17 January, 2020

Audit Mapped drive GPO with Powershell

Lists out all of the mapped drives in a GPO.
I’ve found a few different approaches to auditing ‘Drive Maps’ GPO - But wanted something easier to read…
It also shows where these settings are found in the XML output of a GPO report.
Hopefully the below offering is helpful to others:
Getting to the exact path / data, was kinda' a pan in in the ass!
$report.GPO.User.extensiondata.Extension.DriveMapSettings.Drive



try
{
If (!(Get-Module GroupPolicy)) {Import-Module GroupPolicy -ErrorAction Stop}
}
catch
{
throw "Module GroupPolicy not Installed"
}


$GPOs = Get-GPO -All  | ? {
($_.DisplayName -match "drive") -and `
($_.DisplayName -NOTmatch "Hide") -and `
($_.DisplayName -NOTmatch "Remote")  -and `
($_.GpoStatus -match "Enabled")
}
$GPOs.Id.Guid
$GPOs.DisplayName | % {
    Write-Host "##########################" -ForegroundColor DarkYellow
    Write-Host " Policy Name: " -ForegroundColor Yellow -NoNewline
    Write-Host "$($_)" -ForegroundColor Green
    Write-Host " GPO GUID: " -ForegroundColor Yellow -NoNewline
    Write-Host "$($GPOs.Id.Guid)" -ForegroundColor Green
    [xml]$report = get-gporeport -Name $_ -ReportType XML
    $Output = @()
    Write-Host " ~~~~~~~~~~~~~~~~~~~~~~"
    $report.GPO.User.extensiondata.Extension.DriveMapSettings.Drive | % {
        Clear-Variable -Name ("DriveLetter", "Label", "Path ","Action","Targeting") -ErrorAction SilentlyContinue
        $DriveLetter = $_.Properties.Letter
        $Label = $_.Properties.label
        $Path = $_.Properties.path
        $Action = $_.Properties.action
        $Targeting = $_.Filters.FilterGroup.Name
            $OutputX = New-Object PSObject
                $OutputX | Add-Member -type NoteProperty -Name 'DriveLetter' -Value $DriveLetter
                $OutputX | Add-Member -type NoteProperty -Name 'Label' -Value $Label
                $OutputX | Add-Member -type NoteProperty -Name 'Path' -Value $Path
                $OutputX | Add-Member -type NoteProperty -Name 'Action' -Value $Action
                $OutputX | Add-Member -type NoteProperty -Name 'Targeting' -Value $Targeting
            $Output += $OutputX
        }
    }

$CRUD = @{
C = "Create"
R = "Replace"
U = "Update"
D = "Delete"
}
$Output | sort DriveLetter | % {
    If (($_.Label -ne "") -and ($_.Label -ne $null)) {
    Write-Host "   Drive Label: " -ForegroundColor Yellow -NoNewline
    Write-Host $_.Label -ForegroundColor Cyan
    }
    Write-Host "   Drive Letter: " -NoNewline -ForegroundColor Yellow
    Write-Host "$($_.DriveLetter):" -NoNewline -ForegroundColor Yellow -BackgroundColor Magenta
    If (($_.Path -ne "") -and ($_.Path -ne $null)) {
    Write-Host " $($_.Path)" -ForegroundColor Cyan
    }
    If (($_.Path -eq "") -and ($_.Path -eq $null)) {
    Write-Host "" -ForegroundColor Cyan
    }
    If (($_.Path -ne "") -and ($_.Path -ne $null)) {
    Write-Host "   Targeting (group): " -NoNewline -ForegroundColor Yellow
    Write-Host $_.Targeting -ForegroundColor Cyan
    }
    If ($_.Action -ne "") {
    Write-Host "     Action: $($CRUD[$_.Action])
    "
    }
}


No comments:

Post a Comment