Wednesday, 29 January 2020

Bulk DNS Record Deletion

# Update List of HOSTNAME in host.txt file

$DNSDATAs = Get-Content .\host.txt

foreach ($dns in $DNSDATAs){

# If DNS Record exist, If block will process

If ((Get-DnsServerResourceRecord -ZoneName lab.local $dns -ErrorAction SilentlyContinue).hostname -ne $null) {
    Remove-DnsServerResourceRecord -ZoneName lab.local -RRType "A" -Name $dns -Force
    $Result = "$dns Record deleted successfully"| Out-File -Append ".\dnslog.log"

# If DNS Record not found else block will process

} else {
    $Result = "$dns Record NOT found in Zone" | Out-File -Append ".\dnslog.log"
}
}

Extract AD Group Member Info




# Name Of the Groups, where we need to pull the Group information.

$GroupNames = Get-Content C:\temp\Server.txt

# Check each group once at time.

    foreach ($ADGroup in $GroupNames){

    # Check If Group having Members, if Group contains members will process the If block.

    If ((Get-ADGroupMember $ADGroup ).length -ne 0){

    Get-ADGroupMember -Identity $ADGroup | select @{Name="GroupName";expression={$ADGroup}},name,objectClass  |Out-File -Append C:\temp\Gropinfo.csv

    }

    Else {

    # If Group is empty, else block will process.

    "$ADGroup Member Value is Empty" |Out-File -Append C:\temp\Gropinfo.csv

}
}  

Tuesday, 28 January 2020

Compare Active Directory Group Members from One User To Other User

# Reference User

$Refernceuser = Get-ADUser -Identity User1 -Properties * | Select-Object MemberOf -ExpandProperty Memberof | Get-ADGroup -Properties * | Select-Object -ExpandProperty Name

# User Who need similar access to Refernce User

$User = Get-ADUser -Identity User2 -Properties * | Select-Object MemberOf -ExpandProperty Memberof | Get-ADGroup -Properties * | Select-Object -ExpandProperty Name

# Compare Group MemberInfo

Compare-Object -ReferenceObject $Refernceuser -DifferenceObject $User | Where-Object {$_.SideIndicator -eq "<=" -and $_.Inputobject -like "*Grou*"}

Check Server Group Info and Add Object To AD Group V1

          Many Scenario we push GPO, based on Server Group Member Info. The below Scrips will help us to Add Servers into Specific ADGroup. 

# Specify list of OU followed by Comma Separator.
$OUs = "OU=DomainServer,OU=DomainObjects,DC=lab,DC=local","OU=DomainAdmin,OU=DomainObjects,DC=lab,DC=local"

# Active Directory Group
$ADGroup = "CN=GroupA,OU=DomainGroup,OU=DomainObjects,DC=lab,DC=local"

# Check each OU One at time
foreach ($OU in $OUs){

# Store All Servers in each OU
$Servers = Get-Adcomputer -Filter * -SearchBase $OU

# Check each Server in Specifiy OU
foreach ($Server in $Servers){

# Collecting Server Group Memberof Information
$ServerGroupInfo = Get-ADComputer -Identity $Server -Properties * | Select-Object MemberOF -ExpandProperty MemberOF

# Check if Server is Memberof  AD Group
If($ServerGroupInfo -contains $ADGroup){

# IF Server is MemberOf ADGroup, update Log
$Log =  "$Server is MemberOF $ADGroup" |Out-File -Append ".\Report.log"
}else{
# If Server not Memberof ADGroup, Add Server object into ADGroup

Add-ADPrincipalGroupMembership -Identity $Server -MemberOf $ADGroup
# Finally Update log
$Log = "$Server is Added to $ADGroup" | Out-File -Append ".\Report.log"
}
}

}

Check Server Group Info and Add Object To AD Group

            Many Scenario we push GPO, based on Server Group Member Info. The below Scrips will help us to Add Servers into Specific ADGroup. 

# Name of The OU, where we are going to take Input Object

$OU = "OU=DomainServer,OU=DomainObjects,DC=lab,DC=local"

# Active Directory Group,

$ADGroup = "CN=GroupA,OU=DomainGroup,OU=DomainObjects,DC=lab,DC=local"

# Get Server Information

$Servers = Get-ADComputer -Filter * -SearchBase $OU

# Check each Servers if they are part of GroupA.

foreach ($Srv in $Servers){

# Checking Server Group information

   $ServerGroupMemberof = Get-ADComputer -Identity $Srv -Properties * | Select-Object MemberOf -ExpandProperty MemberOf

# Check If Server Memberof contains ADGroup

If ($ServerGroupMemberof -contains $ADGroup){

# If Server MemberShip Contains AD Group Log the Result.

$Log= "Server $Srv MembeorOf $ADGroup" |out-file -Append ".\Result.txt"

}
# IF server does not have Group Member info, it will add Group.
else {

# Adding Servers into Group

Add-ADPrincipalGroupMembership -Identity $Srv -MemberOf $ADGroup

# Storing the result in logs.
$Log = "Server $Srv Has benn MemberOF $ADGroup"|Out-File -Append ".\Result.txt"
}
}

Simple Script To Check, if Client using Correct TimeSource

# Collecting All Active Directory server Information

$ADServers = (Get-ADForest).Domains | %{ Get-ADDomainController -Filter * -Server $_ } | Select-Object name -ExpandProperty name

# Checking Local time Source from Client Computer

$Windowstime = w32tm /query /source

# Took Only hostname from Windows Time

$ClientTimeSourceHostName=$Windowstime.Split(".")[0]

# Checking If Client having current AD Server as TimeSource.

If ($ClientTimeSourceHostName -in $ADServers){
Write-Host "Computer having correct time source"

}else{
Write-Host "Computer not Using Correct TimeSource"
}

Script To Collect Os Info and Check Server State before run Commands.

# The Script combine multiple commands and combine the Result to Single output.
# Also this script check the target server before RUN commands.

function Get-LocalSysteminfo {
    param (
        $computername= (Read-Host "Enter-ComputerName")
    )

# Passing each server once at a time, to collect the data.

    foreach ($Server in $computername) {

# Before Passing Server into Script, Checking the server is online status, if server is online, data will be collect.

    $PingResult = Test-Connection $Server -Quiet
   
    If ($PingResult -eq $true){
           
    $OS = Get-WmiObject -Class Win32_operatingsystem -ComputerName $Server
    $bios = Get-wmiobject -Class Win32_bios -ComputerName $Server
    $disk = Get-wmiobject -Class win32_logicaldisk -ComputerName $Server

# Creating New PowerShell Object to Store the above information

    $obj = New-Object -TypeName psobject

    $obj | Add-Member -MemberType NoteProperty -Name Computername -Value $Server
    $obj | Add-Member -MemberType NoteProperty -Name OSVersion -Value $OS.Version
    $obj | Add-Member -MemberType NoteProperty -Name BiosSerial -Value $bios.serialnumber
    $obj | Add-Member -MemberType NoteProperty -Name disksize -Value $disk.size
    write-output $obj
    }
# If Server Unresponsive, Script will Return the name of the server. 
    else {
    Write-Host "Server is not Responding Ping $Server"
    }
}
}
Get-LocalSysteminfo no2,localhost,localhost,no5 |Format-Table -AutoSize