-
Notifications
You must be signed in to change notification settings - Fork 19
/
Get-ValidatedAndMergedLocalAdminFile.ps1
125 lines (104 loc) · 3.58 KB
/
Get-ValidatedAndMergedLocalAdminFile.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<#
.Synopsis
Validates and merges individual admin report CSVs into a single file
.DESCRIPTION
This script takes a path to a directory containing multiple csv files created by the Get-LocalAdmin.ps1 script and merges them into a single csv file.
For security reasons, the script also ensures that the file was created by the computer it purports to come from.
.PARAMETER
[string]CSVPath
Path to the directory containing the local admin reports
.PARAMETER
[string]OutFile
The name of the consolidated file to create
.PARAMETER
[switch]IgnoreOwnerErrors
By default, any local admin reports where the owner of the file is not the computer the file purports to be for will be excluded from the consolidated report. Include this switch to ignore these warnings and include the files in the merged report
.EXAMPLE
Get-ValidatedAndMergedLocalAdminFile -CSVPath 'c:\local-admin-reports' -OutFile 'c:\mergedresults\merge.csv'
#>
param(
[Parameter(Mandatory = $true)]
[string]$CSVPath,
[Parameter(Mandatory = $true)]
[string]$OutFile,
[Parameter(Mandatory = $false)]
[Switch]$IgnoreOwnerErrors
)
Begin
{
$ErrorActionPreference='Stop'
$WarningActionPreference='Continue'
if (!(Test-Path -Path $OutFile))
{
Write-Verbose -Message "Creating $OutFile"
New-Item -Path $OutFile -Force -ItemType File | out-null
}
$Merged = @();
}
Process
{
[int]$i = 0
$CSVs = Get-ChildItem -Path $CSVPath
foreach($CSV in $CSVs.FullName)
{
Write-Progress -Activity 'Merging files...' -Status $CSV -PercentComplete ((($i++) / $CSVs.count) * 100)
if(-not (Test-Path $CSV))
{
Write-Warning "Does not exist: $CSV"
continue;
}
$acl = Get-Acl $csv
try
{
$ownerFqName = $acl.GetOwner([System.Security.Principal.NTAccount]).Value.TrimEnd('$');
if ($ownerFqName.Contains("\"))
{
$owner = $ownerFqName.Split('\')[1]
}
else
{
$owner = $ownerFqName
}
$fileName = [System.IO.Path]::GetFileNameWithoutExtension($csv)
if ($owner -ne $fileName)
{
if (-not $IgnoreOwnerErrors)
{
Write-Warning "File $csv was not owned by the expected principal. The owner of the file was $owner, but was expected to be $filename. This file has been skipped. Use the -IgnoreOwnerErrors switch to include these files"
continue;
}
else
{
Write-Warning "File $csv was not owned by the expected principal. The owner of the file was $owner, but was expected to be $filename"
}
}
$CSV = Import-CSV -Path $CSV -Header Host,SID
foreach ($row in $csv)
{
if ($row.Host -ne $ownerFqName)
{
if (-not $IgnoreOwnerErrors)
{
Write-Warning "File contained an unexpected entry. The file should only contain records for the computer $ownerFqName, but an entry was found for $($row.Host). This record has been skipped. Use the -IgnoreOwnerErrors switch to include these records"
continue;
}
else
{
Write-Warning "File contained an unexpected entry. The file should only contain records for the computer $ownerFqName, but an entry was found for $($row.Host)"
}
}
}
$Merged += $CSV
}
catch
{
Write-Warning "Unable to merge file $csv. $($_.Exception.Message)"
continue;
}
}
}
End
{
$Merged | Export-Csv -Path $OutFile -NoTypeInformation
Write-Output "$OutFile successfully created"
}