Been busy with rolling out new Windows 10 desktop workstations for an organization and making sure that this new rollout is fully managable for their administrators.
So I asked myself a few simple supportability questions if I’m an administrator looking after a large environment on what do I need to make my life easier at work.
What will you do when someone asks you in IT department to find any workstation to check if they are online?
I will PowerShell a probe against all workstations within an Organization Unit (OU) from Active Directory.
What will I want to know?
- The Hostname of the desktop workstation
- The Operating System of the desktop workstation
- The Operating System Version of the desktop workstation
- When it has joined the domain which is a rough indicator of when it is provisioned or deployed
- When it has changed in the domain which is a rough indicator of when the computer object in Active Directory was modified
- When the machine has last established an authentication in the domain
- Validate if the hostname is pingable
- What is the Fully Qualified Domain Name for the computer
- Validate if the FQDN of the computer is pingable
- Resolve the IP Address based on the FQDN of the computer
- Validate the IP Address is pingable
- Validate the WMI is reachable for WMI query
- Validate the WinRM is reachable for PowerShell Remoting
- Validate the Remote Desktop Protocol (RDP) is reachable for Remoting
- Validate the UNC Path to C:\ drive is reachable or accessible
And here it is my #PWSH PowerShell quick adventure in 10mins…
What do I need?
Active Directory PowerShell Module (To find out how to get it on Windows 10, follow here)
Import-Module -Name ActiveDirectory ;
Next I will need to grab all the Computer Objects from Active Directory.
Get-ADComputer and the Distinguised Name of the Organization Unit (OU) where all my desktop workstations are contained as the search base.
Get-ADComputer ` -SearchBase "OU=Win10,OU=Workstations,DC=amce,DC=co,DC=nz" ` -Filter * ` -Properties * ;
That’s simple enough but it doesn’t achieve my goal on what I need to know.
Therefore, I have to loop the array of computer objects received from Get-ADComputer and pipelined to a ForEach-Object to interrogate each computer object with additional custom information as below with Test-Connection, Test-WSMan, Test-Path, Get-WMIObject and others…
Import-Module ` -Global ActiveDirectory ; Get-ADComputer ` -SearchBase "OU=Win10,OU=Workstations,DC=amce,DC=co,DC=nz" ` -Filter * ` -Properties * | ` ForEach-Object { ` $_ | Select-Object ` Name, ` OperatingSystem, ` OperatingSystemVersion, ` whenCreated, ` whenChanged, ` LastLogonDate, ` @{ ` N='HostnamePingable'; ` E={ ` Test-Connection ` -ComputerName $_.Name ` -Count 1 ` -Quiet ; ` } ` },` DNSHostname, ` @{ ` N='FQDNPingable'; ` E={ ` Test-Connection ` -ComputerName $_.DNSHostname ` -Count 1 ` -Quiet ; ` } ` }, ` @{ ` N='IPv4Address'; ` E={ ` [System.Net.Dns]::GetHostAddresses($_.DNSHostname) | ` Select-Object ` -ExpandProperty IPAddressToString ; ` } ` }, ` @{ ` N='IPv4Pingable'; ` E={ ` Test-Connection ` -ComputerName ([System.Net.Dns]::GetHostAddresses($_.DNSHostname) | ` Select-Object ` -ExpandProperty IPAddressToString) ` -Count 1 ` -Quiet ; ` } ` }, ` @{ ` N='WMIReachable'; ` E={ ` $result = Get-WmiObject ` -ComputerName $_.DNSHostname ` -Class Win32_OperatingSystem ` -ErrorVariable err ; if($err -match (Out-Null)){ ` $false ; }else{ ` $true ; } ` } ` }, ` @{ ` N='WinRMReachable'; ` E={ ` try{ ` Test-WSMan ` -ComputerName $_.DNSHostname | ` Out-Null; $true ; }catch{ ` $false ; } ` } ` }, ` @{ ` N='RDPReachable'; ` E={ ` try{ ` (New-Object System.Net.Sockets.TCPClient ` -ArgumentList $_.DNSHostname,3389).Connected ` }catch{ ` $false ; } ` } ` }, ` @{ ` N='C$Reachable'; ` E={ ` Test-Path ` -Path ('\\' + $_.Name + '\C$') ; ` } ` } ` } | Out-GridView ;
Finally, I will pipelined the result to a Out-GridView for viewing purposes.