Workstation & Server Audit Script V3

One thing I wish I had was more time to re-visit my old scripts and re-write them as I often look at my old script and it sends a cold shiver down my spine as I now know a better way of doing things.

As I was away for the weekend and had no internet connection I took my old Audit Script with me, I had a few personal objectives that I wanted to achieve by re-writing this code and I was also asked by a friend who has started to adapt the code into other formats.

So, this is version 3 of the script, you can see how much I have learnt recently as V1 of this script was over 1000 lines, V2 of this script was 847 and now with the new improved code it is a miniscule 459 lines

My main objectives for this version of the script were:

Apply my newly learnt PS Skills to optimise the code
Use a HTML format that worked in all browsers
Make the code easy to follow
Make the code easy for other people to produce similar reports of other systems

When you see the code and use the output I hope you will agree I have achieved each of these. The code now works with all browsers I have tested and is very easily customisable.

Check out a screenshot of the output below:

As before this script can be run in two modes, if you run it as it is you will produce an audit of your current machine or if you run it with a path to a text file it will read a list of server names and audit each machine saving a separate html file for each one.

The script can be downloaded from here. Enjoy !

<SMALL RANT> Someone took my last script and removed my name from the code and then posted it as their own code on a powershell site, whilst I do not mind people adjusting and re-using my code, in fact there is nothing better than seeing how other people use my code I would prefer that you at least make a reference to my site or me in your comments.

I have been under certain pressure to start charging for some of my code which I have resisted as I like contributing and making the life of my fellow admins easier, claiming my code as your own is just plain rude.</SMALL RANT>

Tags: powershell

Related Posts
Comments (31)

#1 written by dboftlp
about 4 months ago

Thanks for the new code Alan. Your work is greatly appreciated!
#2 written by Chris
about 4 months ago

Awesome script as usual. Your contributions are appreciated.
#3 written by Paolo
about 4 months ago

Hi Alan

How to i make this run if my servers have different passwords? It seems to run just fine on the local box i have powercli installed on but when i add a list of stand alone windows hosts off my ESX box, it fails to run (these boxes have a different administrator password than the one i am on)
#4 written by Virtu-Al
about 4 months ago

@Paolo
This is one of the things I was thinking about adding, how would you see it working, do all servers have the same credentials, would you prefer to pass the script a -username and -password parameter ?

Would you prefer to put the username and password in the text file next to each server ?

Would you prefer the script to prompt you for a username/passowrd if it doesnt have access to the server ?

Thanks

Alan
#5 written by DJLO
about 4 months ago

@Virtu-Al
Hi Alan,

We host development servers for a number of different teams here so the admin password is usually one of 3. We never keep it the same as our ESX password and my powercli resides on the VC host itself. It would be nice if the txt file could contain an admin password it could use (not sure about security there) or have it prompt for an Admin password and have it keep using it on each subsequent server until it requires it to be changed, then it can prompt for the new password

I can see huge value for this script because once i host the server, the developers put it on me to make sure their environment is ok and healthy. I usually have to RDP into these hosts and check logs weekly. If the script could somehow do what i’ve asked it would be pure gold. Also could it email the results as well (something like your Dailyreport does).

Keep up the fantastic job. Your scripts have made my day to day stuff go much smoother and even helped us find a problem in our VC logs we didn’t even know existed !
#6 written by Andy
about 4 months ago

Thanks again Alan. A joy to see …
#7 written by Virtu-Al
about 4 months ago

@DJLO
Thanks for the comment, im glad the Daily Report is working out ok for you, it has found a few issues for me too

Just a quick note to say that this is a PowerShell script not specific to PowerCLI although it can be used with PowerCLI to audit your windows VMs, I will work on the permissions side of things and see what I can come up with.

Thanks for your information, it is useful when progressing the script.

Alan
#8 written by Virtu-Al
about 4 months ago

@Andy

@Chris

@dboftlp

Thanks for the kind comments
#9 written by Aaron
about 4 months ago

The ability to pass it username and password from the text file would be a GREAT feature to this script. I have used a couple other scripts that have done this. One script that i love, that would love to see your script replace is SYDI (http://sydiproject.com/) Patrick is a great guy, but he doesn’t have much time to update his script any more. I would love to see some of the same things in his script in yours. Many of the features are already there, but the ability to write out the file to a word document or generate an overview file is great in my environment.

Keep up the great work Alan.

app
#10 written by Sudharsan
about 4 months ago

Thanks for the great Script . Can we have a method where in we can have the output in a single HTML file and then mail it to a Specific EMail ID ? may be we can look at removing Error logs to reduce the size of the HTML File .

looking forward to many more great scripts from you !!
#11 written by za_mkh
about 4 months ago

Hi Alan,

Just came across your site recently. In fact I book marked it in a blog post a few months back and then went to find it last week now that our new vsphere infrastructure is humming away. Your daily healthcheck script is awesome and I would like to thank you for that. It also showed us errors in our vSphere servers that we are now troubleshooting!

Since I’m just starting out with Powershell, VESI, I hope too that one day I can contribute a script as userfriendly and as powerful as yours! Thank you.

za_mkh
#12 written by UppyJC
about 4 months ago

Great script Alan.
An absolutely perfect solution to WW’s latest Microsoft licence audit.
Hope all’s well.
James
#13 written by Virtu-Al
about 4 months ago

@Aaron
Thanks for pointing me at that, its a great resource, I can certainly move whatever you need from there into this script, which areas do you find most useful ?

As for the word part, I can also do this as have created a word export script before but would prefer to get all the details in there first.

Thanks for your comments, i can see this being a great help.

Alan
#14 written by Virtu-Al
about 4 months ago

@Sudharsan
Sure, shouldnt be a problem, only issue is that Outlook will not allow the expand part to work so it will be a very long file unless i attach a single html ? Would that be suitable ?! Thanks for the comment
#15 written by Virtu-Al
about 4 months ago

@za_mkh
Thanks for taking the time to leave such a nice comment, this is exactly why I give my scripts away for nothing !
#16 written by Virtu-Al
about 4 months ago

@UppyJC
Nice one James, hope all is well at WW, say Hi to all for me.
#17 written by Omarr
about 4 months ago

You can use this with any powershell script or command.

Get-Credential |

This will prompt you for your login and then run the commandlet or script as the new login
#18 written by Virtu-Al
about 4 months ago

@Omarr
Thanks for the comment, I wonder if people could use this or would prefer an option to provide a different username/password for each server/workstation ?

Thoughts ?
#19 written by Omarr
about 4 months ago

@Omarr

It cut out the command that I had typed. It should read

Get-Credential | commandlet or script name
#20 written by Cory
about 4 months ago

Wow…great script! Cant wait to dissect this and uncover all of the HTML goodness you’ve got going on here.
#21 written by Rob P
about 4 months ago

Hi Alan… Thanks for the great script, once again you have done yourself proud. I’ve run this again out entire server farm, 300+ boxes and will schedule it to run every week to keep it up to date. Everyone here thinks it’s awesome. Even got James using it.

Could I make a suggestion for the next version. When you run the script, could it include a switch to either run a list of servers, something like “Audit.ps1 -L serverlist.txt” and a switch to audit individual servers, something like “Audit.ps1 -S servername”. Just a thought.
#22 written by Alan Renouf
about 4 months ago

@Cory
Thanks for the comment, hopefully you will find it very easy to use
#23 written by Alan Renouf
about 4 months ago

@Rob P
Great idea mate, let me know if you need any more info in there too.
#24 written by bwuch
about 4 months ago

Hey, this is a great script! Ran it on a couple machines and really like the output/format. Did run into one small problem that I thought I should report — on certain machines I get a divide by zero error on line 296. I believe this is because of a Q: drive that is 0 bytes (it was created by the Microsoft AppV client).
#25 written by Virtu-Al
about 4 months ago

@bwuch
Ahh yeah, I think i need to put a trap in for that one, thanks.
#26 written by Sudharsan
about 4 months ago

Yes , Attachement as a Single HTML file also would hold good since we can schedule it as per convenience . For that i think we might need to remove the Error logs part since error logs might increase the Size of the HTML File that is being atatched and most organizations would have restrictions on the attachment size. Thanks Again for the Great Script !!
@Virtu-Al
#27 written by Rob P
about 4 months ago

Hi Alan, could I suggest having the Computer Description on the ‘General’ section. Would be nice for us as the computer name isn’t always very helpful.

Cheers mate.
#28 written by Lucas
about 4 months ago

Great script!

A couple of changes I made when I used it in my environment:

1. Started with a ping check (using Win32_PingStatus) to make sure that the target computers are online

2. Added the following code to get software inventory on Windows 2003 servers where the Win32_Product had not been installed (code goes in the Else portion of the Win32_Product check):

$colApps = @()
$hklm = 2147483650
$key = “SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall”
$wmi = [wmiclass]“\\$Target\root\default:stdRegProv”
$subkeys = $wmi.EnumKey($hklm,$key)
foreach ($subkey in $subkeys.sNames){
#Filter out hotfixes
if ($subkey -notmatch “KB*”)
{
$appName = ($wmi.GetStringValue($hklm,”$key\$subkey”,”DisplayName”)).sValue
$appVersion = ($wmi.GetStringValue($hklm,”$key\$subkey”,”DisplayVersion”)).sValue
$appVendor = ($wmi.GetStringValue($hklm,”$key\$subkey”,”Publisher”)).sValue
$appInstalldate = ($wmi.GetStringValue($hklm,”$key\$subkey”,”InstallDate”)).sValue

#Format installation date if it exists
#Set a trap to catch exceptions thrown by ParseExact if date is not in the expected format
Trap {
continue
}
if ($appInstalldate)
{
$appInstalldate = [datetime]::ParseExact($appInstallDate,’yyyyMMdd’,$null).Date.ToShortDateString()
}

$objApps = New-Object System.Object | Add-Member NoteProperty Name $appName -PassThru | Add-Member NoteProperty Version $appVersion -PassThru | Add-Member NoteProperty Vendor $appVendor -PassThru | Add-Member NoteProperty “Install Date” $appInstalldate -PassThru

$colApps += $objApps
}
}
Write-Output “..Software (via registry)”
$MyReport += Get-CustomHeader “2″ “Software”
$MyReport += Get-HTMLTable $colApps
$MyReport += Get-CustomHeaderClose

Write-Output “..Software WMI class was not installed, used registry instead.”
#29 written by Virtu-Al
about 4 months ago

@Lucas
Nice one, love it
#30 written by Rob P.
about 2 months ago

Hi Alan,

Could you possibly add in the OS Build number in you next release ?

Have a great Christmas. Rob…
#31 written by Virtu-Al
about 2 months ago

@Rob P.
Will do Rob, although you could add it yourslef, honestly the code is very easy to change !

No trackbacks yet.

Getting started with the Update Manager Cmdlets

about 10 hours ago - No comments

Last night I needed to update some of my hosts with the latest patches that have been released recently, this gave me the ideal opportunity to look at the recently released VMware Update Manager cmdlets for PowerCLI.
For a full list of cmdlets or to download click here.
Whilst upgrading one of my hosts I shot a [...]

VMware Update Manager cmdlets

about 1 week ago - 2 comments

Way back beyond the time before PowerCLI was invented there was this app called the Virtual Infrastructure Toolkit, when you installed the VITK if you had Update manager installed you used to be able to install some beta cmdlets which worked with update manager, this was subsequently removed in future versions….. Until Now !
They are [...]

PowerCLI: Technical Support Mode

about 1 week ago - 3 comments

Today Duncan over at yellow-bricks.com has started quite the conversation on technical support mode for ESXi or otherwise known as “unsupported mode”, check out his blog post and especially the comments here: http://www.yellow-bricks.com/2010/03/01/disable-tech-support-on-esxi/
As always when I see a post my first thought is to PowerCLI, so how can it help in this instance, well apart [...]

London VMUG – My Presentation

about 1 week ago - 1 comment

Yesterday was a fantastic VMware user group, definitely my favourite one so far, lots of great content from some fantastic people and some real rockstars (I think that is the 2010 word for Guru’s) like Mike Laverick, Carter Shanklin (Carter USM), Stuart Radnidge and many many more.
I was privileged to open the show with a [...]

Who created that VM ?

about 2 weeks ago - 13 comments

I was asked whilst on a customer site to work out who had created a VM, this is a common question in most environments where admin rights are the normal and creating a VM is as easy as creating a new word document.
After trawling through the logs for a couple of minutes I found the [...]

PowerCLI: Configured Maximums – Storage

about 4 weeks ago - 4 comments

With vSphere introduced some new maximum’s which we not only have to memorise for the exams but also have to keep in mind when designing and using your infrastructure.
In the back of your mind when adding a new host to a cluster you should always be thinking, how many hosts should be in this cluster [...]

PowerCLI: How many HBA’s ?

about 1 month ago - No comments

I needed a quick one-liner today to help me find out how many HBA’s my hosts had, the following one-liner needs no more introduction:
Get-VMHost | Select Name, @{N="FibreHBAs";E={($_ | Get-VMHostHba | Where { $_.Type -eq "FibreChannel"} | Measure-Object).Count}} | Out-GridView
Output:

And of course you can easily add it to VESI/PowerGUI:

Automated VM provisioning

about 1 month ago - 11 comments

The use cases for PowerCLI and automation continue to amaze me, a couple of nice use cases I have seen recently involve automating the deployment of VM’s for various reasons.
The first reason, performance, what happens when a VM which is sat there for most of the year suddenly becomes busy and doesn’t have enough resources [...]

PowerCLI: Changing a VM IP Address with Invoke-VMScript

about 1 month ago - 8 comments

One of the cmdlets that has been much improved in the recent version of PowerCLU 4 U1 is the Invoke-VMScript cmdlet,
This cmdlet runs a script or command inside the guest OS of each of the specified virtual machines. To run Invoke-VMScript, the user must have read access to the folder containing the virtual machine and [...]

Learn PowerCLI by video

about 1 month ago - 3 comments

So you want to learn PowerCLI, if your not a book kinda person and haven’t purchased Hal Rottenberg’s great book, Managing VMware Infrastructure with Windows PowerShell then there is great news for you.
Trainsignal have let it slip that coming soon to a website near you will be….
Managing VMware vSphere with PowerCLI – Hal Rottenberg

Video 1 [...]