Powershell

Sunucu+Client Envanter Bilgilendirme Scripti

Özellikle Enterprise seviyede ve dağınık yapıda sistem yöneten arkadaşların günlük client sayıları,  sunucu sayıları, domainde kullanılan işletim sistemlerinin grouplanmış sayılarını otomatik olarak tespit edip belirlenen bir saatte sistem yöneticilerine html temelli bir rapor atan script aşağıda sunulmuştur.

Scriptin ayrıntılı sonuç vermesi için sistem yöneticisi computer properties alanındakı açıklamayı aşağıdaki gibi doldurmalıdır.

 

Script örneginde görünmesi için ben aşağıdaki tanımları ekledim. Sol kolon eklenmek istenen rol  sağ kolon ise Description alanına yazılacak büyük harflerle yazılmış tanımlamadır. Powershell scripti bu değerleri aramakta ve bulduğu zaman karşılarına sayıları getirmektedir.

import-module activedirectory


#mail configuration     
function sendMail($outFile) 
{ 
    $smtpServer = "smtp.XXXXXXX.com" 
    $emailFrom = "[email protected]"  
    $emailTo = ("[email protected]") 
    $subject = "Topology" 
    $body =  "Topology Results" 
    Send-MailMessage -From $emailFrom -To $emailTo -Subject $subject  -Body $body -Attachments $outFile -SmtpServer $smtpServer 
}


#html view design
$html_baslangic = "
<!DOCTYPE html>
<html>
<head>
<style>
table {
    width:100%;
}
table, th, td {
    border: 1px solid black;
    border-collapse: collapse;
}
th, td {
    padding: 5px;
    text-align: left;
}
table#t01 tr:nth-child(even) {
    background-color: #eee;
}
table#t01 tr:nth-child(odd) {
   background-color:#fff;
}
table#t01 th	{
    background-color: black;
    color: white;
}
</style>
</head>
<body>
<table id='t01'>
<caption><h1>General Topology</h1></caption>
 <tr>
    <th style='width:80%;'>Item</th>
    <th style='width:20%;'>Count</th>   
  </tr>
  

"
  
$html_bitis_sonuc = "</table>" 

#domain user number
$domain_user = (get-aduser -filter *).count
$domain_user_count = "<tr><td>Total Domain User</td> <td>$domain_user</td></tr>"

#disabled domain user
$domain_disabled_user = (get-ADUser -Filter {enabled -eq "false" -and objectclass -eq "user"}).count
$domain_disabled_user_count = "<tr><td>Total Disabled Domain User</td> <td>$domain_disabled_user</td></tr>"

#90 days not login user
$90Days = (get-date).adddays(-90)
$not_login_user=(Get-ADUser -properties * -filter {(lastlogondate -notlike "*" -OR lastlogondate -le $90days) -AND (passwordlastset -le $90days) -AND (enabled -eq $True) -and (PasswordNeverExpires -eq $false) -and (whencreated -le $90days)}|select name).count
$not_login_use_count = "<tr><td>90 days not login user</td> <td>$not_login_user</td></tr>"

#toplam computer account
$domain_computer = (Get-adcomputer -filter *).count
$domain_computer_count = "<tr><td>Total Domain computer</td> <td>$domain_computer</td></tr>"

#toplam disabled computer account
$domain_disabled_computer = (Get-adcomputer -filter {enabled -eq "false" -and objectclass -eq "computer"}).count
$domain_disabled_computer_count = "<tr><td>Total Disabled Domain computer</td> <td>$domain_disabled_computer</td></tr>"

#90 days not login computer
$90days_comp = [DateTime]::Today.AddDays(-90)
$not_login_computer=(Get-ADComputer -Filter  ‘PasswordLastSet -le $90days_comp’).count
$not_login_use_computer = "<tr><td>90 days not login computer</td> <td>$not_login_computer</td></tr>"

# security Group number
$security_group = (Get-ADGroup -Filter { groupCategory -eq 'security' }).count
$security_group_count = "<tr><td>Security Group numbers</td> <td>$security_group</td></tr>"

# distribution Group number
$distribution_group = (Get-ADGroup -Filter { groupCategory -eq 'Distribution'}).count
$distribution_group_count = "<tr><td>Distribution Group numbers</td> <td>$distribution_group</td></tr>"

$sonuc = $domain_user_count,$domain_disabled_user_count,$not_login_use_count,$domain_computer_count, 
$domain_disabled_computer_count,$not_login_use_computer,$security_group_count, $distribution_group_count

################ SERVER CHAPTER ################

$html_sonuc2= "

<table id='t01'>
<caption><h1>Servers</h1></caption>
 <tr>
    <th style='width:80%;'>Item</th>
    <th style='width:20%;'>Count</th>   
  </tr>"
 
$html_bitis_sonuc2 = "</table>"



# domain controler number
$dc = (Get-ADDomainController -Filter *).count
$dc_count = "<tr><td>Domain Controler numbers</td> <td>$dc</td></tr>"

#file server number
$fs = (Get-ADComputer -filter "Description -like 'FS SERVER'").count
$fs_count = "<tr><td>File Server numbers</td> <td>$fs</td></tr>"

#print server number
$print = (Get-ADComputer -filter "Description -like 'PRINT SERVER'").count
$print_count = "<tr><td>Print Server numbers</td> <td>$print</td></tr>"

#Terminal server numbers
$terminal = (Get-ADComputer -filter "Description -like 'TERMINAL SERVER'").count
$terminal_count = "<tr><td>Terminal Server numbers</td> <td>$terminal</td></tr>"

#SQL server number
$sql = (Get-ADComputer -filter "Description -like 'SQL SERVER'").count
$sql_count = "<tr><td>SQL Server numbers</td> <td>$sql</td></tr>"

#Firebird DB numbers
$firebird = (Get-ADComputer -filter "Description -like 'FIREBIRD SERVER'").count
$firebird_count = "<tr><td>Firebird DB numbers</td> <td>$firebird</td></tr>"

#DPM server number
$dpm = (Get-ADComputer -filter "Description -like 'DPM SERVER'").count
$dpm_count = "<tr><td>DPM Server numbers</td> <td>$dpm</td></tr>"

#DHCP server number
$dhcp = (Get-ADComputer -filter "Description -like 'DHCP SERVER'").count
$dhcp_count = "<tr><td>DHCP Server numbers</td> <td>$dhcp</td></tr>"

#WSUS server number
$wsus = (Get-ADComputer -filter "Description -like 'WSUS SERVER'").count
$wsus_count = "<tr><td>WSUS Server numbers</td> <td>$wsus</td></tr>"

#LIC server number
$lic = (Get-ADComputer -filter "Description -like 'LIC SERVER'").count
$lic_count = "<tr><td>AUTODESK Licenses Server numbers</td> <td>$lic</td></tr>"

#BACKUP server number
$backup = (Get-ADComputer -filter "Description -like 'BACKUP SERVER'").count
$backup_count = "<tr><td>BACKUP Server numbers</td> <td>$backup</td></tr>"

#VEEAM server number
$veeam = (Get-ADComputer -filter "Description -like 'VEEAM SERVER'").count
$veeam_count = "<tr><td>VEEAM Server numbers</td> <td>$veeam</td></tr>"


#other server
$total_windows_server = (Get-ADComputer -filter {operatingsystem -like  "*server*"} -properties * ).count
$other_server = $total_windows_server-($veeam+$backup+$lic+$wsus+$dhcp+$dpm+$firebird+$sql+$terminal+$print+$fs+$dc)
$other_server_count = "<tr><td>OTHER Server numbers</td> <td>$other_server</td></tr>"
$total_windows_server_count = "<tr><td><font size='3' color='red'>Total</font></td> <td><font size='3' color='red'>$total_windows_server</font></td></tr>"



$sonuc2=$dc_count,$fs_count ,$print_count,$terminal_count,$sql_count,$firebird_count, $dpm_count,$dhcp_count,$wsus_count,
$lic_count,$backup_count,$veeam_count,$other_server_count,$total_windows_server_count


################ OPERATING SYSTEM CHAPTER ################

$html_sonuc3= "

<table id='t01'>
<caption><h1>Operating Systems</h1></caption>
 <tr>
    <th style='width:80%;'>Item</th>
    <th style='width:20%;'>Count</th>   
  </tr>"
 
$html_bitis_sonuc3 = "</table></body></html>"  

#Operating systems
$Content=Get-ADComputer -Filter * -Properties * |group operatingsystem -noelement
$toplam = " "
foreach ($Data in $Content)
{
$First = $Data.Count
$Second = $Data.Name
$domain_user_count= "<tr><td>$second</td> <td>$first</td></tr>"
$toplam += $domain_user_count
} 

#toplam computer account
$domain_computer = (Get-adcomputer -filter *).count
$domain_computer_count = "<tr><td><font size='3' color='red'>Total</font></td> <td><font size='3' color='red'>$domain_computer</font></td></tr>"

$sonuc3=$toplam,$domain_computer_count

################ CREATE REPORT AND SEND ################

#create html output
Write-Output $html_baslangic $sonuc $html_bitis $html_sonuc2 $sonuc2 $html_bitis_sonuc2 $html_sonuc3 $sonuc3 $html_bitis_sonuc3 |Out-File c:\report.html

#send mail 
$outFile = "c:\report.html"
sendMail $outFile 


örnek çıktı olarak asagıdaki gibi genel bir bilgi ve karşılarına mevcut sayılarını yazan bir html output uretilir.

Scriptin her akşam otomatik mail atmasını saglamak için bir zamanlandırılmış görev girmek yeterlidir.

Not: Zamanlandırılmış görevde Action tanımlarken aşağıdaki şekilde işlemi gerçekleştirebilirsiniz.

powershell.exe -ExecutionPolicy Bypass SRIPT_PATH
Hi, I’m Savaş Saygılı