-
Notifications
You must be signed in to change notification settings - Fork 21
/
ad-neverexpires.ps1
125 lines (108 loc) · 4.52 KB
/
ad-neverexpires.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<#
.NAME
ADRT - Active Directory Report Tool
.DESCRIPTION
Extract the complete list of all users that the Password Never Expires.
.EXAMPLE
PS C:\adrt> .\ad-neverexpires.ps1
.NOTES
Name: Marcos Henrique
E-mail: marcos@100security.com.br
.LINK
WebSite: http://www.100security.com.br
Facebook: https://www.facebook.com/seguranca.da.informacao
Twitter: https://twitter.com/100Security
GitHub: https://www.github.com/100security
Youtube: https://www.youtube.com/user/videos100security
#>
$report = $null
$table = $null
$date = Get-Date -format "yyyy-MM-dd"
$mounth = Get-Date -format "MMM"
$directorypath = (Get-Item -Path ".\").FullName
$path = "ad-reports\ad-neverexpires"
#$html = "$path\ad-neverexpires-$date.html"
#$csv = "$path\ad-neverexpires-$date.csv"
$html = "$path\ad-neverexpires.html"
$csv = "$path\ad-neverexpires.csv"
#-- Password Never Expires
$t_pne = (Get-ADUser -filter * -properties PasswordNeverExpires | where { $_.PasswordNeverExpires -eq "true" } | where {$_.enabled -eq "true"} ).count
$domain = (Get-ADDomain).Forest
# Config
$config = Get-Content (JOIN-PATH $directorypath "config\config.txt")
$company = $config[7]
$owner = $config[9]
#-- Import Module
Import-Module ActiveDirectory
#-- Show Total
$table += "<center><h3><b>Password Never Expires: <font color=red>$t_pne</font></b></h3></center>"
#-- Filter
$neverexpires = @(Get-ADUser -filter * -properties PasswordNeverExpires | where { $_.PasswordNeverExpires -eq "true" } | where {$_.enabled -eq "true"} )
$result = @($neverexpires | Select-Object Name, SamAccountName)
#-- Order by (A-Z)
$result = $result | Sort "Name"
#-- Display result on screen
#$result | ft -auto
$table += $result | ConvertTo-Html -Fragment
$format=
"
<html>
<body>
<title>$company</title>
<style>
BODY{font-family: Calibri; font-size: 12pt;}
TABLE{border: 1px solid black; border-collapse: collapse; font-size: 12pt; text-align:center;margin-left:auto;margin-right:auto; width='1000px';}
TH{border: 1px solid black; background: #F9F9F9; padding: 5px;}
TD{border: 1px solid black; padding: 5px;}
H3{font-family: Calibri; font-size: 12pt;}
</style>
"
$title=
"
<table width='100%' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td bgcolor='#F9F9F9'>
<font face='Calibri' size='5px'><b>Active Directory - Password Never Expires</b></font>
<H3 align='center'>Company: <font color=red>$company</font> - Domain: <font color=red>$domain</font> - Date: <font color=red>$date</font> - Owner: <font color=red>$owner</font></H3>
</td>
</tr>
</table>
</body>
</html>
"
$footer=
"
<br><br>
<table width='100%' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td bgcolor='#F9F9F9'>
<font face='Calibri' size='2px'>ADRT - Active Directory Report Tool</font>
</td>
</tr>
</table>
"
$message = "</table><style>"
$message = $message + "BODY{font-family: Calibri;font-size:16;font-color: #000000}"
$message = $message + "TABLE{margin-left:auto;margin-right:auto;width: 800px;border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
$message = $message + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color: #F9F9F9;text-align:center;}"
$message = $message + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;text-align:center;}"
$message = $message + "</style>"
$message = $message + "<table width='300px' heigth='500px' align='center'>"
$message = $message + "<tr><td colspan='2' bgcolor='#DDEBF7' height='40'><b>Active Directory</b></td></tr>"
$message = $message + "<tr><td bgcolor='#F9F9F9' height='40'>Description</td><td bgcolor='#F9F9F9' height='40'>Total</td></tr>"
$message = $message + "<tr><td height='40'>Password Users Never Expires</td><td>$t_pne</td></tr>"
$message = $message + "<tr><td colspan='2' bgcolor='#DDEBF7' height='40'><b>Information Security</b></td></tr>"
$message = $message + "</table>"
$report = $format + $title + $table + $footer
#-- Generate HTML file
$report | Out-File $html -Encoding Utf8
#-- Export to CSV
$result | Sort Company | Export-Csv $csv -NoTypeInformation -Encoding Utf8
#-- Send report by email
#$Subject = "[ Report-$mounth ] Active Directory - Password Never Expires"
#$SmtpServer = $config[11]
#$Port = $config[13]
#$From = $config[15]
#$To = $config[17]
#Send-MailMessage -From $From -To $To -Subject $Subject -Attachments $html,$csv -bodyashtml -Body $message -SmtpServer $SmtpServer -Port $Port
cls