Skip to content

README.md

Latest commit

 

History

History
72 lines (52 loc) · 3.39 KB

README.md

File metadata and controls

72 lines (52 loc) · 3.39 KB

PowerShell Scripts for IT Automation

PowerShell scripts for IT system administration, Active Directory management, server operations, SQL Server database administration, security auditing, and reporting.

Scripts by Category

Active Directory

  • Get-ADUserAudit.ps1 - Comprehensive user audit: last logon, password age, group memberships, inactive and locked accounts
  • Get-StaleComputers.ps1 - Identifies computer accounts inactive for X days with optional disable
  • Find-PrivilegedAccounts.ps1 - Enumerates members of Domain Admins, Enterprise Admins, Schema Admins, and other high-privilege groups with nested expansion
  • Get-GroupMembershipReport.ps1 - Nested group membership expansion for users with direct/indirect membership flagging

Server Management

  • Get-ServerInventory.ps1 - Collects hardware specs (CPU, RAM, disk), OS version, uptime, and patch status across servers via CIM
  • Get-DiskSpaceReport.ps1 - Disk utilization across servers with configurable warning and critical thresholds
  • Get-PendingReboot.ps1 - Checks multiple reboot-pending indicators (Windows Update, CBS, file rename, SCCM)
  • Get-CertificateExpiry.ps1 - Scans certificate stores for expiring SSL/TLS certificates

Microsoft 365 & Device Management

  • Create-M365User.ps1 - Creates Microsoft 365 users and assigns licenses via MSOnline or Graph API
  • Set-IntuneCompliance.ps1 - Sets compliance policies and device restrictions for Intune devices
  • Export-ADUsers.ps1 - Exports Active Directory users with custom filters to CSV
  • Clean-Up-OldDevices.ps1 - Removes stale devices from Azure AD or Intune after X days of inactivity

Database Administration

  • Database-IndexMaintenance.ps1 - Automated SQL Server index maintenance with configurable fragmentation thresholds and logging
  • Database-BackupVerification.ps1 - Verifies backup integrity and recency against RPO requirements with RESTORE VERIFYONLY
  • Database-HealthCheck.ps1 - Comprehensive SQL Server health assessment generating styled HTML reports

Security

  • Get-LocalAdminReport.ps1 - Enumerates local Administrators group members across servers, flags service accounts
  • Get-FailedLogonReport.ps1 - Analyzes Security event log for failed logons, groups by source IP and username for brute force detection

Reporting

  • Send-HTMLReport.ps1 - Reusable module to convert data to styled HTML tables and send via email
  • Send-TeamsNotification.ps1 - Posts formatted message cards to Microsoft Teams via incoming webhook

Networking

  • Test-NetworkConnectivity.ps1 - Batch TCP port testing across servers with service name mapping and matrix output

Usage

Each script includes:

  • Parameter documentation with .SYNOPSIS, .DESCRIPTION, .EXAMPLE
  • Required modules (ActiveDirectory, SqlServer, MSOnline, etc.)
  • Error handling and logging
  • Configurable parameters for different environments
  • CSV or HTML export capabilities
# AD audit
.\ActiveDirectory\Get-ADUserAudit.ps1 -ExportPath "C:\Reports" -DaysInactive 90

# Server inventory
.\ServerManagement\Get-ServerInventory.ps1 -ComputerName "SERVER01","SERVER02"

# SQL Server health check
.\Database-HealthCheck.ps1 -ServerInstance "SQLSERVER01" -ReportPath "D:\Reports"

# Network port test
.\Networking\Test-NetworkConnectivity.ps1 -ComputerName "SERVER01" -Ports 1433,443,3389

License

MIT License - use and modify freely.