Pages

8/02/2013

Powershell - Report on Group Policy Objects


#########################################################################################################################
#
#   GPO-REPORT.PS1
#
#   Create a report of the status of all WSUS GPO's
#

import-module grouppolicy

$today = get-date
$outfile = "gpostatus.html"
$key = "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\au"

$days = @{"0" = "Every Day"; "1" = "Every Sunday"; "2" = "Every Monday"; "3" = "Every Tuesday"; "4" = "Every Wednesday"; "5" = "Every Thursday"; "6" = "Every Friday"; "7" = "Every Saturday"}

$gpobjs = get-gpo -all -domain usa.DOMAIN.com | where {$_.DisplayName -like "Software Update*"}

"<HTML>" | out-file $outfile
"<HEAD>" | out-file $outfile -append
"<TITLE></TITLE>" | out-file $outfile -append
"</HEAD>" | out-file $outfile -append
'<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#FF0000" VLINK="#800000" ALINK="#FF00FF" BACKGROUND="?">' | out-file $outfile -append
'<H2>WSUS Group Policy Status</H2>' | out-file $outfile -append
'<H4>' + $today + '</H4><table bordercolor=#000000;  border=2px; cellspacing=0;>' | out-file $outfile -append
'<tr><td ><b><font face="monospace" size="3"> Policy </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Modified </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Enabled/Disabled </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Configuration </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Install Day </font></td>' | out-file $outfile -append
'<td ><b><font face="monospace" size="3"> Install Hour </font></td>' | out-file $outfile -append
'</tr>' | out-file $outfile -append

$gpobjs | foreach-object {
    $name = $_.DisplayName
 
write-host $name
 
    $modified = $_.ModificationTime
    $enabledvalue = get-gpregistryvalue -name $name -key $key -valuename noautoupdate
    if ($enabledvalue.value -eq "0") {
        $enabled = "enabled"
        }
    else {
        $enabled = "disabled"
        }
    $optionvalue = get-gpregistryvalue -name $name -key $key -valuename auoptions

    if ($optionvalue.value -eq "2") {
        $option = "2-Notify Only"
        }
    elseif ($optionvalue.value -eq "3") {
        $option = "3-Download & Notify"
        }
    elseif ($optionvalue.value -eq "4") {
        $option = "4-Download & Install"
        }
    else {
        $option = $optionvalue.value
        }

    $dayvalue = (get-gpregistryvalue -name $name -key $key -valuename scheduledinstallday).value | out-string
    $dayvalue = $dayvalue -replace "\s+", ""
    $day = $days[$dayvalue]
    $hour = (get-gpregistryvalue -name $name -key $key -valuename scheduledinstalltime).value
    
    if ($enabled -eq "disabled") {
    $option = " "
    $day = " "
    $hour = " "
    }
    '<tr><td ><font face="monospace" size="2">' + $name + '</font></td>' | out-file $outfile -append
    '<td ><font face="monospace" size="2">' + $modified + '</font></td>'  | out-file $outfile -append
    '<td ><font face="monospace" size="2">' + $enabled + '</font></td>'  | out-file $outfile -append
    '<td ><font face="monospace" size="2">' + $option + '</font></td>'  | out-file $outfile -append
    '<td ><font face="monospace" size="2">' + $day + '</font></td>'  | out-file $outfile -append
    '<td ><font face="monospace" size="2">' + $hour + '</font></td></tr>'  | out-file $outfile -append

}#foreach object

"</TABLE></BODY></HTML>" | out-file $outfile -append

No comments: