete (($i/$($NumberofComputers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($i/$($NumberofComputers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
            If ($PingResults -ne "TRUE"){
                Write-Host
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan -NoNewline
                Write-Host " Is NOT Responding! Please check ASAP!" -ForegroundColor Red
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow            
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow  
                $ComputersDown = $Computer | Out-File "C:tempworkstations$CurrentDate Workstations Not Responding.txt" -Append
    
                $PCProxyPathAudit = New-Object PSObject
                $PCProxyPathAudit | Add-Member NoteProperty PingResults $PingResults
                $PCProxyPathAudit | Add-Member NoteProperty Computer $Computer
                $PCProxyPathAudit | Add-Member NoteProperty User $Description
                $PCProxyPathAudit | Add-Member NoteProperty OS $ComputerDetails.OperatingSystem
                $PCProxyPathAudit | Add-Member NoteProperty OrgUnit $OrgUnit
                $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL
                $PCProxyPathAudit | Add-Member NoteProperty OriginalIEVersion $IEInfo.Version
                $PCProxyPathAudit | Add-Member NoteProperty CurrentIEVersion $IEInfo.svcVersion
                $PCProxyPathAudit | Export-Csv -Path "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv" -NoTypeInformation -Append
            }
    
            Elseif ($PingResults -eq "TRUE"){ 
    
            Enter-PSSession -ComputerName $Commputer -Credential $AdmAccount
    
                $ProxyAutoConfigURL =Get-ItemProperty -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings" | Select AutoConfigURL -ExpandProperty AutoConfigURL       
                $IEInfo = Get-ItemProperty "HKLM:SOFTWAREMicrosoftInternet Explorer" 
                $IEVersion = $IEInfo.svcVersion
    
                Write-Host
                        
                Write-Host
                Write-Host "Computer - " -ForegroundColor Green -NoNewline
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan
    
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow
                
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow        
                
                Write-Host "Proxy Path Settings - " -ForegroundColor Green -NoNewline
                
                If (!$ProxyAutoConfigURL){Write-Host "No Proxy Path URL Received" -ForegroundColor Yellow}
    
                ElseIf($ProxyAutoConfigURL -notmatch "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Red}
    
                ElseIf($ProxyAutoConfigURL -match "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Cyan}    
                
                Write-Host "Original IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.Version -ForegroundColor Yellow  
                Write-Host "Current IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcVersion -ForegroundColor Cyan
                Write-Host "Windows Update KB Article - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcKBNumber -ForegroundColor Magenta
    
            Exit-PSSession 
    
                $PCProxyPathAudit = New-Object PSObject
                $PCProxyPathAudit | Add-Member NoteProperty PingResults $PingResults
                $PCProxyPathAudit | Add-Member NoteProperty Computer $Computer
                $PCProxyPathAudit | Add-Member NoteProperty User $Description
                $PCProxyPathAudit | Add-Member NoteProperty OS $ComputerDetails.OperatingSystem
                $PCProxyPathAudit | Add-Member NoteProperty OrgUnit $OrgUnit
                $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL
                $PCProxyPathAudit | Add-Member NoteProperty OriginalIEVersion $IEInfo.Version
                $PCProxyPathAudit | Add-Member NoteProperty CurrentIEVersion $IEInfo.svcVersion
                $PCProxyPathAudit | Export-Csv -Path "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv" -NoTypeInformation -Append
                
                 
            }      
            
            Clear-Variable Computer
            Clear-Variable ComputerDetails
            Clear-Variable InternetSettings
            Clear-Variable OrgUnit
            Clear-Variable PingResults
            Clear-Variable Description
            Clear-Variable ProxyAutoConfigURL
            Clear-Variable IEInfo
            
        }
    }
    
    CLS
    
    Write-Host "IE Version Audit" -ForegroundColor Cyan
    Write-Host "________________" -ForegroundColor Cyan
    Write-Host " "
    
    
    $CurrentDate = Get-Date 
    $StartDate = Get-date -Format F
    
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    Write-Host $StartDate -ForegroundColor Yellow
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
    
    Do {
      
        Write-Host "Do you want to check against one System, a List, Org Unit, or all Domain?" -ForegroundColor Yellow
        Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
        Write-Host " 1 " -NoNewline
        Write-Host "for just one ," -ForegroundColor Yellow -NoNewline 
        Write-Host " 2 " -NoNewline
        Write-Host "for list," -ForegroundColor Yellow -NoNewline  
        Write-Host " 3 " -NoNewline
        Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
        Write-Host " 4 " -NoNewline
        Write-Host "for Domain)" -ForegroundColor Yellow
    
    
        $Answer = Read-Host
    
            while("1","2","3","4" -notcontains $Answer){
            Write-Host "1, 2, 3, or 4 Please!" -ForegroundColor Red
            $Answer = Read-Host 
            }
    
    
    Switch ($Answer){
    
        1{
    
            Write-Host "Enter the name of the System you want to check?" -ForegroundColor Yellow
            $Computer = Read-Host
            $Computers = Get-ADComputer -Filter "Name -like '$Computer*'" -Credential $AdmAccount| select Name -ExpandProperty Name
                    
        }
    
        2{
            [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog.FilterIndex = 0
            $dialog.InitialDirectory = "C:TempServersLists"
            $dialog.Multiselect = $false
            $dialog.RestoreDirectory = $true
            $dialog.Title = "Select a script file"
            $dialog.ValidateNames = $true
            $dialog.ShowDialog()
            $dialog.FileName
    
            $Computers = Get-content $dialog.FileName
        
        }
        
        3{
           Write-Host "Check on a single OU or a list?" -ForegroundColor Yellow -NoNewline
           Write-Host " (Enter" -ForegroundColor Green -NoNewline
           Write-Host " 1 " -NoNewline -ForegroundColor Yellow
           Write-Host "for just one ," -ForegroundColor Green -NoNewline 
           Write-Host " 2 " -NoNewline -ForegroundColor Yellow
           Write-Host "for list)" -ForegroundColor Green
    
           $Response = Read-Host
    
            while("1","2" -notcontains $Response){
            Write-Host "1 or 2 Please!" -ForegroundColor Red
            $Response = Read-Host 
            }
    
            Switch ($Response){
    
                1{ 
                    Write-Host "Enter the name of the OU you want to check?" -ForegroundColor Yellow
                    $OrgUnit = Read-Host
                    
                    $DN = Get-ADOrganizationalUnit -Filter 'Name -like $OrgUnit'| select DistinguishedName -ExpandProperty DistinguishedName
                    $Computers = (Get-ADComputer -Filter * -SearchBase "$DN" -Credential $AdmAccount).Name  | Sort   
    
                }
    
    
                2{            
                    [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog = New-Object System.Windows.Forms.OpenFileDialog
                    $dialog.FilterIndex = 0
                    $dialog.InitialDirectory = "C:TempServersLists"
                    $dialog.Multiselect = $false
                    $dialog.RestoreDirectory = $true
                    $dialog.Title = "Select a script file"
                    $dialog.ValidateNames = $true
                    $dialog.ShowDialog()
                    $dialog.FileName
    
                    $OrgUnits = Get-content $dialog.FileName 
    
                        Foreach ($OrgUnit in $OrgUnits){
    
                        $Computer = (Get-ADComputer -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort
                        $Computers += $Computer 
    
                        }    
                
                }
    
            }
    
        }
    
        4{
    
            $Computers = Get-ADComputer -Filter  {OperatingSystem -like "Windows 7*" -or OperatingSystem -like "Windows 10*" -or OperatingSystem -like "Windows XP*"} -Properties * -Credential $AdmAccount| Sort Name |Select Name -ExpandProperty Name
    
        }
    
    }
    
        If (!$Computers){
    
            Write-Host
            Write-Host $computer.toUpper() -ForegroundColor Green -NoNewline
            Write-Host " does not exist!" -ForegroundColor Red
    
        }
    
    GetProxyPath
        Write-Host
        Write-Host "Do you want to view the report? (Y/N)" -ForegroundColor Yellow
        $ReportAnswer = Read-Host 
    
        while("y","n" -notcontains $ReportAnswer){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $ReportAnswer = Read-Host 
            }
    
            If($ReportAnswer -eq "Y"){Invoke-Item "C:TempWorkstations$CurrentDate PC IEVersion Audit.csv"}   
            Else {}
    
        Write-Host " "
        Write-Host "Do you want to check some more? (Y/N)" -ForegroundColor Yellow
        $Continue = Read-Host 
    
            while("y","n" -notcontains $Continue){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $Continue = Read-Host 
            }
    
            If($Continue -eq "Y"){}        
    
    }
    
    until ($Continue -eq "N")

    Found a better way to retrieve remote registry info by using Enter-PSSession. Full updated script above and changes shown below.

    Enter-PSSession -ComputerName $Commputer -Credential $AdmAccount
    
                $ProxyAutoConfigURL =Get-ItemProperty -Path "HKCU:SoftwareMicrosoftWindowsCurrentVersionInternet Settings" | Select AutoConfigURL -ExpandProperty AutoConfigURL       
                $IEInfo = Get-ItemProperty "HKLM:SOFTWAREMicrosoftInternet Explorer" 
                $IEVersion = $IEInfo.svcVersion
    
                Write-Host
                        
                Write-Host
                Write-Host "Computer - " -ForegroundColor Green -NoNewline
                Write-Host $Computer -ForegroundColor Yellow -NoNewline
                Write-Host "($Description)" -ForegroundColor Cyan
    
                Write-Host "OS - " -ForegroundColor Green -NoNewline
                Write-Host $ComputerDetails.OperatingSystem -ForegroundColor Yellow
                
                Write-Host "Org Unit" -ForegroundColor Green -NoNewline
                Write-Host " - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow        
                
                Write-Host "Proxy Path Settings - " -ForegroundColor Green -NoNewline
                
                If (!$ProxyAutoConfigURL){Write-Host "No Proxy Path URL Received" -ForegroundColor Yellow}
    
                ElseIf($ProxyAutoConfigURL -notmatch "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Red}
    
                ElseIf($ProxyAutoConfigURL -match "genproxy.php"){Write-Host $ProxyAutoConfigURL -ForegroundColor Cyan}    
                
                Write-Host "Original IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.Version -ForegroundColor Yellow  
                Write-Host "Current IE Version - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcVersion -ForegroundColor Cyan
                Write-Host "Windows Update KB Article - " -ForegroundColor Green -NoNewline
                Write-Host $IEInfo.svcKBNumber -ForegroundColor Magenta
    
            Exit-PSSession

     

     

    0
  • BTW, the encrypted credentials are prefaced with "adm". In our environment, privileged accounts are called "adm.username". If you use this, simply substitute what your environment uses or just remove the "adm".

    0
  • $ErrorActionPreference = "SilentlyContinue"
    
    #Create Encrypted Credentials in Neededed #################################################################################################################################
    
    $Username = "adm.$env:username"
    If (!(Test-Path -Path 'C:Secure')) {New-Item 'C:Secure' -type directory | Out-Null}
    
    If (!(Test-Path -Path "C:Secure$Username Password.txt")) {
    Write-Host "Please enter your password. This is a one time request that will store an encrypted file on your local computer to avoid further prmompts." -ForegroundColor Yellow
    Read-Host $Username -AsSecureString | ConvertFrom-SecureString | Out-File "C:Secure$Username Password.txt"
    }
    
    $Password = Get-Content "C:Secure$Username Password.txt"| convertto-securestring 
    $AdmAccount = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username, $Password 
    
    ##########################################################################################################################################################################
    $ADGroupMembers =@()
    $NestGroups =@()
    $FullName = $null
    
    Function GroupMembershipAudit{ 
    
        Foreach ($ADGroupName in $ADGroupNames){      
        
        If($ADGroupName -eq "OutlookAdHocUsers"){ $ADGroupName = "MoveITDMZUsers"}  
    
            $ADGroupDetails = Get-ADGroup $ADGroupName -Properties * -Credential $AdmAccount
            $MemberShipMembersList = $ADGroupDetails.Members
            $GroupName = $ADGroupDetails.SamAccountName
            $Description = $ADGroupDetails.Description
            $NumberofMembers = ($ADGroupDetails.Members).Count     
            $MemberShipMembersList = $ADGroupDetails.Members   
              
            Write-Host " "
            Write-Host "These are the members of the "  -ForegroundColor Green -NoNewline
            Write-Host $ADGroupName.ToUpper() -ForegroundColor Yellow -NoNewline
            Write-Host " Group" -ForegroundColor Green
            Write-Host $Description -ForegroundColor Cyan
            Write-Host "__________________________________________________________" -ForegroundColor Red
    
            If (!$MemberShipMembersList){
                Write-Host "This group doesn't have any members." -ForegroundColor Red
                Write-Host "OrgUnit - " -ForegroundColor Green -NoNewline
                Write-Host $OrgUnit -ForegroundColor Yellow
                Write-Host
    
                $NoMembers = New-Object PSObject
                $NoMembers | Add-Member NoteProperty GroupName $ADGroupName
                $NoMembers | Add-Member NoteProperty OrgUnit $OrgUnit
                $NoMembers | Export-Csv "C:tempGroup AuditingEmpty Groups$CurrentDate Empty Groups.csv" -NoTypeInformation -Append
    
            }
    
            $Z=0
            $StartTimeZ = Get-Date
    
            Foreach ($Member in $MemberShipMembersList){
           
            $Z++
            $SecondsElapsed = ((Get-Date) - $StartTimeZ).TotalSeconds
            $SecondsRemaining = ($SecondsElapsed / ($z / $NumberofMembers)) - $SecondsElapsed
            Write-Progress -Activity "Enumerating Users in $($ADGroupName): #$z of $($NumberofMembers)" -Id 1 -PercentComplete (($z/$($NumberofMembers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($z/$($NumberofMembers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
            # Collect any nested groups and seperate them from users
    
                Try {
    
                $ADGroupMember = Get-ADUser $Member -Properties SAMAccountName | Select-Object SamAccountName -ExpandProperty SamAccountName
                $ADGroupMembers += $ADGroupMember | Out-File "C:TempGroup Auditing$CurrentDate $ADGroupName MEMBERS.txt" -Append
    
                }
    
                Catch {
    
                $NestedGroupsList = (($Member-split",")[0].Substring(3)) 
                $NestedGroups += $NestedGroupsList | Out-File "C:TempGroup Auditing$CurrentDate NestedGroups.txt" -Append
                }
    
            }#End of Foreach Member Line 56
                    
            $i=0
            $StartTime1 = Get-Date                   
                    
            $ADGroupMembers = Get-Content "C:TempGroup Auditing$CurrentDate $ADGroupName MEMBERS.txt"
            $NestedGroups = Get-Content "C:TempGroup Auditing$CurrentDate NestedGroups.txt"
                       
            Foreach ($Item in $ADGroupMembers){
    
            $i++
            $SecondsElapsed = ((Get-Date) - $StartTime1).TotalSeconds
            $SecondsRemaining = ($SecondsElapsed / ($i / $NumberofMembers)) - $SecondsElapsed
    
            Write-Progress -Activity "Getting Group Members in $($ADGroupName): #$i of $($NumberofMembers)" -ParentId 1   -PercentComplete (($i/$($NumberofMembers)) * 100) -CurrentOperation "$("{0:N2}" -f ((($i/$($NumberofMembers)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
    
    
            $ADGroupMember = Get-ADUser $Item -Properties *
            $whenChanged = $ADGroupMember.whenChanged
            $WhenChangedDay0fWeek = Get-Date $whenChanged -Format dddd
            $WhenChangedYear = Get-Date $whenChanged -Format yyyy
            $WhenChangedMonth = Get-Date $whenChanged -Format MMMM
            $WhenChangedDay = Get-Date $whenChanged -Format dd
            $WhenChangedHour = Get-Date $whenChanged -Format hh
            $WhenChangedMinute = Get-Date $whenChanged -Format mm
            $WhenChangedAMPM = Get-date $whenChanged -Format tt     
    
    
                If ($ADGroupMember.distinguishedname -match ""){
                                                
                    $DN1 = $ADGroupMember.distinguishedname -creplace  "^[^,]*,","" 
                    $DN = $DN1 -creplace "^[^,]*,",""
                }
    
                Else {$DN = $ADGroupMember.distinguishedname -creplace "^[^,]*,",""}
    
                $OrgUnit= $DN.TrimEnd("DC=indyad,DC=local") 
                            
            Write-Host ($ADGroupMember.SAMAccountName).toUpper() -ForegroundColor Cyan -NoNewline
            Write-Host " - " -NoNewline
            Write-Host $ADGroupMember.Surname -ForegroundColor Yellow -NoNewline
            Write-Host "," -NoNewline -ForegroundColor Yellow
            Write-Host $ADGroupMember.GivenName -ForegroundColor Yellow -NoNewline
            Write-Host " (" -NoNewline
            Write-Host $ADGroupMember.Department -NoNewline
            Write-Host ")"
            Write-host $OrgUnit -ForegroundColor Yellow
            Write-Host "Account Active?" -ForegroundColor cyan -NoNewline
            Write-Host " - " -NoNewline -ForegroundColor Cyan
                                                
                If($ADGroupMember.Enabled -match "True"){Write-Host "Yes"}
                ElseIf($ADGroupMember.Enabled -match "False"){Write-Host "NO" -ForegroundColor Red}
    
            Write-Host "When Created - " -ForegroundColor Yellow -NoNewline
            Write-Host $ADGroupMember.whenCreated -ForegroundColor Cyan
    
            Write-Host "Last Change - " -ForegroundColor Yellow -NoNewline
            Write-Host $WhenChangedDay0fWeek -ForegroundColor Cyan -NoNewline
            Write-Host ", " -ForegroundColor Cyan -NoNewline
            Write-Host $WhenChangedMonth $WhenChangedDay -ForegroundColor Cyan -NoNewline
            Write-Host ", " -ForegroundColor Cyan -NoNewline
            Write-Host $WhenChangedYear -ForegroundColor Cyan -NoNewline
            Write-Host " @ " -ForegroundColor Magenta -NoNewline
            Write-Host $WhenChangedHour -ForegroundColor Magenta -NoNewline
            Write-Host ":" -ForegroundColor Magenta -NoNewline
            Write-Host $WhenChangedMinute $WhenChangedAMPM -ForegroundColor Magenta   
    
            Write-Host 
    
            $obj = New-Object PSObject
            $obj | Add-Member NoteProperty AccountActive ($ADGroupMember.Enabled)
            $obj | Add-Member NoteProperty WhenCreated ($ADGroupMember.whenCreated)
            $obj | Add-Member NoteProperty LastChangeDayOfWeek $WhenChangedDay0fWeek
            $obj | Add-Member NoteProperty LastChangeYear $WhenChangedYear
            $obj | Add-Member NoteProperty LastChangeMonth $WhenChangedMonth
            $obj | Add-Member NoteProperty LastChangeDay $WhenChangedDay
            $obj | Add-Member NoteProperty LastChangeHour $WhenChangedHour
            $obj | Add-Member NoteProperty LastChangeMinute $WhenChangedMinute
            $obj | Add-Member NoteProperty LastChangeAMorPM $WhenChangedAMPM
            $obj | Add-Member NoteProperty LastName ($ADGroupMember.Surname)
            $obj | Add-Member NoteProperty FirstName ($ADGroupMember.GivenName)
            $obj | Add-Member NoteProperty SamAccount ($ADGroupMember.SAMAccountName)
            $obj | Add-Member NoteProperty Agency ($ADGroupMember.Department)
            $obj | Add-Member NoteProperty ADGroup ($ADGroupName)
            $obj | Add-Member NoteProperty OrgUnit $OrgUnit
            $obj | Add-Member NoteProperty NestedUnder "NONE"
            $Obj | export-csv "C:tempGroup Auditing$CurrentDate $ADGroupName MembershipAudit.csv" -NoTypeInformation -Append
    
            }#End of Foreach $Item Line 83
    
            #Enumerate users in Nested Groups
    
            If($NestedGroups) {
    
            $NestedGroups = Get-Content "C:TempGroup Auditing$CurrentDate NestedGroups.txt"
            $NumberofNestedGroups = $NestedGroups.count 
    
            Write-Host "There are " -ForegroundColor Red -NoNewline
            Write-Host $NumberofNestedGroups -ForegroundColor Yellow -NoNewline
            Write-Host " Nested Groups Shown Below" -ForegroundColor Red
            Write-Host "_____________________________________" -ForegroundColor Red
            $NestedGroups
    
            }
    
            Foreach ($NestedGroup in $NestedGroups){
    
            $StartTime3 = Get-Date
            $z = 0
                
                $MembersofNestedGroup = Get-ADGroupMember -Identity $NestedGroup -Credential $AdmAccount
                $NumbersOfMembersInNestedGroup = $MembersofNestedGroup.count
    
                Write-Host " "
                Write-Host "There are " -ForegroundColor Yellow -NoNewline
                Write-Host $NumbersOfMembersInNestedGroup -ForegroundColor Red -NoNewline
                Write-Host " Members in " -ForegroundColor Yellow -NoNewline
                Write-Host $NestedGroup -ForegroundColor Red 
                    
                Write-Host "These are the members of the "  -ForegroundColor Green -NoNewline
                Write-Host $NestedGroup.ToUpper() -ForegroundColor Yellow -NoNewline
                Write-Host " Group, nested under " -ForegroundColor Green -NoNewline
                Write-Host $ADGroupName.ToUpper() -ForegroundColor White
                Write-Host "_______________________________________________________________________________" -ForegroundColor Red
    
                $ADGroupMembers = (Get-ADGroupMember "$NestedGroup").SamAccountName | Get-ADUser -Properties *| Sort SurName
                    
                Foreach ($ADGroupMember in $ADGroupMembers) {
    
                    $z++
                    $SecondsElapsed = ((Get-Date) - $StartTime3).TotalSeconds
                    $SecondsRemaining = ($SecondsElapsed / ($z / $NumbersOfMembersInNestedGroup)) - $SecondsElapsed
    
                    Write-Progress -Activity "Auditing Nested Group $($NestedGroup.ToUpper()) under $($ADGroupName.ToUpper()): #$z of $($NumbersOfMembersInNestedGroup)" -ParentId 1 -PercentComplete (($z/$($NumbersOfMembersInNestedGroup)) * 100) -CurrentOperation "$("{0:N2}" -f ((($z/$($NumbersOfMembersInNestedGroup)) * 100),2))% Complete" -SecondsRemaining $SecondsRemaining
                         
                    $whenChanged = $Item.whenChanged
                    $WhenChangedDay0fWeek = Get-Date $whenChanged -Format dddd
                    $WhenChangedYear = Get-Date $whenChanged -Format yyyy
                    $WhenChangedMonth = Get-Date $whenChanged -Format MMMM
                    $WhenChangedDay = Get-Date $whenChanged -Format dd
                    $WhenChangedHour = Get-Date $whenChanged -Format hh
                    $WhenChangedMinute = Get-Date $whenChanged -Format mm
                    $WhenChangedAMPM = Get-date $whenChanged -Format tt   
                            
                            
                    If ($ADGroupMember.distinguishedname -match ""){                
                        $DN1 = $ADGroupMember.distinguishedname -creplace  "^[^,]*,","" 
                        $DN = $DN1 -creplace "^[^,]*,",""
                    }
    
                    Else {$DN = $ADGroupMember.distinguishedname -creplace "^[^,]*,",""}
    
                    $OrgUnit= $DN.TrimEnd("DC=indyad,DC=local") 
                            
                    Write-Host ($ADGroupMember.SAMAccountName).toUpper() -ForegroundColor Cyan -NoNewline
                    Write-Host " - " -NoNewline
                    Write-Host $ADGroupMember.Surname -ForegroundColor Yellow -NoNewline
                    Write-Host "," -NoNewline -ForegroundColor Yellow
                    Write-Host $ADGroupMember.GivenName -ForegroundColor Yellow -NoNewline
                    Write-Host " (" -NoNewline
                    Write-Host $ADGroupMember.Department -NoNewline
                    Write-Host ")"
                    Write-host $DN -ForegroundColor Yellow
                    Write-Host "Account Active?" -ForegroundColor cyan -NoNewline
                    Write-Host " - " -NoNewline -ForegroundColor Cyan
    
                        If($ADGroupMember.Enabled -match "True"){Write-Host "Yes"}
                        ElseIf($ADGroupMember.Enabled -match "False"){Write-Host "NO" -ForegroundColor Red}
    
                    Write-Host "When Created - " -ForegroundColor Yellow -NoNewline
                    Write-Host $ADGroupMember.whenCreated -ForegroundColor Cyan
    
                    Write-Host "Last Change - " -ForegroundColor Yellow -NoNewline
                    Write-Host $WhenChangedDay0fWeek -ForegroundColor Cyan -NoNewline
                    Write-Host ", " -ForegroundColor Cyan -NoNewline
                    Write-Host $WhenChangedMonth $WhenChangedDay -ForegroundColor Cyan -NoNewline
                    Write-Host ", " -ForegroundColor Cyan -NoNewline
                    Write-Host $WhenChangedYear -ForegroundColor Cyan -NoNewline
                    Write-Host " @ " -ForegroundColor Magenta -NoNewline
                    Write-Host $WhenChangedHour -ForegroundColor Magenta -NoNewline
                    Write-Host ":" -ForegroundColor Magenta -NoNewline
                    Write-Host $WhenChangedMinute $WhenChangedAMPM -ForegroundColor Magenta  
    
                    Write-Host      
    
                    $obj = New-Object PSObject
                    $obj | Add-Member NoteProperty AccountActive ($ADGroupMember.Enabled)
                    $obj | Add-Member NoteProperty WhenCreated ($ADGroupMember.whenCreated)
                    $obj | Add-Member NoteProperty LastChangeDayOfWeek $WhenChangedDay0fWeek
                    $obj | Add-Member NoteProperty LastChangeYear $WhenChangedYear
                    $obj | Add-Member NoteProperty LastChangeMonth $WhenChangedMonth
                    $obj | Add-Member NoteProperty LastChangeDay $WhenChangedDay
                    $obj | Add-Member NoteProperty LastChangeHour $WhenChangedHour
                    $obj | Add-Member NoteProperty LastChangeMinute $WhenChangedMinute
                    $obj | Add-Member NoteProperty LastChangeAMorPM $WhenChangedAMPM
                    $obj | Add-Member NoteProperty LastName ($ADGroupMember.Surname)
                    $obj | Add-Member NoteProperty FirstName ($ADGroupMember.GivenName)
                    $obj | Add-Member NoteProperty SamAccount ($ADGroupMember.SAMAccountName)
                    $obj | Add-Member NoteProperty Agency ($ADGroupMember.Department)
                    $obj | Add-Member NoteProperty ADGroup ($NestedGroup)
                    $obj | Add-Member NoteProperty OrgUnit $OrgUnit 
                    $obj | Add-Member NoteProperty NestedUnder $ADGroupName
                    $Obj | export-csv "C:tempGroup Auditing$CurrentDate $ADGroupName MembershipAudit.csv" -NoTypeInformation -Append
    
                } #End of Foreach $ADGroupMember Line 203
                                       
            }#End of line 180 Foreach $NestGroup
    
         }# End of Foreach $ADGroupName Line 22
    
        If (Test-Path -Path "C:tempGroup Auditing$CurrentDate $ADGroupNames MembershipAudit.csv"){
        
        Write-Host "Do you want to open the report? Y/N" -ForegroundColor Yellow
        $Answer = Read-Host
    
            while("Y","N" -notcontains $Answer){
            Write-Host "Y or N please!" -ForegroundColor Red
            $Answer = Read-Host
            }
    
        If ($Answer -eq "Y"){Invoke-Item "C:tempGroup Auditing$CurrentDate $ADGroupNames MembershipAudit.csv"} 
    
        }
    
        If (Test-Path -Path "C:tempGroup Auditing$CurrentDate NoMembers.txt"){Invoke-Item "C:tempGroup Auditing$CurrentDate NoMembers.txt"}
       
    }#End of line 20 Function GroupMembershipAudit
    
    CLS
    
    Write-Host " "
    Write-Host "ACTIVE DIRECTORY GROUP MEMBERSHIP AUDIT UTILITY" -ForegroundColor Cyan
    Write-Host "_______________________________________________" -ForegroundColor Cyan
    Write-Host " "
    
    Do {
    
    If (!(Test-Path -Path 'C:tempGroup Auditing')) {New-Item 'C:tempGroup Auditing' -type directory}
    If (!(Test-Path -Path 'C:tempGroup AuditingArchive')) {New-Item 'C:tempGroup AuditingArchive' -type directory}
    If (!(Test-Path -Path 'C:tempGroup AuditingMerged')) {New-Item 'C:tempGroup AuditingMerged' -type directory}
    
    $CurrentDate = Get-Date 
    $StartDate = Get-date -Format F
    
    Write-Host "Report Date - " -ForegroundColor Green -NoNewline
    Write-Host $StartDate -ForegroundColor Yellow
    
    $CurrentDate = $CurrentDate.ToString('yyyy-MM-dd@HH-mm-ss')
      
        Write-Host "Do you want to check against one Group, a List, Org Unit, or all of the Domain?" -ForegroundColor Yellow
        Write-Host "(Enter" -ForegroundColor Yellow -NoNewline
        Write-Host " 1 " -NoNewline
        Write-Host "for just one ," -ForegroundColor Yellow -NoNewline 
        Write-Host " 2 " -NoNewline
        Write-Host "for list," -ForegroundColor Yellow -NoNewline  
        Write-Host " 3 " -NoNewline
        Write-Host "for Specific Org Unit, or" -ForegroundColor Yellow -NoNewline
        Write-Host " 4 " -NoNewline
        Write-Host "for Domain)" -ForegroundColor Yellow
        $Answer = Read-Host
    
            while("1","2","3","4" -notcontains $Answer){
            Write-Host "1, 2, 3 or 4 Please!" -ForegroundColor Red
            $Answer = Read-Host 
            }
    
            Switch ($Answer){
    
        1{
    
            Write-Host "Enter the AD Group whose membership is needed" -ForegroundColor Yellow
            $ADGroupNames = Read-Host            
            GroupMembershipAudit $ADGroupNames    
                  
        
        }
    
        2{
            Move-Item -Path 'C:TempGroup Auditing*.csv' -Destination 'C:TempGroup AuditingArchive' -Force
    
            [System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") | Out-Null
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog = New-Object System.Windows.Forms.OpenFileDialog
            $dialog.FilterIndex = 0
            $dialog.InitialDirectory = "C:TempGroup Auditing"
            $dialog.Multiselect = $false
            $dialog.RestoreDirectory = $true
            $dialog.Title = "Select a script file"
            $dialog.ValidateNames = $true
            $dialog.ShowDialog()
            $dialog.FileName
    
            $ADGroupNames = Get-content $dialog.FileName
            $ADGroupNames
            GroupMembershipAudit $ADGroupNames
    
            Get-Content 'C:tempGroup Auditing*.csv' | Set-Content "C:tempGroup AuditingMerged$CurrentDate NestedGroupsMerged.csv"
    
            Write-Host "Do you want to open the report? Y/N" -ForegroundColor Yellow
            $Answer = Read-Host
    
                while("Y","N" -notcontains $Answer){
                Write-Host "Y or N please!" -ForegroundColor Red
                $Answer = Read-Host
                }
    
                If ($Answer -eq "Y"){Invoke-Item "C:tempGroup AuditingMerged$CurrentDate NestedGroupsMerged.csv"}
            }
        
        3{
    
            Write-Host "Enter the Distinguished name of the OU you want to check?" -ForegroundColor Yellow
            $OrgUnits = Read-Host  
    
            Foreach ($OrgUnit in $OrgUnits){
    
                $ADGroupNames = (Get-AdGroup -Filter * -SearchBase "$OrgUnit" -Credential $AdmAccount).Name  | Sort 
                        
            }    
    
            GroupMembershipAudit $ADGroupNames
        }
    
        4{
    
            $ADGroupNames = (Get-AdGroup -Filter * -Credential $AdmAccount).Name  | Sort 
            $TotalADGroups = $ADGroupNames.Count
            Write-Host "Total Groups in Active Directory - " -ForegroundColor Green -NoNewline
            Write-Host $TotalADGroups -ForegroundColor Yellow
    
            GroupMembershipAudit $ADGroupNames
    
        }
    
        
    }
            
    
        Write-Host " "
        Write-Host "Do you want to start over? (Y/N)" -ForegroundColor Yellow
        $Continue = Read-Host 
    
            while("y","n" -notcontains $Continue){
            Write-Host "Y or N Please!" -ForegroundColor Red
            $Continue = Read-Host 
            }
    
            If($Continue -eq "Y"){}
    
    }
    
    until ($Continue -eq "N")

     

    0
  • Thanks for that. Looks like you corrected it for me. Appreciated it. Discovered the error after I updated my script. Didn't want someone using something that would not work completely. Again Thanks.

    0
  • Too bad you can't edit the code you enter. I found a typo in what I posted and no way to fix it.

    Line 110 should by $PCProxyPathAudit | Add-Member NoteProperty ProxyPathSettings $ProxyAutoConfigURL

    0
  • Here is my completed script. This script will audit certain IE settings I have interest in such as proxy, IE version, Computer OU, etc. All you have to do is rung the script. It will prompt you for input.

    The script will ask you to save your administrator credentials to a folder on your C: drive called "Secure". By doing this, you can run this script under non-administrator context. The password environment for us begins with 'adm' so you will have to change that to suit yours. (ie. adm.username).

    I run all my scripts either from Powershell ISE or create little Powershell "apps" by creating shortcuts such as C:WindowsSystem32WindowsPowerShellv1.0powershell.exe C:PSScriptsPOWERSHELL SCRIPT.ps1. By doing this, I can simply click on the shortcut and immediately start my processing.

    0
  • Load More