search

AsBuiltReport / AsBuiltReport.Microsoft.AD

Repository for AsBuiltReport Microsoft Active Directory module
https://techmyth.blog/posts/homelab-ad-doc-using-asbuiltreport/
MIT License
63 stars 18 forks source link

Add Find Orphaned GPOs In SYSVOL health check #107

Closed rebelinux closed 1 year ago

rebelinux commented 1 year ago

Adam Bertram

function Get-OrphanedGPO {

    [CmdletBinding()]
    param (
        [Parameter(Mandatory)]
        [string]$ForestName
    )
    try {
        ## Find all domains in the forest
        $domains = Get-AdForest -Identity $ForestName | Select-Object -ExpandProperty Domains
        $gpoGuids = @()
        $sysvolGuids = @()
        foreach ($domain in $Domains) {
            $gpoGuids += Get-GPO -All -Domain $domain | Select-Object @{ n='GUID'; e = {$_.Id.ToString()}} | Select-Object -ExpandProperty GUID
            foreach ($guid in $gpoGuids) {
                $polPath = "\\$domain\SYSVOL\$domain\Policies"
                $polFolders = Get-ChildItem $polPath -Exclude 'PolicyDefinitions' | Select-Object -ExpandProperty name
                foreach ($folder in $polFolders) {
                    $sysvolGuids += $folder -replace '{|}'
                }
            }
        }
        Compare-Object -ReferenceObject $sysvolGuids -DifferenceObject $gpoGuids | Select-Object -ExpandProperty InputObject
    } catch {
        $PSCmdlet.ThrowTerminatingError($_)
    }
}
rebelinux commented 1 year ago

Image

rebelinux commented 1 year ago

Added more relevant information to the table

Image