Tips-Of-Mine/Powershell
2
0
Fork 0
Code Pull Requests Wiki Activity
Powershell/Active Directory/Audit.ps1
Hubert Cornet c4a8939ed6 Actualiser Active Directory/Audit.ps1 
Correction de la partie unité d'organisation
2024-06-10 16:07:47 +02:00

1658 lines
61 KiB
PowerShell
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<#
.SYNOPSIS
<Overview of script>
.NOTES
Version : 1.0
Author : Hubert CORNET
Creation Date : 20/11/2022
Purpose/Change :
.LINK
https://www.tips-of-mine.fr
.EXEMPLE
<Example goes here. Repeat this attribute for more than one example>
.DESCRIPTION
<Brief description of script>
.PARAMETER CompanyLogo
Enter URL or UNC path to your desired Company Logo for generated report.
-CompanyLogo "https://www.fichorga.fr/images/logo-logiciel-fichorga.png"
.PARAMETER ReportTitle
Enter desired title for generated report.
-ReportTitle "Active Directory Report"
.PARAMETER Days
Users that have not logged in within [X] amount of days.
-Days "90"
.PARAMETER UserCreatedDays
Users that have been created within [X] amount of days.
-UserCreatedDays "15"
.PARAMETER DaysUntilPWExpireINT
Users password expires within [X] amount of days
-DaysUntilPWExpireINT "15"
.PARAMETER ADModNumber
Active Directory Objects that have been modified within [X] amount of days.
-ADModNumber "15"
.INPUTS
<Inputs if any, otherwise state None>
.OUTPUTS
<Outputs if any, otherwise state None - example: Log file stored in C:\Windows\Temp\<name>.log>
#>
#---------------------------------------------------------[Initialisations]--------------------------------------------------------
param (
#Company logo that will be displayed on the left, can be URL or UNC
[Parameter(ValueFromPipeline = $true, HelpMessage = "Entrez l'URL ou le chemin UNC vers le logo de l'entreprise")]
[String]$CompanyLogo = "https://www.fichorga.fr/images/logo-logiciel-fichorga.png",
#Logo that will be on the right side, UNC or URL
[Parameter(ValueFromPipeline = $true, HelpMessage = "Entrez le titre souhaité pour le rapport")]
[String]$ReportTitle = "Rapport Active Directory",
#Location the report will be saved to
[Parameter(ValueFromPipeline = $true, HelpMessage = "Entrez le chemin du répertoire souhaité pour enregistrer; Default: C:\Automation\")]
[String]$ReportSavePath = "C:\Automation\",
#Find users that have not logged in X Amount of days, this sets the days
[Parameter(ValueFromPipeline = $true, HelpMessage = "Les utilisateurs qui ne se sont pas connectés dans les [X] nombre de jours; Default: 90")]
$Days = 90,
#Get users who have been created in X amount of days and less
[Parameter(ValueFromPipeline = $true, HelpMessage = "Les utilisateurs qui ont été créés dans [X] nombre de jours; Default: 15")]
$UserCreatedDays = 15,
#Get users whos passwords expire in less than X amount of days
[Parameter(ValueFromPipeline = $true, HelpMessage = "Le mot de passe de l'utilisateur expire dans un délai de [X] nombre de jours; Default: 15")]
$DaysUntilPWExpireINT = 15,
#Get AD Objects that have been modified in X days and newer
[Parameter(ValueFromPipeline = $true, HelpMessage = "Les objets AD qui ont été modifiés dans [X] nombre de jours; Default: 15")]
$ADModNumber =15
#CSS template located C:\Program Files\WindowsPowerShell\Modules\ReportHTML\1.4.1.1\
#Default template is orange and named "Sample"
)
#---------------------------------------------------------[Initialisations]--------------------------------------------------------
# Définir l'action d'erreur pour continuer silencieusement
$ErrorActionPreference = "SilentlyContinue"
$Minute = (Get-Date).Minute
$Hour = (Get-Date).Hour
$Day = (Get-Date).Day
$Month = (Get-Date).Month
$Year = (Get-Date).Year
#-----------------------------------------------------------[Functions]------------------------------------------------------------
Function LastLogonConvert ($ftDate) {
$Date = [DateTime]::FromFileTime($ftDate)
If ($Date -lt (Get-Date '1/1/1900') -or $date -eq 0 -or $date -eq $null) {
"Never"
}
Else {
$Date
}
}
Function Write-Color([String[]]$Text, [ConsoleColor[]]$Color = "White", [int]$StartTab = 0, [int] $LinesBefore = 0,[int] $LinesAfter = 0, [string] $LogFile = "", $TimeFormat = "yyyy-MM-dd HH:mm:ss") {
$DefaultColor = $Color[0]
If ($LinesBefore -ne 0) { for ($i = 0; $i -lt $LinesBefore; $i++) { Write-Host "`n" -NoNewline } } # Add empty line before
If ($StartTab -ne 0) { for ($i = 0; $i -lt $StartTab; $i++) { Write-Host "`t" -NoNewLine } } # Add TABS before text
If ($Color.Count -ge $Text.Count) {
For ($i = 0; $i -lt $Text.Length; $i++) { Write-Host $Text[$i] -ForegroundColor $Color[$i] -NoNewLine }
}
Else {
For ($i = 0; $i -lt $Color.Length ; $i++) { Write-Host $Text[$i] -ForegroundColor $Color[$i] -NoNewLine }
For ($i = $Color.Length; $i -lt $Text.Length; $i++) { Write-Host $Text[$i] -ForegroundColor $DefaultColor -NoNewLine }
}
Write-Host
If ($LinesAfter -ne 0) { for ($i = 0; $i -lt $LinesAfter; $i++) { Write-Host "`n" } } # Add empty line after
If ($LogFile -ne "") {
$TextToFile = ""
For ($i = 0; $i -lt $Text.Length; $i++) {
$TextToFile += $Text[$i]
}
Write-Output "[$([datetime]::Now.ToString($TimeFormat))]$TextToFile" | Out-File $LogFile -Encoding unicode -Append
}
}
#--------------------------------------------------------[Debut Du Script]---------------------------------------------------------
Clear-Host
#Check for ReportHTML Module
$Mod = Get-Module -ListAvailable -Name "ReportHTML"
If ($null -eq $Mod) {
Write-Host "Le module ReportHTML n'est pas présent, tentative d'installation."
Install-Module -Name ReportHTML -Force
Import-Module ReportHTML -ErrorAction SilentlyContinue
}
Write-host "`n"
Write-Color "Personnalisation des rapports de collecte ..." -Color White
Write-host "`n"
Write-Color "__________________________________________________________________________________" -Color White
Write-Color "Logo de l'entreprise (gauche) : __________________________________________________ ", $CompanyLogo -Color White, Green
Write-Color "Titre du rapport : _______________________________________________________________ ", $ReportTitle -Color White, Green
Write-Color "Chemin de sauvegarde du rapport : ________________________________________________ ", $ReportSavePath -Color White, Green
Write-Color "Rapport sur le nombre de jours depuis la dernière connexion de l'utilisateur : ___ ", $Days -Color White, Green
Write-Color "Nombre de jours pour la création de nouveaux utilisateurs : ______________________ ", $UserCreatedDays -Color White, Green
Write-Color "Nombre de jours pour l'expiration du mot de passe : ______________________________ ", $DaysUntilPWExpireINT -Color White, Green
Write-Color "Nombre de jours pour les objets AD nouvellement modifiés : _______________________ ", $ADModNumber -Color White, Green
Write-Color "__________________________________________________________________________________" -Color White
#Array of default Security Groups
$DefaultSGs = @(
"Opérateurs dassistance Access Control"
"Opérateurs de compte"
"Administrateurs"
"Réplication de mot de passe RODC autorisée"
"Opérateurs de sauvegarde"
"Accès DCOM au service de certificats"
"Éditeurs de certificats"
"Contrôleurs de domaine clonables"
"Opérateurs de chiffrement"
"Réplication de mot de passe RODC refusée"
"Propriétaires dappareils"
"Administrateurs DHCP"
"Utilisateurs DHCP"
"Utilisateurs du modèle COM distribué"
"DnsUpdateProxy"
"DnsAdmins"
"Administrateurs du domaine"
"Ordinateurs de domaine"
"Contrôleurs de domaine"
"Invités de domaine"
"Utilisateurs du domaine"
"Administrateurs de lentreprise"
"Enterprise Key Admins"
"Contrôleurs de domaine dentreprise en lecture seule"
"Lecteurs des journaux dévénements"
"Propriétaires créateurs de la stratégie de groupe"
"Invités"
"Administrateurs Hyper-V"
"IIS_IUSRS"
"Générateurs dapprobation de forêt entrante"
"Administrateurs de clés"
"Opérateurs de configuration réseau"
"Utilisateurs du journal des performances"
"Utilisateurs de lAnalyseur de performances"
"Accès pré-Windows 2000 compatible"
"Opérateurs d'impression"
"Utilisateurs protégés"
"Serveurs RAS et IAS"
"Serveurs de points de terminaison..."
"Serveurs dadministration RDS"
"Serveurs daccès à distance RDS"
"Contrôleurs de domaine en lecture seule"
"Utilisateurs du Bureau à distance"
"Utilisateurs de gestion à distance"
"Duplicateur"
"Administrateurs du schéma"
"Opérateurs de serveur"
"Administrateurs de réplica de stockage"
"Comptes gérés par le système"
"Serveurs de licences Terminal Server"
"Utilisateurs"
"Accès à lautorisation Windows"
"WinRMRemoteWMIUsers_"
)
$Table = New-Object 'System.Collections.Generic.List[System.Object]'
$OUTable = New-Object 'System.Collections.Generic.List[System.Object]'
$UserTable = New-Object 'System.Collections.Generic.List[System.Object]'
$UserPasswordTable = New-Object 'System.Collections.Generic.List[System.Object]'
$GroupTypetable = New-Object 'System.Collections.Generic.List[System.Object]'
$DefaultGrouptable = New-Object 'System.Collections.Generic.List[System.Object]'
$EnabledDisabledUsersTable = New-Object 'System.Collections.Generic.List[System.Object]'
$DomainAdminTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ExpiringAccountsTable = New-Object 'System.Collections.Generic.List[System.Object]'
$CompanyInfoTable = New-Object 'System.Collections.Generic.List[System.Object]'
$securityeventtable = New-Object 'System.Collections.Generic.List[System.Object]'
$DomainTable = New-Object 'System.Collections.Generic.List[System.Object]'
$OUGPOTable = New-Object 'System.Collections.Generic.List[System.Object]'
$GroupMembershipTable = New-Object 'System.Collections.Generic.List[System.Object]'
$PasswordExpirationTable = New-Object 'System.Collections.Generic.List[System.Object]'
$PasswordExpireSoonTable = New-Object 'System.Collections.Generic.List[System.Object]'
$userphaventloggedonrecentlytable = New-Object 'System.Collections.Generic.List[System.Object]'
$EnterpriseAdminTable = New-Object 'System.Collections.Generic.List[System.Object]'
$NewCreatedUsersTable = New-Object 'System.Collections.Generic.List[System.Object]'
$GroupProtectionTable = New-Object 'System.Collections.Generic.List[System.Object]'
$OUProtectionTable = New-Object 'System.Collections.Generic.List[System.Object]'
$GPOTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ADObjectTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ProtectedUsersTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ComputersTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ComputerProtectedTable = New-Object 'System.Collections.Generic.List[System.Object]'
$ComputersEnabledTable = New-Object 'System.Collections.Generic.List[System.Object]'
$DefaultComputersinDefaultOUTable = New-Object 'System.Collections.Generic.List[System.Object]'
$DefaultUsersinDefaultOUTable = New-Object 'System.Collections.Generic.List[System.Object]'
$TOPUserTable = New-Object 'System.Collections.Generic.List[System.Object]'
$TOPGroupsTable = New-Object 'System.Collections.Generic.List[System.Object]'
$TOPComputersTable = New-Object 'System.Collections.Generic.List[System.Object]'
$GraphComputerOS = New-Object 'System.Collections.Generic.List[System.Object]'
#Get all users right away. Instead of doing several lookups, we will use this object to look up all the information needed.
$AllUsers = Get-ADUser -Filter * -Properties *
$GPOs = Get-GPO -All | Select-Object DisplayName, GPOStatus, ModificationTime, @{ Label = "ComputerVersion"; Expression = { $_.computer.dsversion } }, @{ Label = "UserVersion"; Expression = { $_.user.dsversion } }
<###########################
Dashboard
############################>
Write-Host "Analyse sur le rapport du tableau de bord ........................................ " -ForegroundColor Green -NoNewline
$dte = (Get-Date).AddDays(- $ADModNumber)
$ADObjs = Get-ADObject -Filter { whenchanged -gt $dte -and ObjectClass -ne "domainDNS" -and ObjectClass -ne "rIDManager" -and ObjectClass -ne "rIDSet" } -Properties *
$Compteur = 0
Foreach ($ADObj in $ADObjs) {
$Compteur++
Write-Progress -Id 0 -Activity "Analyse : " -Status "Processing $($Compteur) of $($ADObjs.count)" -CurrentOperation $ADObj -PercentComplete (($Compteur / $ADObjs.count) * 100)
If ($ADObj.ObjectClass -eq "GroupPolicyContainer") {
$Name = $ADObj.DisplayName
}
Else{
$Name = $ADObj.Name
}
$obj = [PSCustomObject]@{
"Name" = $Name
"Type Object" = $ADObj.ObjectClass
"Date changement" = $ADObj.WhenChanged
}
$ADObjectTable.Add($obj)
}
$ADRecycleBinStatus = (Get-ADOptionalFeature -Filter 'name -like "Recycle Bin Feature"').EnabledScopes
If ($ADRecycleBinStatus.Count -lt 1) {
$ADRecycleBin = "Desactive"
}
Else {
$ADRecycleBin = "Actif"
}
#Company Information
$ADInfo = Get-ADDomain
$ForestObj = Get-ADForest
$DomainControllerobj = Get-ADDomain
$Forest = $ADInfo.Forest
$InfrastructureMaster = $DomainControllerobj.InfrastructureMaster
$RIDMaster = $DomainControllerobj.RIDMaster
$PDCEmulator = $DomainControllerobj.PDCEmulator
$DomainNamingMaster = $ForestObj.DomainNamingMaster
$SchemaMaster = $ForestObj.SchemaMaster
$obj = [PSCustomObject]@{
"Domaine" = $Forest
"Corbeille AD" = $ADRecycleBin
"Maitre de l'infrastructure" = $InfrastructureMaster
"Maitre RID" = $RIDMaster
"Emulateur PDC" = $PDCEmulator
"Maitre des noms de domaine" = $DomainNamingMaster
"Maitre Schema" = $SchemaMaster
}
$CompanyInfoTable.Add($obj)
#Get newly created users
$When = ((Get-Date).AddDays(- $UserCreatedDays)).Date
$NewUsers = $AllUsers | Where-Object { $_.whenCreated -ge $When }
Foreach ($Newuser in $Newusers) {
$obj = [PSCustomObject]@{
"Name" = $Newuser.Name
"Actif" = $Newuser.Enabled
"Date creation" = $Newuser.whenCreated
}
$NewCreatedUsersTable.Add($obj)
}
#Get Domain Admins
$DomainAdminMembers = Get-ADGroupMember "Admins du domaine"
Foreach ($DomainAdminMember in $DomainAdminMembers) {
$Name = $DomainAdminMember.Name
$Type = $DomainAdminMember.ObjectClass
$Enabled = ($AllUsers | Where-Object { $_.Name -eq $Name }).Enabled
$obj = [PSCustomObject]@{
"Name" = $Name
"Actif" = $Enabled
"Type" = $Type
}
$DomainAdminTable.Add($obj)
}
#Get Enterprise Admins
$EnterpriseAdminsMembers = Get-ADGroupMember "Administrateurs de lentreprise"
If (($EnterpriseAdminsMembers).Count -eq 0) {
$EnterpriseAdminsMember = [PSCustomObject]@{
Information = "Informations : Aucun utilisateur n'a ete trouve dans le groupe Administrateurs de lentreprise"
}
}
Else {
Foreach ($EnterpriseAdminsMember in $EnterpriseAdminsMembers) {
$Name = $EnterpriseAdminsMember.Name
$Type = $EnterpriseAdminsMember.ObjectClass
$Enabled = ($AllUsers | Where-Object { $_.Name -eq $Name }).Enabled
$obj = [PSCustomObject]@{
"Name" = $Name
"Actif" = $Enabled
"Type" = $Type
}
$EnterpriseAdminTable.Add($obj)
}
}
$DefaultComputersOU = (Get-ADDomain).computerscontainer
$DefaultComputers = Get-ADComputer -Filter * -Properties * -SearchBase "$DefaultComputersOU"
Foreach ($DefaultComputer in $DefaultComputers) {
$obj = [PSCustomObject]@{
"Name" = $DefaultComputer.Name
"Actif" = $DefaultComputer.Enabled
"Systeme d'exploitation" = $DefaultComputer.OperatingSystem
"Date modification" = $DefaultComputer.Modified
"Dernier mot de passe defini" = $DefaultComputer.PasswordLastSet
"Protege contre la suppression" = $DefaultComputer.ProtectedFromAccidentalDeletion
}
$DefaultComputersinDefaultOUTable.Add($obj)
}
$DefaultUsersOU = (Get-ADDomain).UsersContainer
$DefaultUsers = $Allusers | Where-Object { $_.DistinguishedName -like "*$($DefaultUsersOU)" } | Select-Object Name, UserPrincipalName, Enabled, ProtectedFromAccidentalDeletion, EmailAddress, @{ Name = 'lastlogon'; Expression = { LastLogonConvert $_.lastlogon } }, DistinguishedName
Foreach ($DefaultUser in $DefaultUsers) {
$obj = [PSCustomObject]@{
"Name" = $DefaultUser.Name
"UserPrincipalName" = $DefaultUser.UserPrincipalName
"Actif" = $DefaultUser.Enabled
"Protege contre la suppression" = $DefaultUser.ProtectedFromAccidentalDeletion
"Derniere connexion" = $DefaultUser.LastLogon
"Adresse mail" = $DefaultUser.EmailAddress
}
$DefaultUsersinDefaultOUTable.Add($obj)
}
#Expiring Accounts
$LooseUsers = Search-ADAccount -AccountExpiring -UsersOnly
Foreach ($LooseUser in $LooseUsers) {
$NameLoose = $LooseUser.Name
$UPNLoose = $LooseUser.UserPrincipalName
$ExpirationDate = $LooseUser.AccountExpirationDate
$enabled = $LooseUser.Enabled
$obj = [PSCustomObject]@{
"Name" = $NameLoose
"UserPrincipalName" = $UPNLoose
"Date expiration" = $ExpirationDate
"Actif" = $enabled
}
$ExpiringAccountsTable.Add($obj)
}
If (($ExpiringAccountsTable).Count -eq 0) {
$ExpiringAccountsTable = [PSCustomObject]@{
Information = "Informations : Aucun utilisateur n'expire bientot"
}
}
#Analyse journaux audti sécurité
$SecurityLogs = Get-EventLog -Newest 7 -LogName "Security" | Where-Object { $_.Message -like "*An account*" }
Foreach ($SecurityLog in $SecurityLogs) {
$TimeGenerated = $SecurityLog.TimeGenerated
$EntryType = $SecurityLog.EntryType
$Recipient = $SecurityLog.Message
$obj = [PSCustomObject]@{
"Time" = $TimeGenerated
"Type" = $EntryType
"Message" = $Recipient
}
$SecurityEventTable.Add($obj)
}
If (($securityeventtable).Count -eq 0) {
$securityeventtable = [PSCustomObject]@{
Information = "Informations : Aucun journal de securite recent"
}
}
#Tenant Domain
$Domains = Get-ADForest | Select-Object -ExpandProperty upnsuffixes | ForEach-Object{
$obj = [PSCustomObject]@{
"UPN Suffixes" = $_
Valid = "True"
}
$DomainTable.Add($obj)
}
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 0 -Activity "Analyse : " -completed
<###########################
Groups
############################>
Write-Host "Rapport sur les groupes .......................................................... " -ForegroundColor Green -NoNewline
#Get groups and sort in alphabetical order
$Groups = Get-ADGroup -Filter * -Properties *
$SecurityCount = 0
$MailSecurityCount = 0
$CustomGroup = 0
$DefaultGroup = 0
$Groupswithmemebrship = 0
$Groupswithnomembership = 0
$GroupsProtected = 0
$GroupsNotProtected = 0
$Compteur = 0
Foreach ($Group in $Groups) {
$Compteur++
Write-Progress -Id 1 -Activity "Analyse : " -Status "Processing $($Compteur) of $($Groups.count)" -CurrentOperation $Group -PercentComplete (($Compteur / $Groups.count) * 100)
$DefaultADGroup = 'False'
$Type = New-Object 'System.Collections.Generic.List[System.Object]'
$Gemail = (Get-ADGroup $Group -Properties mail).mail
If (($group.GroupCategory -eq "Security") -and ($Gemail -ne $Null)) {
$MailSecurityCount++
}
If (($group.GroupCategory -eq "Security") -and (($Gemail) -eq $Null)) {
$SecurityCount++
}
If ($Group.ProtectedFromAccidentalDeletion -eq $True) {
$GroupsProtected++
}
Else {
$GroupsNotProtected++
}
If ($DefaultSGs -contains $Group.Name) {
$DefaultADGroup = "True"
$DefaultGroup++
}
Else {
$CustomGroup++
}
If ($group.GroupCategory -eq "Distribution") {
$Type = "Groupe de distribution"
}
If (($group.GroupCategory -eq "Security") -and (($Gemail) -eq $Null)) {
$Type = "Groupe de securite"
}
If (($group.GroupCategory -eq "Security") -and (($Gemail) -ne $Null)) {
$Type = "Groupe de securite active par courrier"
}
If ($Group.Name -ne "Domain Users") {
$Users = (Get-ADGroupMember -Identity $Group | Sort-Object DisplayName | Select-Object -ExpandProperty Name) -join ", "
If (!($Users)) {
$Groupswithnomembership++
}
Else {
$Groupswithmemebrship++
}
}
Else {
$Users = "Skipped Domain Users Membership"
}
$OwnerDN = Get-ADGroup -Filter { name -eq $Group.Name } -Properties managedBy | Select-Object -ExpandProperty ManagedBy
$Manager = $AllUsers | Where-Object { $_.distinguishedname -eq $OwnerDN } | Select-Object -ExpandProperty Name
$obj = [PSCustomObject]@{
"Name" = $Group.name
"Type" = $Type
"Membres" = $users
"Gere par" = $Manager
"Adresse mail" = $GEmail
"Protege contre la suppression" = $Group.ProtectedFromAccidentalDeletion
"Default AD Groupe" = $DefaultADGroup
}
$table.Add($obj)
}
If (($table).Count -eq 0) {
$table = [PSCustomObject]@{
Information = "Information : Aucun groupe n'a ete trouve"
}
}
#TOP groups table
$obj1 = [PSCustomObject]@{
"Total Groupes" = $Groups.Count
"Groupes de securite compatibles avec la messagerie" = $MailSecurityCount
"Groupes de securite" = $SecurityCount
"Groupes de distribution" = $DistroCount
}
$TOPGroupsTable.Add($obj1)
$obj1 = [PSCustomObject]@{
'Name' = "Groupes de securite compatibles avec la messagerie"
'Count' = $MailSecurityCount
}
$GroupTypetable.Add($obj1)
$obj1 = [PSCustomObject]@{
'Name' = "Groupes de securite"
'Count' = $SecurityCount
}
$GroupTypetable.Add($obj1)
$DistroCount = ($Groups | Where-Object { $_.GroupCategory -eq "Distribution" }).Count
$obj1 = [PSCustomObject]@{
'Name' = "Groupes de distribution"
'Count' = $DistroCount
}
$GroupTypetable.Add($obj1)
#Default Group Pie Chart
$obj1 = [PSCustomObject]@{
'Name' = "Groupes par defaut"
'Count' = $DefaultGroup
}
$DefaultGrouptable.Add($obj1)
$obj1 = [PSCustomObject]@{
'Name' = "Groupes personnalises"
'Count' = $CustomGroup
}
$DefaultGrouptable.Add($obj1)
#Group Protection Pie Chart
$obj1 = [PSCustomObject]@{
'Name' = "Protege"
'Count' = $GroupsProtected
}
$GroupProtectionTable.Add($obj1)
$obj1 = [PSCustomObject]@{
'Name' = "Non Protege"
'Count' = $GroupsNotProtected
}
$GroupProtectionTable.Add($obj1)
#Groups with membership vs no membership pie chart
$objmem = [PSCustomObject]@{
'Name' = "Avec les membres"
'Count' = $Groupswithmemebrship
}
$GroupMembershipTable.Add($objmem)
$objmem = [PSCustomObject]@{
'Name' = "Aucun membre"
'Count' = $Groupswithnomembership
}
$GroupMembershipTable.Add($objmem)
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 1 -Activity "Analyse : " -completed
<###########################
Organizational Units
############################>
Write-Host "Analyse sur le rapport sur les unités organisation ............................... " -ForegroundColor Green -NoNewline
#Get all OUs'
$OUs = Get-ADOrganizationalUnit -Filter * -Properties *
$OUwithLinked = 0
$OUwithnoLink = 0
$OUProtected = 0
$OUNotProtected = 0
$Compteur = 0
Foreach ($OU in $OUs) {
$Compteur++
Write-Progress -Id 2 -Activity "Analyse : " -Status "Processing $($Compteur) of $($OUs.count)" -CurrentOperation $OU -PercentComplete (($Compteur / $OUs.count) * 100)
$LinkedGPOs = New-Object 'System.Collections.Generic.List[System.Object]'
If (($OU.linkedgrouppolicyobjects).length -lt 1) {
$LinkedGPOs = "None"
$OUwithnoLink++
}
Else {
$OUwithLinked++
$GPOslinks = $OU.linkedgrouppolicyobjects
Foreach ($GPOlink in $GPOslinks) {
$Split1 = $GPOlink -split "{" | Select-Object -Last 1
$Split2 = $Split1 -split "}" | Select-Object -First 1
$LinkedGPOs.Add((Get-GPO -Guid $Split2 -ErrorAction SilentlyContinue).DisplayName)
}
}
If ($OU.ProtectedFromAccidentalDeletion -eq $True) {
$OUProtected++
}
Else {
$OUNotProtected++
}
$LinkedGPOs = $LinkedGPOs -join ", "
$obj = [PSCustomObject]@{
"Name" = $OU.Name
"Linked GPOs" = $LinkedGPOs
"Date modification" = $OU.WhenChanged
"Protege contre la suppression" = $OU.ProtectedFromAccidentalDeletion
}
$OUTable.Add($obj)
}
If (($OUTable).Count -eq 0) {
$OUTable = [PSCustomObject]@{
Information = "Information : Aucune unite organisationnelle n'a ete trouvee"
}
}
#OUs with no GPO Linked
$obj1 = [PSCustomObject]@{
'Name' = "OU sans GPOs lies"
'Count' = $OUwithnoLink
}
$OUGPOTable.Add($obj1)
$obj2 = [PSCustomObject]@{
'Name' = "OU avec GPO's lies"
'Count' = $OUwithLinked
}
$OUGPOTable.Add($obj2)
#OUs Protected Pie Chart
$obj1 = [PSCustomObject]@{
'Name' = "Protege"
'Count' = $OUProtected
}
$OUProtectionTable.Add($obj1)
$obj2 = [PSCustomObject]@{
'Name' = "Non protege"
'Count' = $OUNotProtected
}
$OUProtectionTable.Add($obj2)
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 2 -Activity "Analyse : " -completed
<###########################
USERS
############################>
Write-Host "Analyse sur le rapport des utilisateurs .......................................... " -ForegroundColor Green -NoNewline
$UserEnabled = 0
$UserDisabled = 0
$UserPasswordExpires = 0
$UserPasswordNeverExpires = 0
$ProtectedUsers = 0
$NonProtectedUsers = 0
$Compteur = 0
$UsersWithPasswordsExpiringInUnderAWeek = 0
$UsersNotLoggedInOver30Days = 0
$AccountsExpiringSoon = 0
Foreach ($User in $AllUsers) {
$Compteur++
Write-Progress -Id 3 -Activity "Analyse : " -Status "Processing $($Compteur) of $($AllUsers.count)" -CurrentOperation $User -PercentComplete (($Compteur / $AllUsers.count) * 100)
$AttVar = $User | Select-Object Enabled, PasswordExpired, PasswordLastSet, PasswordNeverExpires, PasswordNotRequired, Name, SamAccountName, EmailAddress, AccountExpirationDate, @{ Name = 'lastlogon'; Expression = { LastLogonConvert $_.lastlogon } }, DistinguishedName
$maxPasswordAge = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge
If ((($AttVar.PasswordNeverExpires) -eq $False) -and (($AttVar.Enabled) -ne $false)) {
#Get Password last set date
$passwordSetDate = ($User | ForEach-Object { $_.PasswordLastSet })
If ($null -eq $passwordSetDate) {
$daystoexpire = "Utilisateur ne s'est jamais connecte"
}
Else {
#Check for Fine Grained Passwords
$PasswordPol = (Get-ADUserResultantPasswordPolicy $user)
If (($PasswordPol) -ne $null) {
$maxPasswordAge = ($PasswordPol).MaxPasswordAge
}
$expireson = $passwordsetdate + $maxPasswordAge
$today = (Get-Date)
#Gets the count on how many days until the password expires and stores it in the $daystoexpire var
$daystoexpire = (New-TimeSpan -Start $today -End $Expireson).Days
}
}
Else {
$daystoexpire = "N/A"
}
#Get users that haven't logged on in X amount of days, var is set at start of script
If (($User.Enabled -eq $True) -and ($User.LastLogonDate -lt (Get-Date).AddDays(- $Days)) -and ($User.LastLogonDate -ne $NULL)) {
$obj = [PSCustomObject]@{
"Name" = $User.Name
"UserPrincipalName" = $User.UserPrincipalName
"Actif" = $AttVar.Enabled
"Protege contre la suppression" = $User.ProtectedFromAccidentalDeletion
"Derniere connexion" = $AttVar.lastlogon
"Mot de passe n'expire jamais" = $AttVar.PasswordNeverExpires
"Jours avant l'expiration du mot de passe" = $daystoexpire
}
$userphaventloggedonrecentlytable.Add($obj)
}
If (($userphaventloggedonrecentlytable).Count -eq 0) {
$userphaventloggedonrecentlytable = [PSCustomObject]@{
Information = "Information : Aucun utilisateur n'a ete trouve comme n'ayant pas ete connecte en $Days jours"
}
}
#Items for protected vs non protected users
If ($User.ProtectedFromAccidentalDeletion -eq $False) {
$NonProtectedUsers++
}
Else {
$ProtectedUsers++
}
#Items for the enabled vs disabled users pie chart
If (($AttVar.PasswordNeverExpires) -ne $false) {
$UserPasswordNeverExpires++
}
Else {
$UserPasswordExpires++
}
#Items for password expiration pie chart
If (($AttVar.Enabled) -ne $false) {
$UserEnabled++
}
Else {
$UserDisabled++
}
$Name = $User.Name
$UPN = $User.UserPrincipalName
$Enabled = $AttVar.Enabled
$EmailAddress = $AttVar.EmailAddress
$AccountExpiration = $AttVar.AccountExpirationDate
$PasswordExpired = $AttVar.PasswordExpired
$PasswordLastSet = $AttVar.PasswordLastSet
$PasswordNeverExpires = $AttVar.PasswordNeverExpires
$daysUntilPWExpire = $daystoexpire
$obj = [PSCustomObject]@{
"Name" = $Name
"UserPrincipalName" = $UPN
"Actif" = $Enabled
"Protege contre la suppression" = $User.ProtectedFromAccidentalDeletion
"Derniere connexion" = $LastLogon
"Adresse mail " = $EmailAddress
"Expiration du compte" = $AccountExpiration
"Changer du mot de passe Prochaine" = $PasswordExpired
"Dernier mot de passe defini" = $PasswordLastSet
"Mot de passe n'expire jamais" = $PasswordNeverExpires
"Jours avant l'expiration du mot de passe" = $daystoexpire
}
$usertable.Add($obj)
If ($daystoexpire -lt $DaysUntilPWExpireINT) {
$obj = [PSCustomObject]@{
'Name' = $Name
"Jours avant l'expiration du mot de passe" = $daystoexpire
}
$PasswordExpireSoonTable.Add($obj)
}
}
If (($usertable).Count -eq 0) {
$usertable = [PSCustomObject]@{
Information = "Information : Aucun utilisateur n'a ete trouve"
}
}
#Data for users enabled vs disabled pie graph
$objULic = [PSCustomObject]@{
'Name' = "Actif"
'Count' = $UserEnabled
}
$EnabledDisabledUsersTable.Add($objULic)
$objULic = [PSCustomObject]@{
'Name' = "Desactiver"
'Count' = $UserDisabled
}
$EnabledDisabledUsersTable.Add($objULic)
#Data for users password expires pie graph
$objULic = [PSCustomObject]@{
'Name' = "Expiration du mot de passe"
'Count' = $UserPasswordExpires
}
$PasswordExpirationTable.Add($objULic)
$objULic = [PSCustomObject]@{
'Name' = "Le mot de passe n'expire jamais"
'Count' = $UserPasswordNeverExpires
}
$PasswordExpirationTable.Add($objULic)
#Data for protected users pie graph
$objULic = [PSCustomObject]@{
'Name' = "Protege"
'Count' = $ProtectedUsers
}
$ProtectedUsersTable.Add($objULic)
$objULic = [PSCustomObject]@{
'Name' = "Non protege"
'Count' = $NonProtectedUsers
}
$ProtectedUsersTable.Add($objULic)
#TOP User table
If (($ExpiringAccountsTable).Count -gt 0) {
$objULic = [PSCustomObject]@{
"Total des utilisateurs" = $AllUsers.Count
"Utilisateurs dont les mots de passe expirent dans moins de $DaysUntilPWExpireINT jours" = $PasswordExpireSoonTable.Count
"Comptes arrivant a expiration" = $ExpiringAccountsTable.Count
"Utilisateurs non connectes depuis $Days jours" = $userphaventloggedonrecentlytable.Count
}
$TOPUserTable.Add($objULic)
}
Else {
$objULic = [PSCustomObject]@{
"Total des utilisateurs" = $AllUsers.Count
"Utilisateurs dont les mots de passe expirent dans moins de $DaysUntilPWExpireINT jours" = $PasswordExpireSoonTable.Count
"Comptes arrivant a expiration" = "0"
"Utilisateurs non connectes depuis $Days jours" = $userphaventloggedonrecentlytable.Count
}
$TOPUserTable.Add($objULic)
}
#Get-ADReplAccount -All -Server $env:ComputerName -NamingContext $(Get-ADDomain | select -ExpandProperty DistinguishedName) | Test-PasswordQuality -IncludeDisabledAccounts
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 3 -Activity "Done" -completed
<###########################
Group Policy Object
############################>
Write-Host "Rapport sur les GPOs ............................................................. " -ForegroundColor Green -NoNewline
$Compteur = 0
$GPOTable = New-Object 'System.Collections.Generic.List[System.Object]'
Foreach ($GPO in $GPOs) {
$Compteur++
Write-Progress -Id 4 -Activity "Analyse : " -Status "Processing $($Compteur) of $($GPOs.count)" -CurrentOperation $GPO -PercentComplete (($Compteur / $GPOs.count) * 100)
$obj = [PSCustomObject]@{
"Name" = $GPO.DisplayName
"Status" = $GPO.GpoStatus
"Date modification" = $GPO.ModificationTime
"User Version" = $GPO.UserVersion
"Computer Version" = $GPO.ComputerVersion
}
$GPOTable.Add($obj)
}
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 4 -Activity "Done" -completed
<###########################
Computers
############################>
Write-Host "Rapport sur le travail sur ordinateur ............................................ " -ForegroundColor Green -NoNewline
$Computers = Get-ADComputer -Filter * -Properties *
$ComputersProtected = 0
$ComputersNotProtected = 0
$ComputerEnabled = 0
$ComputerDisabled = 0
$Server2022 = 0
$Server2019 = 0
$Server2016 = 0
$Server2012 = 0
$Server2012R2 = 0
$Server2008R2 = 0
$Windows11 = 0
$Windows10 = 0
$Windows8 = 0
$Windows7 = 0
$Server2012R2 = 0
$Compteur = 0
Foreach ($Computer in $Computers) {
$Compteur++
Write-Progress -Id 5 -Activity "Analyse : " -Status "Processing $($Compteur) of $($Computers.count)" -CurrentOperation $Computer -PercentComplete (($Compteur / $Computers.count) * 100)
If ($Computer.ProtectedFromAccidentalDeletion -eq $True) {
$ComputersProtected++
}
Else {
$ComputersNotProtected++
}
If ($Computer.Enabled -eq $True) {
$ComputerEnabled++
}
Else {
$ComputerDisabled++
}
$obj = [PSCustomObject]@{
"ComputerName" = $Computer.Name
"Actif" = $Computer.Enabled
"Systeme d'exploitation" = $Computer.OperatingSystem
"Description" = $Computer.Description
"Date modification" = $Computer.Modified
"Date dernier mot de passe defini" = $Computer.PasswordLastSet
"Protege contre la suppression" = $Computer.ProtectedFromAccidentalDeletion
}
$ComputersTable.Add($obj)
If ($Computer.OperatingSystem -like "*Server 2022*") {
$Server2022++
}
Elseif ($Computer.OperatingSystem -like "*Server 2019*") {
$Server2019++
}
Elseif ($Computer.OperatingSystem -like "*Server 2016*") {
$Server2016++
}
Elseif ($Computer.OperatingSystem -like "*Server 2012 R2*") {
$Server2012R2++
}
Elseif ($Computer.OperatingSystem -like "*Server 2012*") {
$Server2012++
}
Elseif ($Computer.OperatingSystem -like "*Server 2008 R2*") {
$Server2008R2++
}
Elseif ($Computer.OperatingSystem -like "*Windows 11*") {
$Windows11++
}
Elseif ($Computer.OperatingSystem -like "*Windows 10*") {
$Windows10++
}
Elseif ($Computer.OperatingSystem -like "*Windows 8*") {
$Windows8++
}
Elseif ($Computer.OperatingSystem -like "*Windows 7*") {
$Windows7++
}
}
If (($ComputersTable).Count -eq 0) {
$ComputersTable = [PSCustomObject]@{
Information = "Information : Aucun ordinateur n'a ete trouve"
}
}
#Data for TOP Computers data table
$objULic = [PSCustomObject]@{
"Total Ordinateurs" = $Computers.Count
"Serveur 2022" = $Server2022
"Serveur 2019" = $Server2019
"Serveur 2016" = $Server2016
"Serveur 2012 R2" = $Server2012R2
"Serveur 2012" = $Server2012
"Serveur 2008 R2" = $Server2008R2
"Windows 11" = $Windows11
"Windows 10" = $Windows10
"Windows 8" = $Windows8
"Windows 7" = $Windows7
}
$TOPComputersTable.Add($objULic)
#Pie chart breaking down OS for computer obj
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2022"
"Count" = $Server2022
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2019"
"Count" = $Server2019
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2016"
"Count" = $Server2016
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2012 R2"
"Count" = $Server2012R2
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2012"
"Count" = $Server2012
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Serveur 2008 R2"
"Count" = $Server2008R2
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Windows 11"
"Count" = $Windows11
}
$objULic = [PSCustomObject]@{
"Name" = "Windows 10"
"Count" = $Windows10
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Windows 8"
"Count" = $Windows8
}
$GraphComputerOS.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Windows 7"
"Count" = $Windows7
}
$GraphComputerOS.Add($objULic)
#Data for protected Computers pie graph
$objULic = [PSCustomObject]@{
"Name" = "Protege"
"Count" = $ComputerProtected
}
$ComputerProtectedTable.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Non protege"
"Count" = $ComputersNotProtected
}
$ComputerProtectedTable.Add($objULic)
#Data for enabled/vs Computers pie graph
$objULic = [PSCustomObject]@{
"Name" = "Actif"
"Count" = $ComputerEnabled
}
$ComputersEnabledTable.Add($objULic)
$objULic = [PSCustomObject]@{
"Name" = "Desactiver"
"Count" = $ComputerDisabled
}
$ComputersEnabledTable.Add($objULic)
Write-Host "Terminé !" -ForegroundColor White
Write-Progress -Id 5 -Activity "Done" -completed
$tabarray = @("Tableau de bord", "Groupes", "Unites d Organisation", "Utilisateurs", "Groupe Police Objet", "Ordinateurs")
Write-Host "Compilation du rapport ........................................................... " -ForegroundColor Green -NoNewline
##--OU Protection PIE CHART--##
#Basic Properties
$PO12 = Get-HTMLPieChartObject
$PO12.Title = "Unites organisation protegees contre la suppression"
$PO12.Size.Height = 250
$PO12.Size.width = 250
$PO12.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PO12.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PO12.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PO12.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PO12.DataDefinition.DataNameColumnName = 'Name'
$PO12.DataDefinition.DataValueColumnName = 'Count'
##--Computer OS Breakdown PIE CHART--##
$PieObjectComputerObjOS = Get-HTMLPieChartObject
$PieObjectComputerObjOS.Title = "Computer Operating Systems"
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectComputerObjOS.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectComputerObjOS.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectComputerObjOS.ChartStyle.ColorSchemeName = 'Random'
##--Computers Protection PIE CHART--##
#Basic Properties
$PieObjectComputersProtected = Get-HTMLPieChartObject
$PieObjectComputersProtected.Title = "Ordinateurs proteges contre la suppression"
$PieObjectComputersProtected.Size.Height = 250
$PieObjectComputersProtected.Size.width = 250
$PieObjectComputersProtected.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectComputersProtected.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectComputersProtected.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectComputersProtected.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectComputersProtected.DataDefinition.DataNameColumnName = 'Name'
$PieObjectComputersProtected.DataDefinition.DataValueColumnName = 'Count'
##--Computers Enabled PIE CHART--##
#Basic Properties
$PieObjectComputersEnabled = Get-HTMLPieChartObject
$PieObjectComputersEnabled.Title = "Ordinateurs actives et desactives"
$PieObjectComputersEnabled.Size.Height = 250
$PieObjectComputersEnabled.Size.width = 250
$PieObjectComputersEnabled.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectComputersEnabled.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectComputersEnabled.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectComputersEnabled.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectComputersEnabled.DataDefinition.DataNameColumnName = 'Name'
$PieObjectComputersEnabled.DataDefinition.DataValueColumnName = 'Count'
##--USERS Protection PIE CHART--##
#Basic Properties
$PieObjectProtectedUsers = Get-HTMLPieChartObject
$PieObjectProtectedUsers.Title = "Utilisateurs proteges contre la suppression"
$PieObjectProtectedUsers.Size.Height = 250
$PieObjectProtectedUsers.Size.width = 250
$PieObjectProtectedUsers.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectProtectedUsers.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectProtectedUsers.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectProtectedUsers.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectProtectedUsers.DataDefinition.DataNameColumnName = 'Name'
$PieObjectProtectedUsers.DataDefinition.DataValueColumnName = 'Count'
#Basic Properties
$PieObjectOUGPOLinks = Get-HTMLPieChartObject
$PieObjectOUGPOLinks.Title = "Liens OU/GPO"
$PieObjectOUGPOLinks.Size.Height = 250
$PieObjectOUGPOLinks.Size.width = 250
$PieObjectOUGPOLinks.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectOUGPOLinks.ChartStyle.ColorSchemeName = "ColorScheme4"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectOUGPOLinks.ChartStyle.ColorSchemeName = "Generated5"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectOUGPOLinks.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectOUGPOLinks.DataDefinition.DataNameColumnName = 'Name'
$PieObjectOUGPOLinks.DataDefinition.DataValueColumnName = 'Count'
#Basic Properties
$PieObject4 = Get-HTMLPieChartObject
$PieObject4.Title = "Office 365 Unassigned Licenses"
$PieObject4.Size.Height = 250
$PieObject4.Size.width = 250
$PieObject4.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObject4.ChartStyle.ColorSchemeName = "ColorScheme4"
#There are 8 generated schemes, randomly generated at runtime
$PieObject4.ChartStyle.ColorSchemeName = "Generated4"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObject4.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObject4.DataDefinition.DataNameColumnName = 'Name'
$PieObject4.DataDefinition.DataValueColumnName = 'Unassigned Licenses'
#Basic Properties
$PieObjectGroupType = Get-HTMLPieChartObject
$PieObjectGroupType.Title = "Types de groupes"
$PieObjectGroupType.Size.Height = 250
$PieObjectGroupType.Size.width = 250
$PieObjectGroupType.ChartStyle.ChartType = 'doughnut'
#Pie Chart Groups with members vs no members
$PieObjectGroupMembersType = Get-HTMLPieChartObject
$PieObjectGroupMembersType.Title = "Adhesion au groupe"
$PieObjectGroupMembersType.Size.Height = 250
$PieObjectGroupMembersType.Size.width = 250
$PieObjectGroupMembersType.ChartStyle.ChartType = 'doughnut'
$PieObjectGroupMembersType.ChartStyle.ColorSchemeName = "ColorScheme4"
$PieObjectGroupMembersType.ChartStyle.ColorSchemeName = "Generated8"
$PieObjectGroupMembersType.ChartStyle.ColorSchemeName = 'Random'
$PieObjectGroupMembersType.DataDefinition.DataNameColumnName = 'Name'
$PieObjectGroupMembersType.DataDefinition.DataValueColumnName = 'Count'
#Basic Properties
$PieObjectGroupType2 = Get-HTMLPieChartObject
$PieObjectGroupType2.Title = "Groupes personnalises et groupes par defaut"
$PieObjectGroupType2.Size.Height = 250
$PieObjectGroupType2.Size.width = 250
$PieObjectGroupType2.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectGroupType.ChartStyle.ColorSchemeName = "ColorScheme4"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectGroupType.ChartStyle.ColorSchemeName = "Generated8"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectGroupType.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectGroupType.DataDefinition.DataNameColumnName = 'Name'
$PieObjectGroupType.DataDefinition.DataValueColumnName = 'Count'
##--Enabled users vs Disabled Users PIE CHART--##
#Basic Properties
$EnabledDisabledUsersPieObject = Get-HTMLPieChartObject
$EnabledDisabledUsersPieObject.Title = "Utilisateurs actives et desactives"
$EnabledDisabledUsersPieObject.Size.Height = 250
$EnabledDisabledUsersPieObject.Size.width = 250
$EnabledDisabledUsersPieObject.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$EnabledDisabledUsersPieObject.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$EnabledDisabledUsersPieObject.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$EnabledDisabledUsersPieObject.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$EnabledDisabledUsersPieObject.DataDefinition.DataNameColumnName = 'Name'
$EnabledDisabledUsersPieObject.DataDefinition.DataValueColumnName = 'Count'
##--PasswordNeverExpires PIE CHART--##
#Basic Properties
$PWExpiresUsersTable = Get-HTMLPieChartObject
$PWExpiresUsersTable.Title = "Expiration Mot De Passe"
$PWExpiresUsersTable.Size.Height = 250
$PWExpiresUsersTable.Size.Width = 250
$PWExpiresUsersTable.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PWExpiresUsersTable.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PWExpiresUsersTable.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PWExpiresUsersTable.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PWExpiresUsersTable.DataDefinition.DataNameColumnName = 'Name'
$PWExpiresUsersTable.DataDefinition.DataValueColumnName = 'Count'
##--Group Protection PIE CHART--##
#Basic Properties
$PieObjectGroupProtection = Get-HTMLPieChartObject
$PieObjectGroupProtection.Title = "Groupes proteges contre la suppression"
$PieObjectGroupProtection.Size.Height = 250
$PieObjectGroupProtection.Size.width = 250
$PieObjectGroupProtection.ChartStyle.ChartType = 'doughnut'
#These file exist in the module directoy, There are 4 schemes by default
$PieObjectGroupProtection.ChartStyle.ColorSchemeName = "ColorScheme3"
#There are 8 generated schemes, randomly generated at runtime
$PieObjectGroupProtection.ChartStyle.ColorSchemeName = "Generated3"
#you can also ask for a random scheme. Which also happens ifyou have too many records for the scheme
$PieObjectGroupProtection.ChartStyle.ColorSchemeName = 'Random'
#Data defintion you can reference any column from name and value from the dataset.
#Name and Count are the default to work with the Group function.
$PieObjectGroupProtection.DataDefinition.DataNameColumnName = 'Name'
$PieObjectGroupProtection.DataDefinition.DataValueColumnName = 'Count'
#Tableau de bord Report
$FinalReport = New-Object 'System.Collections.Generic.List[System.Object]'
$FinalReport.Add($(Get-HTMLOpenPage -TitleText $ReportTitle -LeftLogoString $CompanyLogo -RightLogoString $CompanyLogo))
$FinalReport.Add($(Get-HTMLTabHeader -TabNames $tabarray))
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[0] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Informations sur l'entreprise"))
$FinalReport.Add($(Get-HTMLContentTable $CompanyInfoTable))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Groupes"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Administrateurs de domaines"))
$FinalReport.Add($(Get-HTMLContentDataTable $DomainAdminTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Administrateurs d'entreprise"))
$FinalReport.Add($(Get-HTMLContentDataTable $EnterpriseAdminTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Objets dans les OU par defaut"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Ordinateurs"))
$FinalReport.Add($(Get-HTMLContentDataTable $DefaultComputersinDefaultOUTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Utilisateurs"))
$FinalReport.Add($(Get-HTMLContentDataTable $DefaultUsersinDefaultOUTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Objets AD modifies en dernier $ADModNumber jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $ADObjectTable))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Objets en voie d'expiration"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Utilisateurs dont les mots de passe expirent dans $DaysUntilPWExpireINT jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $PasswordExpireSoonTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Comptes expirant bientot"))
$FinalReport.Add($(Get-HTMLContentDataTable $ExpiringAccountsTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Comptes"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Utilisateurs non connectes depuis $Days jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $userphaventloggedonrecentlytable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Comptes crees en $UserCreatedDays jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $NewCreatedUsersTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Journaux de securite"))
$FinalReport.Add($(Get-HTMLContentDataTable $securityeventtable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "UPN Suffixes"))
$FinalReport.Add($(Get-HTMLContentTable $DomainTable))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLTabContentClose))
#Groups Report
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[1] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Apercu des groupes"))
$FinalReport.Add($(Get-HTMLContentTable $TOPGroupsTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Groupes Active Directory"))
$FinalReport.Add($(Get-HTMLContentDataTable $Table -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Administrateurs de domaines"))
$FinalReport.Add($(Get-HTMLContentDataTable $DomainAdminTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Administrateurs d'entreprise"))
$FinalReport.Add($(Get-HTMLContentDataTable $EnterpriseAdminTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Graphiques Groupes Active Directory"))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 1 -ColumnCount 4))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectGroupType -DataSet $GroupTypetable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 2 -ColumnCount 4))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectGroupType2 -DataSet $DefaultGrouptable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 3 -ColumnCount 4))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectGroupMembersType -DataSet $GroupMembershipTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 4 -ColumnCount 4))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectGroupProtection -DataSet $GroupProtectionTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLTabContentClose))
#Organizational Unit Report
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[2] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Unites organisations"))
$FinalReport.Add($(Get-HTMLContentDataTable $OUTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Graphiques unites organisations"))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 1 -ColumnCount 2))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectOUGPOLinks -DataSet $OUGPOTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 2 -ColumnCount 2))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PO12 -DataSet $OUProtectionTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentclose))
$FinalReport.Add($(Get-HTMLTabContentClose))
#Users Report
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[3] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Apercu des utilisateurs"))
$FinalReport.Add($(Get-HTMLContentTable $TOPUserTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Utilisateurs d'Active Directory"))
$FinalReport.Add($(Get-HTMLContentDataTable $UserTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Groupe de mot de passe"))
$FinalReport.Add($(Get-HTMLContentDataTable $$UserPasswordTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Articles en voie d'expiration"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Utilisateurs dont les mots de passe expirent dans $DaysUntilPWExpireINT jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $PasswordExpireSoonTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Comptes expirant bientot"))
$FinalReport.Add($(Get-HTMLContentDataTable $ExpiringAccountsTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Comptes"))
$FinalReport.Add($(Get-HTMLColumn1of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Utilisateurs non connectes depuis $Days jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $userphaventloggedonrecentlytable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumn2of2))
$FinalReport.Add($(Get-HTMLContentOpen -BackgroundShade 1 -HeaderText "Comptes crees en $UserCreatedDays jours"))
$FinalReport.Add($(Get-HTMLContentDataTable $NewCreatedUsersTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Graphiques utilisateurs"))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 1 -ColumnCount 3))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $EnabledDisabledUsersPieObject -DataSet $EnabledDisabledUsersTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 2 -ColumnCount 3))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PWExpiresUsersTable -DataSet $PasswordExpirationTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 3 -ColumnCount 3))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectProtectedUsers -DataSet $ProtectedUsersTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLTabContentClose))
#GPO Report
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[4] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Police Groupe Objet"))
$FinalReport.Add($(Get-HTMLContentDataTable $GPOTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLTabContentClose))
#Computers Report
$FinalReport.Add($(Get-HTMLTabContentopen -TabName $tabarray[5] -TabHeading ("Rapport: " + (Get-Date -Format dd-MM-yyyy))))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Apercu des ordinateurs"))
$FinalReport.Add($(Get-HTMLContentTable $TOPComputersTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Ordinateurs"))
$FinalReport.Add($(Get-HTMLContentDataTable $ComputersTable -HideFooter))
$FinalReport.Add($(Get-HTMLContentClose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Graphiques d'ordinateurs"))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 1 -ColumnCount 2))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectComputersProtected -DataSet $ComputerProtectedTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLColumnOpen -ColumnNumber 2 -ColumnCount 2))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectComputersEnabled -DataSet $ComputersEnabledTable))
$FinalReport.Add($(Get-HTMLColumnClose))
$FinalReport.Add($(Get-HTMLContentclose))
$FinalReport.Add($(Get-HTMLContentOpen -HeaderText "Repartition des systemes d'exploitation des ordinateurs"))
$FinalReport.Add($(Get-HTMLPieChart -ChartObject $PieObjectComputerObjOS -DataSet $GraphComputerOS))
$FinalReport.Add($(Get-HTMLContentclose))
$FinalReport.Add($(Get-HTMLTabContentClose))
$FinalReport.Add($(Get-HTMLClosePage))
$ReportName = ("$Day-$Month-$Year-$Hour-$Minute-AD Report")
#Save-HTMLReport -ReportContent $FinalReport -ShowReport -ReportName $ReportName -ReportPath $ReportSavePath
Add-Content $ReportSavePath$ReportName".html" $FinalReport
Write-Host "Terminé !" -ForegroundColor White
#---------------------------------------------------------[Fin Du Script]----------------------------------------------------------
Stop-Transcript
View Git Blame Copy Permalink