NCSUComputer PowerShell Module
This PowerShell module allows Administrators to query an individual computer, a list of computers, or a group (an Active Directory Group) for various attributes on demand. It requires the Active Directory module for Windows PowerShell. The cmdlets in the NCSUComputer module include:
- Get-NCSUComputerAV
- Get-NCSUComputerEventLog
- Get-NCSUComputerLocalGroupMembership
- Get-NCSUComputerLogicalDisk
- Get-NCSUComputerOS
- Get-NCSUComputerSystem
- Get-NCSUComputerUSB
- Get-NCSUComputerUserAccount
- Show-NCSUComputerAVInfo
- Show-NCSUComputerDiskSpace
- Show-NCSUComputerLastReboot
- Show-NCSUComputerLocalGroupMembership
- Show-NCSUComputerLogonHistory
- Show-NCSUComputerManufacturerModel
- Show-NCSUComputerOSInfo
- Show-NCSUComputerUSBDevice
- Show-NCSUComputerUser
Each of the ‘Show-NCSU…’ cmdlets use one or more of the ‘Get-NCSU…’ cmdlets to obtain the attributes that are displayed.
Show-NCSUComputerOSInfo -GroupName "ETF-Atrium.Computers" ComputerName Operating System Version Service Pack Architecture ------------ ---------------- ------- ------------ ------------ ETF-AIRFORCE Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit ETF-ARMY Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit ETF-MARINES Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit ETF-NAVY Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit Elapsed Runtime: 0 minutes and 13 seconds.
All of the ‘Show-NCSU…’ cmdlets display the collected information in a format similar to the example above. Use the ‘Get-NCSU..’ cmdlets to retrieve object data that can be passed on to the pipeline for further processing.
The cmdlets include a ‘-ClassicRemoting’ (uses WMI cmdlets built-in remoting which typically requires the remote registry service and WMI firewall exceptions) switch for environments where PowerShell Remoting is not enabled.
[powershell]<#
Original Author: Ryan Leap – srleap@ncsu.edu
#>
<#
.Synopsis
Gets the WMI Security Center AntiVirus object for a computer or group of computers.
.DESCRIPTION
This cmdlet retrieves WMI Security Center AV Object properties from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object. ** Does not work
against Windows Server Platforms **
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerAntiVirusInfo -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerAntiVirusInfo -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#ROOT\securitycenter2\AntiVirusProduct
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
The ‘SecurityCenter2’ namespace does not exist on Server Operating Systems and therefore this script in its current
form does not detect AV on Windows Server platforms.
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerAV {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerAV_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName
)
Get-WmiObject -ComputerName $dnsHostName -Namespace root\securitycenter2 -Class AntiVirusProduct
} -Name $jobName -ArgumentList $_.DNSHostName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
Get-WmiObject -Namespace root\securitycenter2 -Class AntiVirusProduct
} -AsJob -JobName $jobName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays information about AntiVirus for a computer or group of computers.
.DESCRIPTION
The cmdlet retrieves WMI properties for the AV Product from the specified
computer or group and displays that information. If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerAVInfo -ComputerName TEX-ARMY
.EXAMPLE
Show-NCSUComputerAVInfo -GroupName TEX-1119.Computers
ComputerName AV Product Name Enabled Up-to-date
———— ————— ——- ———-
TEX-ALICEROI Trend Micro OfficeScan Antivirus True True
TEX-ANNASUI ** Offline ** ** Offline ** ** Offline **
TEX-GILLSAAR ** Offline ** ** Offline ** ** Offline **
TEX-HANNAPAAT Trend Micro OfficeScan Antivirus True True
TEX-IVANAM ** Offline ** ** Offline ** ** Offline **
TEX-JINGMA ** Offline ** ** Offline ** ** Offline **
TEX-KARINSABY Trend Micro OfficeScan Antivirus True True
TEX-KATLINAAS ** Offline ** ** Offline ** ** Offline **
TEX-LISEAANES Trend Micro OfficeScan Antivirus True True
TEX-MARCBOHAN ** Offline ** ** Offline ** ** Offline **
TEX-NAOMIELAAN Trend Micro OfficeScan Antivirus True True
TEX-VERAWANG Trend Micro OfficeScan Antivirus True True
TEX-ZZTOP Trend Micro OfficeScan Antivirus True True
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
http://technet.microsoft.com/en-us/library/ee692795.aspx
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerAVInfo {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerAV -ComputerName $ComputerName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerAV -ComputerName $ComputerName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerAV -GroupName $GroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerAV -GroupName $GroupName
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name __SERVER -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name DisplayName -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Enabled -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name DefinitionsUpToDate -Value “** Offline **”
}
}
$results | Sort-Object -Property __SERVER | Format-Table -Property @{Label=”ComputerName”; Expression={$_.__SERVER}; Width=20},
@{Label=”AV Product Name”; Expression={$_.displayName}; Width=50},
@{Label=”Enabled”; Expression={ If ($_.NCSUComputerOffline) {
$_.Enabled
}
Else {
# .NET Hex Conversion Technique
[string] $productStateHex = “{0:X6}” -f ([int]$_.productState)
$scannerActive = $productStateHex.Substring(2,2)
If ( ( $scannerActive -eq “10” ) -or ( $scannerActive -eq “11” ) ) {
$true
} Else {
$false
}
}
}; Alignment=”left”; Width=15},
@{Label=”Up-to-date”; Expression={ If ($_.NCSUComputerOffline) {
$_.DefinitionsUpToDate
}
Else {
# .NET Hex Conversion Technique
[string] $productStateHex = “{0:X6}” -f ([int]$_.productState)
$defsUpToDate = $productStateHex.Substring(4,2)
If ( $defsUpToDate -eq “00” ) {
$true
} Else {
$false
}
}
}; Alignment=”left”; Width=15}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Gets the WMI Win32_USBControllerDevice object for a computer or group of computers.
.DESCRIPTION
The Get-NCSUComputerUSB cmdlet retrieves WMI USB Connected device properties from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerUSB -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerUSB -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_OperatingSystem,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
http://blogs.msdn.com/b/powershell/archive/2007/02/24/displaying-usb-devices-using-wmi.aspx
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerUSB {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerUSB_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName
)
Get-WmiObject -ComputerName $dnsHostName -Class Win32_USBControllerDevice | %{[wmi]($_.Dependent)}
} -Name $jobName -ArgumentList $_.DNSHostName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
Get-WmiObject -Class Win32_USBControllerDevice | %{[wmi]($_.Dependent)}
} -AsJob -JobName $jobName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays information about USB Devices for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerUSBDevice cmdlet retrieves WMI properties for both manufacture and model
from the specified computer or group and displays that information. If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerUSBDevice -ComputerName TEX-ARMY
.EXAMPLE
Show-NCSUComputerUSBDevice -GroupName TEX-1119.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerUSBDevice {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerUSB -ComputerName $ComputerName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerUSB -ComputerName $ComputerName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerUSB -GroupName $GroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerUSB -GroupName $GroupName
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name __SERVER -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name Name -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Service -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Manufacturer -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Description -Value “** Offline **”
}
}
$results | Sort-Object -Property __SERVER | Format-Table -Property @{Label=”ComputerName”; Expression={$_.__SERVER}; Width=20},
@{Label=”Service”; Expression={$_.Service}; Width=15},
@{Label=”Manufacturer”; Expression={$_.Manufacturer}; Width=40},
@{Label=”Description”; Expression={$_.Description}; Width=45}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Gets EventLogEntry object for a computer or group of computers.
.DESCRIPTION
The Get-NCSUComputerEventLog cmdlet retrieves events from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER EntryType
Gets only events with the specified entry type. Valid values are Error, Information, FailureAudit,
SuccessAudit, and Warning. The default is all events.
.PARAMETER LogName
Specifies the event log. Enter the log name (the value of the Log property; not the LogDisplayName)
of one event log. Wildcard characters are not permitted. This parameter is required.
.PARAMETER Message
Gets events that have the specified string in their messages. You can use this property to search for
messages that contain certain words or phrases. Wildcards are permitted.
.PARAMETER Newest
Specifies the maximum number of events retrieved. Get-EventLog gets the specified number of events,
beginning with the newest event in the log.
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques. ** Note ** The underlying
cmdlet (Get-EventLog) requires the ‘Remote Registry’ service to be running to obtain events.
.EXAMPLE
Get-NCSUComputerEventLog -ComputerName tex-navy -LogName System -Newest 5
.EXAMPLE
Get-NCSUComputerEventLog -GroupName TEX-1218.Computers -LogName System -Newest 5
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerEventLog {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$true)] [ValidateSet(“Error”, “Information”, “FailureAudit”, “SuccessAudit”, “Warning”)] [string[]]$EntryType, [parameter(Mandatory=$true,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$true)] [string]$LogName, [parameter(Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$true)] [string]$Message, [parameter(Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$true)] [Int32]$Newest,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerEventLog_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
# Build the argument list for the ‘Get-EventLog’ cmdlet
[hashtable] $eventLogHash = @{“LogName” = “$LogName”}
If ([string]::IsNullOrEmpty($EntryType) -eq $false) { $eventLogHash.Add(“EntryType”, “$EntryType”) }
If ([string]::IsNullOrEmpty($Message) -eq $false) { $eventLogHash.Add(“Message”, “$Message”) }
If ($Newest -ne $null ) { $eventLogHash.Add(“Newest”, $Newest) }
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName,
[hashtable]$eventLogArgs
)
$eventLogArgs.Add(“ComputerName”, “$dnsHostName”)
Get-EventLog @eventLogArgs
} -Name $jobName -ArgumentList $_.DNSHostName, $eventLogHash | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
param (
[hashtable]$eventLogArgs
)
Get-EventLog @eventLogArgs
} -AsJob -JobName $jobName -ArgumentList $eventLogHash | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays several Operating System properties for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerLastReboot cmdlet retrieves the last reboot time as specified by
a system event log event (Event log service started). If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerLastReboot -ComputerName TEX-ARMY
ComputerName Last Reboot
———— ——————
TEX-ARMY May 12 09:37
Elapsed Runtime: 0 minutes and 4 seconds.
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerLastReboot {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerEventLog -ComputerName $ComputerName -LogName System -Newest 1 -Message “The Event log service was started.” -ClassicRemoting
}
Else {
$results = Get-NCSUComputerEventLog -ComputerName $ComputerName -LogName System -Newest 1 -Message “The Event log service was started.”
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerEventLog -GroupName $GroupName -LogName System -Newest 1 -Message “The Event log service was started.” -ClassicRemoting
}
Else {
$results = Get-NCSUComputerEventLog -GroupName $GroupName -LogName System -Newest 1 -Message “The Event log service was started.”
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name MachineName -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name TimeGenerated -Value “** Offline **”
}
}
$results | Sort-Object -Property MachineName | Format-Table -Property @{Label=”ComputerName”; Expression={$_.MachineName}; Width=50},
@{Label=”Last Reboot”; Expression={$_.TimeGenerated}; Width=55}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Displays account logon history for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerLogonHistory cmdlet retrieves account logon events
a system event log event (Event log service started). If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER LogonType
Gets only events with the specified logon type. The default is interactive logon.
.PARAMETER Newest
Specifies the maximum number of Account Logon events to retrieve.
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
http://technet.microsoft.com/en-us/library/cc787567(v=WS.10).aspx
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerLogonHistory {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false)] [ValidateSet(“Interactive”, “Network”, “Batch”, “Service”, “Unlock”, “NetworkCleartext”, “NewCredentials”, “RemoteInteractive”, “CachedInteractive”)] [string[]]$LogonType,
[parameter(Mandatory=$false,
ValueFromPipeline=$false,
ValueFromPipelineByPropertyName=$false)] [Int32]$Newest=2000,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerEventLog -ComputerName $ComputerName -LogName Security -Message ‘An account was successfully logged on.*’ -EntryType SuccessAudit -Newest $Newest -ClassicRemoting
}
Else {
$results = Get-NCSUComputerEventLog -ComputerName $ComputerName -LogName Security -Message ‘An account was successfully logged on.*’ -EntryType SuccessAudit -Newest $Newest
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerEventLog -GroupName $GroupName -LogName Security -Message ‘An account was successfully logged on.*’ -EntryType SuccessAudit -Newest $Newest -ClassicRemoting
}
Else {
$results = Get-NCSUComputerEventLog -GroupName $GroupName -LogName Security -Message ‘An account was successfully logged on.*’ -EntryType SuccessAudit -Newest $Newest
}
}
}
# Map the Logon Type requested to the proper Logon ID
switch ($LogonType)
{
“Interactive” { [int] $logonTypeId = 2 }
“Network” { [int] $logonTypeId = 3 }
“Batch” { [int] $logonTypeId = 4 }
“Service” { [int] $logonTypeId = 5 }
“Unlock” { [int] $logonTypeId = 7 }
“NetworkCleartext” { [int] $logonTypeId = 8 }
“NewCredentials” { [int] $logonTypeId = 9 }
“RemoteInteractive” { [int] $logonTypeId = 10 }
“CachedInteractive” { [int] $logonTypeId = 11 }
default { [int] $logonTypeId = 2 }
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name MachineName -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name UserName -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Domain -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Timestamp -Value “** Offline **”
}
}
# The ‘ReplacementStrings’ property of an event log entry is where the data for an event is kept. The indexes used below
# into the data were determined simply by counting the offset of the data in an event of this type (4624). The filtering
# out of events with a LogonGuid of {00000000-0000-0000-0000-000000000000} is because there appears to be two identical
# Logon events generated for a logon the only difference being the GUID.
$results | Where-Object { (($_.ReplacementStrings[8] -eq $logonTypeId) -and
($_.ReplacementStrings[12] -ne ‘{00000000-0000-0000-0000-000000000000}’)) } |
Sort-Object -Property MachineName, @{Expression=”TimeGenerated”; Descending=$true} |
Format-Table -Property @{Label=”ComputerName”; Expression={$_.MachineName}; Width=50},
@{Label=”UserName”; Expression={$_.ReplacementStrings[5]}; Width=20},
@{Label=”Domain”; Expression={$_.ReplacementStrings[2]}; Width=20},
@{Label=”Timestamp”; Expression={$_.TimeGenerated}; Width=35}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Gets the WMI Win32_LogicalDisk object for a computer or group of computers.
.DESCRIPTION
The Get-NCSUComputerLogicalDisk cmdlet retrieves WMI Logical Disk properties from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER DriveLetter
Logical Drive (C, D, E, etc.) to query for disk space properties
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerLogicalDisk -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerLogicalDisk -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_LogicalDisk,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerLogicalDisk {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerLogicalDisk_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName,
[string]$drive
)
Get-WmiObject -Class Win32_LogicalDisk -Filter (“DeviceID='” + $drive + “:'”) -ComputerName $dnsHostName
} -Name $jobName -ArgumentList $_.DNSHostName,$DriveLetter | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
param (
[string]$drive
)
Get-WmiObject -Class Win32_LogicalDisk -Filter (“DeviceID='” + $drive + “:'”)
} -AsJob -JobName $jobName -ArgumentList $DriveLetter | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Gets the WMI Win32_UserAccount object for a computer or group of computers.
.DESCRIPTION
Retrieves user object from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER UserAccountName
Name of a user account (Administrator, Guest, etc.)
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerUserAccount -ComputerName TEX-ARMY -UserAccountName Admininstrator
.EXAMPLE
Get-NCSUComputerUserAccount -GroupName TEX-1218.Computers -UserAccountName Administrator
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_UserAccount,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerUserAccount {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerUserAccount_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName,
[string]$computerName,
[string]$userAccount
)
$objUserAccount = Get-WmiObject -Class Win32_UserAccount -Namespace “root\cimv2” -Filter “Name=’$($userAccount)'” -ComputerName $dnsHostName
if ($objUserAccount -eq $null) { # Account does not exist
$customObj = @{
‘NCSUComputerName’=$computerName
‘NCSUComputerEmptyList’=$true
}
New-Object -TypeName PSObject -Property $customObj
}
Else {
Write-Output $objUserAccount
}
} -Name $jobName -ArgumentList $_.DNSHostName, $_.name, $UserAccountName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
param (
[string]$userAccount
)
$objUserAccount = Get-WmiObject -Class Win32_UserAccount -Namespace “root\cimv2” -Filter “Name=’$($userAccount)'”
if ($objUserAccount -eq $null) { # Account does not exist
$customObj = @{
‘NCSUComputerName’=$ENV:COMPUTERNAME
‘NCSUComputerEmptyList’=$true
}
New-Object -TypeName PSObject -Property $customObj
}
Else {
Write-Output $objUserAccount
}
} -AsJob -JobName $jobName -ArgumentList $UserAccountName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Gets the WMI Win32_GroupUser object for a computer or group of computers.
.DESCRIPTION
Retrieves local group members from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER LocalGroupName
Name of a local user group (Administrators, Users, Power Users, etc.)
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerLocalGroupMembership -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerLocalGroupMembership -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_GroupUser,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerLocalGroupMembership {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerLocalGroupMembership_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName,
[string]$computerName,
[string]$localGroup
)
$wmiQuery = “SELECT * FROM Win32_GroupUser WHERE GroupComponent = `”Win32_Group.Domain=’$computerName’,Name=’$($localGroup)’`””
$objLocalGroup = Get-WmiObject -Query $wmiQuery -ComputerName $dnsHostName
if ($objLocalGroup -eq $null) { # Local group contained no members
$customObj = @{
‘NCSUComputerName’=$computerName
‘NCSUComputerEmptyList’=$true
}
New-Object -TypeName PSObject -Property $customObj
}
Else {
Write-Output $objLocalGroup
}
} -Name $jobName -ArgumentList $_.DNSHostName, $_.name, $LocalGroupName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
param (
[string]$localGroup
)
$wmiQuery = “SELECT * FROM Win32_GroupUser WHERE GroupComponent = `”Win32_Group.Domain=’$ENV:COMPUTERNAME’,Name=’$($localGroup)’`””
$objLocalGroup = Get-WmiObject -Query $wmiQuery
if ($objLocalGroup -eq $null) { # Local group contained no members
$customObj = @{
‘NCSUComputerName’=$ENV:COMPUTERNAME
‘NCSUComputerEmptyList’=$true
}
New-Object -TypeName PSObject -Property $customObj
}
Else {
Write-Output $objLocalGroup
}
} -AsJob -JobName $jobName -ArgumentList $LocalGroupName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays the members of a local security group for a computer or group of computers.
.DESCRIPTION
Retrieves local group members from the specified computer or group and displays that
information. If the target computer(s) is/are off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER LocalGroupName
Name of a local user group (Administrators, Users, Power Users, etc.). If not specified, defaults
to ‘Administrators’
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerLocalGroupMembership -ComputerName TEX-ARMY
ComputerName Administrators User/Group Type Enabled Security Authority
———— ————– ————— ——- ——————
TEX-ARMY tex.admin User Account False TEX-ARMY
TEX-ARMY TEX-Atrium.Administrators Group N/A WOLFTECH
TEX-ARMY TEX-Computer Admins Group N/A WOLFTECH
.EXAMPLE
Show-NCSUComputerLocalGroupMembership -GroupName TEX-Atrium.Computers -LocalGroupName Users
ComputerName Users User/Group Type Enabled Security Authority
———— —– ————— ——- ——————
TEX-AIRFORCE1 TEX-Atrium.Users Group N/A WOLFTECH
TEX-AIRFORCE1 TEX-Computer Admins Group N/A WOLFTECH
TEX-ARMY TEX-Atrium.Users Group N/A WOLFTECH
TEX-ARMY TEX-Computer Admins Group N/A WOLFTECH
TEX-MARINES TEX-Atrium.Users Group N/A WOLFTECH
TEX-MARINES TEX-Computer Admins Group N/A WOLFTECH
TEX-NAVY TEX-Atrium.Users Group N/A WOLFTECH
TEX-NAVY TEX-Computer Admins Group N/A WOLFTECH
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerLocalGroupMembership {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Default to the ‘Administrators’ Group
[ValidateLength(2,63)]
[string]$LocalGroupName = ‘Administrators’,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerLocalGroupMembership -ComputerName $ComputerName -LocalGroupName $LocalGroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerLocalGroupMembership -ComputerName $ComputerName -LocalGroupName $LocalGroupName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerLocalGroupMembership -GroupName $GroupName -LocalGroupName $LocalGroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerLocalGroupMembership -GroupName $GroupName -LocalGroupName $LocalGroupName
}
}
}
# Formatting of output – if the computer was off modify the offline object with properties that match
# so that it can be used for output purposes
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name __SERVER -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name LocalGroup -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name MemberType -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Enabled -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Domain -Value “** Offline **”
}
ElseIf ($_.NCSUComputerEmptyList) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name __SERVER -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name LocalGroup -Value “** Empty **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name MemberType -Value “** Empty **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Enabled -Value “** Empty **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Domain -Value “** Empty **”
}
}
$results | Sort-Object -Property __SERVER | Format-Table -Property @{Label=”ComputerName”; Expression={$_.__SERVER}; Width=20},
@{Label=”$LocalGroupName”;
Expression= {
If (($_.NCSUComputerOffline) -or ($_.NCSUComputerEmptyList)) {
$_.LocalGroup
}
Else {
$member = (([string]$_.PartComponent).Substring([int](([string]$_.PartComponent).LastIndexOf(“=”) + 1))).Trim(“”””)
$member.ToString()
}
}; Width=40
},
@{Label=”User/Group Type”;
Expression= {
If (($_.NCSUComputerOffline) -or ($_.NCSUComputerEmptyList)) {
$_.MemberType
}
Else {
If ($_.PartComponent -match ‘Win32_UserAccount’) {
$memberType = ‘User Account’
}
ElseIf ($_.PartComponent -match ‘Win32_Group’) {
$memberType = ‘Group’
}
ElseIf ($_.PartComponent -match ‘Win32_SystemAccount’) {
$memberType = ‘System Account’
}
Else {
$memberType = ‘Other’
}
$memberType.ToString()
}
}; Width=20
},
@{Label=”Enabled”; # If it is a user account find out if it is enabled or not
Expression= {
If (($_.NCSUComputerOffline) -or ($_.NCSUComputerEmptyList)) {
$_.Enabled
}
Else {
If ($_.PartComponent -match ‘Win32_UserAccount’) {
$userAccountName = (([string]$_.PartComponent).Substring([int](([string]$_.PartComponent).LastIndexOf(“=”) + 1))).Trim(“”””)
If ($ClassicRemoting ) {
$userObj = Get-NCSUComputerUserAccount -ComputerName $_.__SERVER -UserAccountName $userAccountName -ClassicRemoting
}
Else {
$userObj = Get-NCSUComputerUserAccount -ComputerName $_.__SERVER -UserAccountName $userAccountName
}
If ($userObj.Disabled) { “$false” } Else { “$true” }
}
Else { “N/A” } # Only checking to see if user accounts are enabled – ignore groups
}
}; Width=15
},
@{Label=”Security Authority”;
Expression= {
If (($_.NCSUComputerOffline) -or ($_.NCSUComputerEmptyList)) {
$_.Domain
}
Else {
[string] $domain = (([string]$_.PartComponent).Substring([int](([string]$_.PartComponent).IndexOf(“Domain=”) + 7)))
$domain = $domain.Remove($domain.IndexOf(“,”)).Trim(“”””)
$domain.ToString()
}
}; Width=20
}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Displays the total and available disk space on a logical drive for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerDiskSpace cmdlet retrieves WMI properties for both manufacture and model
from the specified computer or group and displays that information. If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER DriveLetter
Logical Drive (C, D, E, etc.) to query for disk space properties
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerDiskSpace -ComputerName TEX-ARMY
ComputerName Drive Letter Drive Size (GB) Space Free (GB)
———— ———— ————— —————
TEX-ARMY C: 452 359
.EXAMPLE
Show-NCSUComputerDiskSpace -GroupName TEX-Atrium.Computers
ComputerName Drive Letter Drive Size (GB) Space Free (GB)
———— ———— ————— —————
TEX-AIRFORCE1 C: 453 368
TEX-ARMY C: 452 359
TEX-MARINES C: 452 385
TEX-NAVY C: 452 368
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerDiskSpace {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Default to the C: Drive
[ValidatePattern(“[a-zA-Z]”)]
[ValidateLength(1,1)]
[string]$DriveLetter = ‘C’,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerLogicalDisk -ComputerName $ComputerName -DriveLetter $DriveLetter -ClassicRemoting
}
Else {
$results = Get-NCSUComputerLogicalDisk -ComputerName $ComputerName -DriveLetter $DriveLetter
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerLogicalDisk -GroupName $GroupName -DriveLetter $DriveLetter -ClassicRemoting
}
Else {
$results = Get-NCSUComputerLogicalDisk -GroupName $GroupName -DriveLetter $DriveLetter
}
}
}
# Formatting of output – if the computer was off modify the offline object with properties that match
# so that it can be used for output purposes
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name SystemName -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name Name -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Size -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name FreeSpace -Value “** Offline **”
}
}
$results | Sort-Object -Property SystemName | Format-Table -Property @{Label=”ComputerName”; Expression={$_.SystemName}; Width=20},
@{Label=”Drive Letter”; Expression={$_.Name}; Width=15},
@{Label=”Drive Size (GB)”;
Expression= {
If ($_.NCSUComputerOffline) {
$_.Size
}
Else {
(($_.Size / 1GB) -as [int]) -as [string]
}
}; Alignment=”right”; Width=20
},
@{Label=”Space Free (GB)”;
Expression= {
If ($_.NCSUComputerOffline) {
$_.FreeSpace
}
Else {
(($_.FreeSpace / 1GB) -as [int]) -as [string]
}
}; Alignment=”right”;Width=20
}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Gets the WMI Win32_OperatingSystem object for a computer or group of computers.
.DESCRIPTION
The Get-NCSUComputerOS cmdlet retrieves WMI Operating System properties from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerOS -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerOS -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_OperatingSystem,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerOS {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerOS_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName
)
Get-WmiObject -Class Win32_OperatingSystem -ComputerName $dnsHostName
} -Name $jobName -ArgumentList $_.DNSHostName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
Get-WmiObject -Class Win32_OperatingSystem
} -AsJob -JobName $jobName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays several Operating System properties for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerOSInfo cmdlet retrieves WMI Operating System properties from the
specified computer or group and displays that information. If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerOSInfo -ComputerName TEX-ARMY
ComputerName Operating System Version Service Pack Architecture
———— —————- ——- ———— ————
TEX-ARMY Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit
Elapsed Runtime: 0 minutes and 4 seconds.
.EXAMPLE
Show-NCSUComputerOSInfo -GroupName TEX-Atrium.Computers
ComputerName Operating System Version Service Pack Architecture
———— —————- ——- ———— ————
TEX-AIRFORCE1 Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit
TEX-ARMY Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit
TEX-MARINES Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit
TEX-NAVY Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1 64-bit
Elapsed Runtime: 0 minutes and 15 seconds.
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerOSInfo {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerOS -ComputerName $ComputerName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerOS -ComputerName $ComputerName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerOS -GroupName $GroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerOS -GroupName $GroupName
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
# Caption, CSDVersion, OSArchitecture, Version
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name CSName -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name Caption -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name CSDVersion -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name OSArchitecture -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Version -Value “** Offline **”
}
}
$results | Sort-Object -Property Name | Format-Table -Property @{Label=”ComputerName”; Expression={$_.CSName}; Width=20},
@{Label=”Operating System”; Expression={$_.Caption}; Width=55},
@{Label=”Version”; Expression={$_.Version}; Width=15},
@{Label=”Service Pack”; Expression={$_.CSDVersion}; Width=15},
@{Label=”Architecture”; Expression={$_.OSArchitecture} }
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Gets the WMI Win32_ComputerSystem object for a computer or group of computers.
.DESCRIPTION
The Get-NCSUComputerSystem cmdlet retrieves WMI Computer System properties from the specified computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Get-NCSUComputerSystem -ComputerName TEX-ARMY
.EXAMPLE
Get-NCSUComputerSystem -GroupName TEX-1218.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Deserialized.System.Management.ManagementObject#root\cimv2\Win32_ComputerSystem,
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Get-NCSUComputerSystem {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerSystem_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Stop-Job | Remove-Job -Force
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
Write-Verbose “Starting job on computer: $($_.DNSHostName)”
If ($ClassicRemoting) { # Use Cmdlet Built-In Remoting
Start-Job -ScriptBlock {
param (
[string]$dnsHostName
)
Get-WmiObject -Class Win32_ComputerSystem -ComputerName $dnsHostName
} -Name $jobName -ArgumentList $_.DNSHostName | Out-Null
}
Else { # Use PowerShell Remoting Technique – the superior option!
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
Get-WmiObject -Class Win32_ComputerSystem
} -AsJob -JobName $jobName | Out-Null
}
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
<#
.Synopsis
Displays the manufacturer and model for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerManufacturerModel cmdlet retrieves WMI properties for both manufacture and model
from the specified computer or group and displays that information. If the target computer(s) is/are
off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerManufacturerModel -ComputerName TEX-ARMY
Name Manufacturer Model
—- ———— —–
TEX-NAVY LENOVO 3314CTO
Elapsed Runtime: 0 minutes and 6 seconds.
.EXAMPLE
Show-NCSUComputerManufacturerModel -GroupName TEX-1119.Computers
ComputerName Manufacturer Model
———— ———— —–
TEX-ALICEROI Dell Inc. OptiPlex 990
TEX-ANNASUI Dell Inc. OptiPlex 990
TEX-GILLSAAR Dell Inc. OptiPlex 990
TEX-HANNAPAAT Dell Inc. OptiPlex 990
TEX-IVANAM Dell Inc. OptiPlex 990
TEX-JINGMA ** Offline ** ** Offline **
TEX-KARINSABY Dell Inc. OptiPlex 990
TEX-KATLINAAS Dell Inc. OptiPlex 990
TEX-LISEAANES Dell Inc. OptiPlex 990
TEX-MARCBOHAN Dell Inc. OptiPlex 990
TEX-NAOMIELAAN Dell Inc. OptiPlex 990
TEX-VERAWANG Dell Inc. OptiPlex 990
TEX-ZZTOP Dell Inc. OptiPlex 745
Elapsed Runtime: 0 minutes and 23 seconds.
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerManufacturerModel {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerSystem -ComputerName $ComputerName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerSystem -ComputerName $ComputerName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerSystem -GroupName $GroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerSystem -GroupName $GroupName
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name Name -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name Manufacturer -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name Model -Value “** Offline **”
}
}
$results | Sort-Object -Property Name | Format-Table -Property @{Label=”ComputerName”; Expression={$_.Name}; Width=20},
@{Label=”Manufacturer”; Expression={$_.Manufacturer}; Width=30},
@{Label=”Model”; Expression={$_.Model}; Width=30}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
Displays the username and first/last name for a computer or group of computers.
.DESCRIPTION
The Show-NCSUComputerUser cmdlet retrieves WMI properties for the user from the specified computer
or group and looks up the ncsuTwoPartName property for that user from the campus LDAP server and
displays that information. If the target computer(s) is/are off the cmdlet will show ‘** Offline **’.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER ClassicRemoting
By default this cmdlet uses PowerShell Remoting which has certain requirements (see about_Remote_Requirements).
If the enviroment does not meet these requirements the ‘ClassicRemoting’ switch will attempt to gather the
information from the computer(s) with the cmdlets built-in remoting techiques.
.EXAMPLE
Show-NCSUComputerUser -ComputerName TEX-ARMY
.EXAMPLE
Show-NCSUComputerUser -GroupName TEX-1119.Computers
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
Microsoft.PowerShell.Commands.Internal.Format.GroupEndData,
Microsoft.PowerShell.Commands.Internal.Format.FormatEntryData
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
#>
Function Show-NCSUComputerUser {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
# Classic Remoting Technique vs PS Remoting
[switch]$ClassicRemoting
)
Begin {
# Keep track of how long it took to run the script
$objStopWatch = [system.diagnostics.stopwatch]::startNew()
$objStopWatch.Start()
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerSystem -ComputerName $ComputerName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerSystem -ComputerName $ComputerName
}
}
“GroupNameParameterSet” {
If ($ClassicRemoting) {
$results = Get-NCSUComputerSystem -GroupName $GroupName -ClassicRemoting
}
Else {
$results = Get-NCSUComputerSystem -GroupName $GroupName
}
}
}
# Formatting of output – if the computer was off, add the word ‘offline’ to the output column(s)
$results | ForEach-Object {
If ($_.NCSUComputerOffline) {
Add-Member -InputObject $_ -MemberType NoteProperty -Name Name -Value $_.NCSUComputerName
Add-Member -InputObject $_ -MemberType NoteProperty -Name UserName -Value “** Offline **”
Add-Member -InputObject $_ -MemberType NoteProperty -Name ncsuTwoPartName -Value “** Offline **”
}
}
$results | Sort-Object -Property Name | Format-Table -Property @{Label=”ComputerName”; Expression={$_.Name}; Width=20},
@{Label=”UserName”;Expression={If ( ([string]::IsNullOrEmpty($_.UserName)) ) { “** Available **” } Else { $_.UserName.TrimStart(‘WOLFTECH\’) } }; Width=30},
@{Label=”First/Last”;Expression={If ( ([string]::IsNullOrEmpty($_.UserName)) ) {
“** Available **”
}
ElseIf ($_.ncsuTwoPartName -eq “** Offline **”) {
$_.ncsuTwoPartName
}
Else {
$unityId = $_.UserName.TrimStart(‘WOLFTECH\’)
$dn = “uid=$unityId,ou=accounts,dc=ncsu,dc=edu”
get-NCSULDAPAttribute -ldapServer ldap.ncsu.edu -authType Basic -distinguishedName $dn -attributeName ncsuTwoPartName
}
}
}
}
End {
$objStopWatch.Stop()
Write-Host “Elapsed Runtime:” $objStopWatch.Elapsed.Minutes “minutes and” $objStopWatch.Elapsed.Seconds “seconds.” -ForegroundColor Cyan
Write-Host
}
}
<#
.Synopsis
UNDER CONSTRUCION…
Determines whether a file or directory path exists for a computer or group of computers.
.DESCRIPTION
The Test-NCSUComputerPath cmdlet test for the presense of the specified path/file for a computer or group.
If the target computer(s) is/are off the cmdlet will create an ‘offline’ object.
.PARAMETER ComputerName
Computer (sAMAccountName) name or names
.PARAMETER GroupName
Group name (sAMAccountName) that contains computers or sub-groups with computers
.PARAMETER Path
Specifies a path to be tested. Wildcards are permitted. If the path includes spaces, enclose it in quotation marks.
.EXAMPLE
Test-NCSUComputerPath -ComputerName TEX-ARMY -Path ‘c:\Program Files (x86)’
.EXAMPLE
Get-NCSUComputerLogicalDisk -GroupName TEX-1218.Computers -Path ‘C:\Program Files (x86)’
.INPUTS
Microsoft.ActiveDirectory.Management.ADComputer
.OUTPUTS
System.Boolean
Deserialized.System.Management.Automation.PSCustomObject
.NOTES
.COMPONENT
.ROLE
.FUNCTIONALITY
Function Show-NCSUComputerPath {
[CmdletBinding(DefaultParameterSetName=’ComputerNameParameterSet’,
PositionalBinding=$false,
ConfirmImpact=’Low’)]
[OutputType([String])]
Param (
# AD Computer Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’ComputerNameParameterSet’,
HelpMessage=’Supply a computer (sAMAccountName) name or names.’)]
[ValidateLength(2,15)]
[string[]]$ComputerName,
# AD Group Parameter Set
[parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0,
ParameterSetName=’GroupNameParameterSet’,
HelpMessage=’Supply a group name (sAMAccountName) that contains computers or sub-groups with computers.’)]
[ValidateLength(2,63)]
[string]$GroupName,
)
Begin {
# Ensure uniqueness of jobs created and removed with this cmdlet
[string]$jobPrefix = ‘NCSUComputerPath_’
# Remove any orphaned jobs
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
Process {
switch ($PSCmdlet.ParameterSetName)
{
“ComputerNameParameterSet” {
$computerList = $ComputerName | Get-ADComputer
}
“GroupNameParameterSet” {
$computerList = Get-FQDNComputerList -GroupName $GroupName
}
}
$computerList | ForEach-Object {
$jobName = $jobPrefix + $_.Name
If (Test-Connection -ComputerName $_.DNSHostName -Quiet -Count 1) { # Replied to ping
Invoke-Command -ComputerName $_.DNSHostName -ScriptBlock {
param (
[string]$path
)
If (Test-Path -Path $path) {
Write-Host $env:COMPUTERNAME.PadRight(20).ToLower() “True”
}
Else {
Write-Host $env:COMPUTERNAME.PadRight(20).ToLower() “False”
}
} -AsJob -JobName $jobName -ArgumentList $Path | Out-Null
}
Else { # Did NOT reply to ping
Start-Job -ScriptBlock {
param (
[string]$computer
)
$customObj = @{
‘NCSUComputerName’=$computer.ToUpper()
‘NCSUComputerOffline’=$true
}
New-Object -TypeName PSObject -Property $customObj
} -Name $jobName -ArgumentList $_.Name | Out-Null
}
}
}
End {
# Put the resultant Objects on the Pipeline, Clean up the jobs
Get-Job -Name ($jobPrefix + ‘*’) | Wait-Job -Timeout 300 | Sort-Object -Property Name | Receive-Job | Write-Output
Get-Job -Name ($jobPrefix + ‘*’) | Remove-Job
}
}
#>
<#
.Synopsis
Returns a list of computers for the supplied AD group
.DESCRIPTION
Given an AD Group, this function will return the list of computers that are
members and attach the DNSHostName attribute to the list object(s)
.EXAMPLE
Get-FQDNComputerList -GroupName TEX-1119.Desktops
#>
Function Get-FQDNComputerList {
Param (
[parameter(Mandatory=$true)]
[string]
$GroupName,
)
switch ($lookup)
{
“ADCmdlet” { # cmdlet ‘Get-ADComputer’ returns objects with a DNS Hostname property
# This method is very time consuming
$computerList = Get-ADGroupMember -Identity $GroupName -Recursive | Where-Object -Property objectClass -EQ computer | Get-ADComputer
Break
}
“dotNet” { # Use .NET class to retrieve DNS Hostname and add that as a property to each group member
# This technique is fast, but to succeed it requires the script host to have each target computer’s DNS suffix in its DNS Suffix search list
$computerList = Get-ADGroupMember -Identity $GroupName -Recursive | Where-Object -Property objectClass -EQ computer |
ForEach-Object {
Add-Member -InputObject $_ -MemberType NoteProperty -Name DNSHostName -Value $([System.Net.Dns]::GetHostByName($_.name).HostName) -Force -PassThru
}
Break
}
default { # Pulls the DNSHostName attribute from AD using LDAP. Unlike the ‘Get-ADComputer’ cmdlet, this is fast
# and thus the chosen default
$computerList = Get-ADGroupMember -Identity $GroupName -Recursive | Where-Object -Property objectClass -EQ computer |
ForEach-Object {
$dnsHostName = Get-NCSULDAPAttribute -distinguishedName $_.distinguishedName -attributeName dNSHostName
Add-Member -InputObject $_ -MemberType NoteProperty -Name DNSHostName -Value $dnsHostName -Force -PassThru
}
Break
}
}
return $computerList
}
<#
.Synopsis
Looks up an attribute value from an LDAP Repository
.DESCRIPTION
Given an distinguished name to an LDAP object and an attribute name of the object
this function will return the attribute value
.EXAMPLE
get-LDAPAttribute -distinguishedName CN=tex-verawang,OU=Desktops,OU=1119,OU=TATM,OU=Teaching Labs,OU=TEX,OU=NCSU,DC=wolftech,DC=ad,DC=ncsu,DC=edu -attribute logonCount
#>
Function Get-NCSULDAPAttribute {
Param (
[parameter()]
[string]
$ldapServer = “wolftech.ad.ncsu.edu”,
)
# Loads the S.DS.P namespace, required for LDAP interaction
Add-Type -AssemblyName System.DirectoryServices.Protocols
# Make a connection object. This does not bind to the ldap store.
# This line of code includes creating the LDAP Directory Identifier.
$ldapConn = New-Object System.DirectoryServices.Protocols.LdapConnection(new-object System.DirectoryServices.Protocols.LdapDirectoryIdentifier($ldapServer, 389))
# Default authentication is negotiate. Change to basic.
$ldapConn.AuthType = [System.DirectoryServices.Protocols.AuthType] $authType
# Build the Directory Request
$ldapRequest = New-Object System.DirectoryServices.Protocols.SearchRequest
# Set the search base
$ldapRequest.DistinguishedName = $distinguishedName
# Set the search filter
$ldapRequest.Filter = “(objectClass=*)”
# Set the search scope
$ldapRequest.Scope = [System.DirectoryServices.Protocols.SearchScope] “Subtree”
# Set the server side timeout
$ldapRequest.TimeLimit = (New-Object System.TimeSpan(0,0,30))
# Add Attributes for retrieval
$ldapRequest.Attributes.Add($attributeName) | Out-Null
# Send the request
$ldapResponse = $ldapConn.SendRequest($ldapRequest, (New-Object System.TimeSpan(0,0,30))) -as [System.DirectoryServices.Protocols.SearchResponse];
# Get the Value for the two part name attribute
$attributeValue = $ldapResponse.Entries[0].Attributes[“$attributeName”].GetValues([string])
Write-Verbose “Distinguished Name: $dn”
$ldapConn.Dispose()
return $attributeValue
}
<#
.Synopsis
Looks up the first and last name for a person’s unity ID
.DESCRIPTION
Queries the NCSU Campus LDAP server for the ‘NCSUTWoPartName’ attribute
.EXAMPLE
get-NCSUTwoPartName -unityId srleap
.EXAMPLE
get-NCSUTwoPartName -unityId ($_.UserName.TrimStart(‘WOLFTECH\’))
#>
Function Get-NCSUTwoPartName {
Param (
[parameter(Mandatory=$true)]
[string]
$unityId
)
# Loads the S.DS.P namespace, required for LDAP interaction
Add-Type -AssemblyName System.DirectoryServices.Protocols
# LDAP Server
$ldapServer = “ldap.ncsu.edu”
# Make a connection object. This does not bind to the ldap store.
# This line of code includes creating the LDAP Directory Identifier.
$ldapConn = New-Object System.DirectoryServices.Protocols.LdapConnection(new-object System.DirectoryServices.Protocols.LdapDirectoryIdentifier($ldapServer, 389))
# Default authentication is negotiate. Change to basic.
$ldapConn.AuthType = [System.DirectoryServices.Protocols.AuthType] “Basic”
# Build the Directory Request
$ldapRequest = New-Object System.DirectoryServices.Protocols.SearchRequest
# Set the search base
$ldapRequest.DistinguishedName = “uid=$unityId,ou=accounts,dc=ncsu,dc=edu”
# Set the search filter
$ldapRequest.Filter = “(objectClass=*)”
# Set the search scope
$ldapRequest.Scope = [System.DirectoryServices.Protocols.SearchScope] “Subtree”
# Set the server side timeout
$ldapRequest.TimeLimit = (New-Object System.TimeSpan(0,0,30))
# Add Attributes for retrieval
$ldapRequest.Attributes.Add(“ncsuTwoPartName”) | Out-Null
# Send the request
$ldapResponse = $ldapConn.SendRequest($ldapRequest, (New-Object System.TimeSpan(0,0,30))) -as [System.DirectoryServices.Protocols.SearchResponse];
# Get the Value for the two part name attribute
$ncsuTwoPartName = $ldapResponse.Entries[0].Attributes[“ncsuTwoPartName”].GetValues([string])
Write-Verbose “Distinguished Name: $dn”
$ldapConn.Dispose()
return $ncsuTwoPartName
}
# The cmdlets to make available from this module
Export-ModuleMember -Function Get-NCSUComputerSystem,Show-NCSUComputerManufacturerModel,Show-NCSUComputerUser
Export-ModuleMember -Function Get-NCSUComputerOS, Show-NCSUComputerOSInfo
Export-ModuleMember -Function Get-NCSUComputerLogicalDisk,Show-NCSUComputerDiskSpace
Export-ModuleMember -Function Get-NCSUComputerLocalGroupMembership, Show-NCSUComputerLocalGroupMembership
Export-ModuleMember -Function Get-NCSUComputerUserAccount
Export-ModuleMember -Function Get-NCSUComputerEventLog, Show-NCSUComputerLastReboot
Export-ModuleMember -Function Get-NCSUComputerUSB, Show-NCSUComputerUSBDevice, Show-NCSUComputerLogonHistory
Export-ModuleMember -Function Get-NCSUComputerAV, Show-NCSUComputerAVInfo