PowerShell scripts for IT system administration, Active Directory management, server operations, SQL Server database administration, security auditing, and reporting.
- Get-ADUserAudit.ps1 - Comprehensive user audit: last logon, password age, group memberships, inactive and locked accounts
- Get-StaleComputers.ps1 - Identifies computer accounts inactive for X days with optional disable
- Find-PrivilegedAccounts.ps1 - Enumerates members of Domain Admins, Enterprise Admins, Schema Admins, and other high-privilege groups with nested expansion
- Get-GroupMembershipReport.ps1 - Nested group membership expansion for users with direct/indirect membership flagging
- Get-ServerInventory.ps1 - Collects hardware specs (CPU, RAM, disk), OS version, uptime, and patch status across servers via CIM
- Get-DiskSpaceReport.ps1 - Disk utilization across servers with configurable warning and critical thresholds
- Get-PendingReboot.ps1 - Checks multiple reboot-pending indicators (Windows Update, CBS, file rename, SCCM)
- Get-CertificateExpiry.ps1 - Scans certificate stores for expiring SSL/TLS certificates
- Create-M365User.ps1 - Creates Microsoft 365 users and assigns licenses via MSOnline or Graph API
- Set-IntuneCompliance.ps1 - Sets compliance policies and device restrictions for Intune devices
- Export-ADUsers.ps1 - Exports Active Directory users with custom filters to CSV
- Clean-Up-OldDevices.ps1 - Removes stale devices from Azure AD or Intune after X days of inactivity
- Database-IndexMaintenance.ps1 - Automated SQL Server index maintenance with configurable fragmentation thresholds and logging
- Database-BackupVerification.ps1 - Verifies backup integrity and recency against RPO requirements with RESTORE VERIFYONLY
- Database-HealthCheck.ps1 - Comprehensive SQL Server health assessment generating styled HTML reports
- Get-LocalAdminReport.ps1 - Enumerates local Administrators group members across servers, flags service accounts
- Get-FailedLogonReport.ps1 - Analyzes Security event log for failed logons, groups by source IP and username for brute force detection
- Send-HTMLReport.ps1 - Reusable module to convert data to styled HTML tables and send via email
- Send-TeamsNotification.ps1 - Posts formatted message cards to Microsoft Teams via incoming webhook
- Test-NetworkConnectivity.ps1 - Batch TCP port testing across servers with service name mapping and matrix output
Each script includes:
- Parameter documentation with
.SYNOPSIS,.DESCRIPTION,.EXAMPLE - Required modules (ActiveDirectory, SqlServer, MSOnline, etc.)
- Error handling and logging
- Configurable parameters for different environments
- CSV or HTML export capabilities
# AD audit
.\ActiveDirectory\Get-ADUserAudit.ps1 -ExportPath "C:\Reports" -DaysInactive 90
# Server inventory
.\ServerManagement\Get-ServerInventory.ps1 -ComputerName "SERVER01","SERVER02"
# SQL Server health check
.\Database-HealthCheck.ps1 -ServerInstance "SQLSERVER01" -ReportPath "D:\Reports"
# Network port test
.\Networking\Test-NetworkConnectivity.ps1 -ComputerName "SERVER01" -Ports 1433,443,3389MIT License - use and modify freely.