adaudit

PowerShell Script to perform a quick AD audit

If you have any decent PowerShell one lines missing please let me know. I’m trying to keep this script as a single file with no requirements on external tools (other than ntdsutil and cmd.exe)

Run directly on a DC using a DA. If you don’t trust the code I suggest reading it first and you’ll see it’s all harmless! (But shouldn’t you be doing that anyway with the code you download off the net and then run as DA??)

Performs the following functions:

• Password Policy Findings –> Get-PasswordPolicy Get-UserPasswordNotChangedRecently
• Looking for accounts that don’t expire –> Get-AccountPassDontExpire
• Looking for inactive/disabled accounts –> Get-InactiveAccounts Get-DisabledAccounts
• Looking for server 2003/XP machines connected to the domain –> Get-OldBoxes
• AD Findings –> Get-MachineAccountQuota Get-SMB1Support
• Domain Trust Findings” ; Get-DomainTrusts
• GPO Findings –> Get-GPOtoHTML –> Get-GPOsPerOU
• Trying to find SysVOL xml files containing cpassword –> Get-SYSVOLXMLS
• Trying to save NTDS.dit–> Get-NTDSdit

Changelog v4.1

• Loads of fixes
• Works with Powershellv2 again now
• filtered out disabled accounts
• improved domain trusts checking
• ouperms improvements and filtering
• check for w2k
• fixed typos/spelling and various other fixes.

Download

git clone https://github.com/phillips321/adaudit.git

Usage

Source: https://github.com/phillips321/