這支 Powershell Script 蒐集以下資訊並以 JSON 格式存到 Share Folder
LogonServer
Site
UserName
ComputerName
ComputerInfo
DiskInfo
Applications
NetworkInfo
GroupsInfo
LocalUsers
用 GPO 派送,目標 Share Folder 給予 User 建立 Child Object 權限
並給予 Creator Owner 刪除權限
以 User Name + Computer Name 為檔名,後加上日期年月日時分秒
保留最新的 5 個 Report
$ReportPath = '\\Report.Contoso.com\Report\';讀取報告
$FileRetension = 5;
$ComputerInfo = (Get-ComputerInfo | Select-Object CsProcessors,CsDNSHostName,CsDomain,CsManufacturer,CsModel,CsSystemSKUNumber,BiosManufacturer,BiosName,BiosReleaseDate,OsName,WindowsEditionId,OsVersion,OSDisplayVersion,OsBuildNumber,OsArchitecture,OsInstallDate,OsRegisteredUser,CsPhyicallyInstalledMemory);
$DiskInfo = (Get-Disk | Select-Object DiskNumber,PartitionStyle,ProvisioningType,OperationalStatus,HealthStatus,BusType,Model,FriendlyName,SerialNumber,UniqueId,Size,FirmwareVersion);
$Applications = @();
$Applications += (Get-WmiObject -Class Win32_Product) | where {$_.Name -ne $Null} | Select Name,Vendor,Version;
$UninstallKey="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall";
$Reg=[microsoft.win32.registryKey]::OpenRemoteBaseKey('LocalMachine',$computername);
$RegKey=$Reg.OpenSubKey($UninstallKey);
$SubKeys=$RegKey.GetSubKeyNames();
foreach ($Key in $SubKeys) {
$ThisSubKey=$Reg.OpenSubKey($UninstallKey+"\\"+$Key);
if ($ThisSubKey.GetValue("DisplayName") -ne $Null) {
$Applications += New-Object -TypeName PSObject -Property @{
Name = $ThisSubKey.GetValue("DisplayName");
Vendor = $ThisSubKey.GetValue("Publisher");
Version = $ThisSubKey.GetValue("DisplayVersion");
};
};
};
$Applications = ($Applications | Sort-Object -Property Name,Vendor,Version -Unique);
$NICs = @();
$NICs += (Get-NetAdapter | Select-Object InterfaceIndex,Name,InterfaceDescription,MacAddress,MediaType,PhysicalMediaType,InterfaceOperationalStatus,AdminStatus,MediaConnectionState,Speed,ConnectorPresent,SystemName)
$NICIPs = @();
$NICIPs = (Get-NetIPConfiguration| Select-Object InterfaceIndex,ComputerName,@{Name= "NetProfile"; Expression = {$_.NetProfile.Name}},@{Name= "IPAddress"; Expression = {$_.IPv4Address.IPAddress}},@{Name= "DefaultGateway"; Expression = {$_.IPv4DefaultGateway.NextHop}},@{Name= "DNSServer"; Expression = {$_.DNSServer.ServerAddresses}})
$NetworkInfo = @();
foreach ($NIC in $NICs) {
$Temp = New-Object -Type PSObject;
foreach ($TempIndex in $NIC.PSObject.Properties.Name) {
$Temp | Add-Member -MemberType NoteProperty -Name $TempIndex -Value $NIC.$TempIndex
};
$NICIPSelect = ($NICIPs | where {$_.InterfaceIndex -eq $NIC.InterfaceIndex} | Select-Object ComputerName,NetProfile,IPAddress,DefaultGateway,DNSServer);
foreach ($TempIndex in $NICIPSelect.PSObject.Properties.Name) {
$Temp | Add-Member -MemberType NoteProperty -Name $TempIndex -Value $NICIPSelect.$TempIndex
};
$NetworkInfo += $Temp
};
$GetGroups = @();
$GetGroups += 'Administrators';
$GetGroups += 'Users';
$GroupsInfo = @();
foreach ($Group in $GetGroups) {
$TempGroups = (Get-LocalGroupMember -Name $Group);
foreach ($TempGroup in $TempGroups) {
$Temp = New-Object -Type PSObject;
$Temp | Add-Member -MemberType NoteProperty -Name 'Group' -Value $Group
foreach ($TempIndex in $TempGroup.PSObject.Properties.Name) {
$Temp | Add-Member -MemberType NoteProperty -Name $TempIndex -Value $TempGroup.$TempIndex
};
$GroupsInfo += $Temp;
};
};
$LocalUsers = (Get-LocalUser);
$Result = New-Object -TypeName psobject -Property @{
ReportDateTime = (Get-Date).ToUniversalTime().AddHours(8);
LogonServer = $Env:LogonServer;
Site = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite().Name;
UserName = $Env:UserName;
ComputerName = $ComputerInfo.CsDNSHostName;
ComputerInfo = $ComputerInfo;
DiskInfo = $DiskInfo;
Applications = $Applications;
NetworkInfo = $NetworkInfo;
GroupsInfo = $GroupsInfo;
LocalUsers = $LocalUsers;
};
$Global:Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $False;
$RepartTarget = ($Env:UserName + ' ' + $ComputerInfo.CsDNSHostName);
$ReportFile = ($ReportPath + $RepartTarget + ' ' + (Get-Date).ToUniversalTime().AddHours(8).ToString('yyyyMMdd HHmmss') + '.json')
[System.IO.File]::WriteAllLines($ReportFile, ($Result | ConvertTo-JSON -Compress), $Global:Utf8NoBomEncoding);
$ReportFiles = ((Get-ChildItem -LiteralPath $ReportPath -Filter ($RepartTarget + '*')) | Sort-Object LastWriteTime -Desc)
if ($ReportFiles.Count -gt $FileRetension) {
(((Get-ChildItem -LiteralPath $ReportPath -Filter ($RepartTarget + '*')) | Sort-Object LastWriteTime -Desc) | select -Last ($ReportFiles.Count - $FileRetension)) | Remove-Item -Force
};
$ReportPath = '\\Report.Contoso.com\Report\';
$ReportFiles = ((Get-ChildItem -LiteralPath $ReportPath -Filter ('*.json')) | Sort-Object LastWriteTime -Desc)
$ReportTargets = @();
foreach ($File in $ReportFiles) {
$Temp = ($File.BaseName -Split ' ');
if ($ReportTargets -NotContains ($Temp[0] + ' ' + $Temp[1])) {
$ReportTargets += ($Temp[0] + ' ' + $Temp[1]);
};
};
$LastReports = @();
foreach ($Target in $ReportTargets) {
$LastReports += ($ReportFiles | where {$_.BaseName -like ($Target + '*')} | Sort-Object LastWriteTime -Desc)[0];
};
$LastReports
$FinalReport = @();
foreach ($Report in $LastReports) {
$FinalReport += (Get-Content -LiteralPath $Report.FullName -Encoding UTF8 | Out-String | ConvertFrom-Json);
};
$FinalReport
沒有留言:
張貼留言