• Script and INI file should be there in the same directory. Post the screenshot if you looking for the further help.

    You can take INI file from here - https://github.com/gkm-automation/AD-Security-Assessment

  • Hello,
    I am no as good as I expected in PowerShell, I was try to run script but cannot go trough this:
    Cannot find path 'C:ADcheckConfig.ini' because it does not exist.

    Even that file is on expected path, no success. And I think this is, what stopped me from running it.
    I will appreciate any advices.
    Thank you
    Tomas

  • sorry, I'm not using -ComputerName, but -HostName 😉

  • Hi! Thanks for this post, very useful.

    When I try to connect (Windows 10 -> Linux (synology nas)), using this command:
    $s = New-PSSession -ComputerName myComputer -UserName userName -Port sshPort

    It ask me the password and then I have the following error message:
    OpenError: [192.168.0.10] The background process reported an error with the following message: The SSH client session has ended with error message: subsystem request failed on channel 0.

    Any idea why? (I didn't install anything on my Synology NAS, but activated ssh in the settings and I'm able to ssh using the standard command 'ssh username@ipaddress -p sshPort')

  • Hi,

    First thanks you for your script and for sharing, it is a aood idea, i tested it and every things work fine,
    i made also same adjustement, but i hesitate to contribute if it's worth it, because i wonder if pingcastle doesn't do the same with more details.

  • You have to modify the code when you use Gmail for email notifications. So always try to use Google App password option.

  • The script takes all the inputs other than the line that starts with comment "#" char. Use can refer here for more details "https://devblogs.microsoft.com/scripting/use-powershell-to-work-with-any-ini-file/"

  • $Attachment = "C:tempSome random file.txt"
    $Subject = "Email Subject"
    $Body = "Insert body text here"
    $SMTPServer = "smtp.gmail.com"
    $SMTPPort = "587"
    Send-MailMessage -From $From -to $To -Cc $Cc -Subject $Subject `
    -Body $Body -SmtpServer $SMTPServer -port $SMTPPort -UseSsl `
    -Credential (Get-Credential) -Attachments $Attachment

    Reuse the above code. Don't provide your default creentails instead generate google application password. Refer here "https://support.google.com/accounts/answer/185833?hl=en"

  • One other question for the group, has anyone found documentation on everything that is allowed in the config.ini file?

  • First, I am NOT a programmer 😉 I hacked together some code to get the email functionality working without using the deprecated Send-MailMessage commandlet. Anyway, I'm sure this can be consolidated, but it works:

    #---------------------------------------------------------------------------------------------------------------------------------------------
    # Sending Mail
    #---------------------------------------------------------------------------------------------------------------------------------------------

    if($SendEmail -eq 'Yes' ) {

    # Send ADHealthCheck Report
    if(Test-Path $HealthReport)
    {
    try {
    $Message = new-object Net.Mail.MailMessage
    $smtp = new-object Net.Mail.SmtpClient("smtp.gmail.com", 587)
    $smtp.Credentials = New-Object System.Net.NetworkCredential("xxxxxxx@gmail.com", "GmailPassword");
    $smtp.EnableSsl = $true
    $smtp.Timeout = 400000
    $Message.From = "xxxxxxx@gmail.com"
    $Message.To.Add("xxxxxxx@gmail.com")
    $Message.Attachments.Add("$HealthReport")
    $Message.Subject = "AD Health Check Report"
    $Message.Body = "Please find AD Health Check report attached."
    $smtp.Send($Message)
    } catch {
    Write-Log 'Error in sending AD Health Check Report!'
    }
    }

    #Send an ERROR mail if Report is not found
    if(!(Test-Path $HealthReport))
    {

    try {
    $Message = new-object Net.Mail.MailMessage
    $smtp = new-object Net.Mail.SmtpClient("smtp.gmail.com", 587)
    $smtp.Credentials = New-Object System.Net.NetworkCredential("xxxxxxx@gmail.com", "GmailPassword");
    $smtp.EnableSsl = $true
    $smtp.Timeout = 400000
    $Message.From = "xxxxxxx@gmail.com"
    $Message.To.Add("xxxxxxx@gmail.com")
    $Message.Subject = "AD Health Check Report"
    $Message.Body = "ERROR: NO AD Health Check report."
    $smtp.Send($Message)
    } catch {
    Write-Log 'Unable to send Error mail.'
    }
    }

    }
    else
    {
    Write-Log "As Send Email is NO so report through mail is not being sent. Please find the report in Script directory."
    }

  • Has anyone figured out a fix for the SNMP function being deprecated? I get an error when trying to use my gmail account. I'll start researching a fix, but if someone already has a work-around, why reinvent the wheel?

  • In the upcoming world of 2022, I had to do this nonsense to set colors that work with a black Fluent Terminal background:

    Get-PSReadlineOption  # list all.  (alias: just 'psreadlineoption')
    
    Set-PSReadLineOption -Colors @{ "Command"="White" }
    Set-PSReadLineOption -Colors @{ "Operator"="DarkBlue" }
    Set-PSReadLineOption -Colors @{ "String"="Yellow" }
    Set-PSReadLineOption -Colors @{ "Parameter"="Blue" }
    Set-PSReadLineOption -Colors @{ "Comment"="Gray" }
    
    # which syntax I found here:
    get-help Set-PSReadLineOption -examples
    
  • Found the answer by Googling it. Apparently in Github, you have to choose the "Raw" button. If you try to download the file, a bunch of Github junk comes down with the file.

  • Getting a ton of these types of errors
    t C:UsersDesktopAD_SecurityCheck.ps1:261 char:138
    + ... -primary text-bold py-2" data-hydro-click="{"event_type":&q ...
    + ~
    The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an
    ampersand in double quotation marks ("&") to pass it as part of a string.
    At C:UsersMFAdminDesktopAD_SecurityCheck.ps1:261 char:145
    + ... y text-bold py-2" data-hydro-click="{"event_type":"ana ...
    + ~
    The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an
    ampersand in double quotation marks ("&") to pass it as part of a string.

  • You know I am not trying to sound like a jerk, but I didn't see your previous post.
    Is there something wrong with posting it again? Not everyone posts or replies
    at the same time. Plus we do miss posts. But that's ok I will just ask some of your other colleague's who probably wouldn't mind assisting me.

  • Looks nice.. but yeah got errors also.. And got no idea what it should be...

    At C:InstallAD_Securitycheck.ps1:46 char:15
    +         �^[(.+)]� # Section
    +               ~
    Missing statement block in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:46 char:19
    +         �^[(.+)]� # Section
    +                   ~
    Missing statement block in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:52 char:13
    +         �^(;.*)$� # Comment
    +             ~
    Missing statement block in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    An expression was expected after '('.
    At C:InstallAD_Securitycheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    Missing closing ')' in expression.
    At C:InstallAD_Securitycheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    Missing statement block in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
    +                 ~
    Missing statement block in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
    +                 ~
    Missing condition in switch statement clause.
    At C:InstallAD_Securitycheck.ps1:42 char:1
    + {
    + ~
    Missing closing '}' in statement block or type definition.
    At C:InstallAD_Securitycheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
    +                 ~
    Unexpected token ')' in expression or statement.
    Not all parse errors were reported.  Correct the reported errors and try again.
        + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
        + FullyQualifiedErrorId : MissingSwitchStatementClause
  • PS C:userswrdownloads> .AD_SecurityCheck.ps1
    At C:userswrdownloadsAD_SecurityCheck.ps1:46 char:15
    +         �^[(.+)]� # Section
    +               ~
    Missing statement block in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:46 char:19
    +         �^[(.+)]� # Section
    +                   ~
    Missing statement block in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:13
    +         �^(;.*)$� # Comment
    +             ~
    Missing statement block in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    An expression was expected after '('.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    Missing closing ')' in expression.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:14
    +         �^(;.*)$� # Comment
    +              ~
    Missing statement block in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
    +                 ~
    Missing statement block in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
    +                 ~
    Missing condition in switch statement clause.
    At C:userswrdownloadsAD_SecurityCheck.ps1:42 char:1
    + {
    + ~
    Missing closing '}' in statement block or type definition.
    At C:userswridownloadsAD_SecurityCheck.ps1:52 char:17
    +         �^(;.*)$� # Comment
  • Load More
© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account