I’ve found a few different
approaches to auditing ‘Drive Maps’ GPO - But wanted something easier to read…
It also shows where these settings are found in the XML output of a GPO report.
Hopefully the below offering is
helpful to others:It also shows where these settings are found in the XML output of a GPO report.
Getting to the exact path / data, was kinda' a pan in in the ass!
$report.GPO.User.extensiondata.Extension.DriveMapSettings.Drive
try
{
If (!(Get-Module GroupPolicy))
{Import-Module GroupPolicy
-ErrorAction Stop}
}
catch
{
throw "Module
GroupPolicy not Installed"
}
$GPOs = Get-GPO -All | ? {
($_.DisplayName -match "drive")
-and `
($_.DisplayName -NOTmatch "Hide")
-and `
($_.DisplayName -NOTmatch "Remote") -and `
($_.GpoStatus -match "Enabled")
}
$GPOs.Id.Guid
$GPOs.DisplayName
| % {
Write-Host
"##########################" -ForegroundColor DarkYellow
Write-Host
" Policy Name: " -ForegroundColor Yellow
-NoNewline
Write-Host
"$($_)" -ForegroundColor
Green
Write-Host
" GPO GUID: " -ForegroundColor Yellow
-NoNewline
Write-Host
"$($GPOs.Id.Guid)" -ForegroundColor
Green
[xml]$report = get-gporeport -Name
$_ -ReportType
XML
$Output = @()
Write-Host
" ~~~~~~~~~~~~~~~~~~~~~~"
$report.GPO.User.extensiondata.Extension.DriveMapSettings.Drive
| % {
Clear-Variable
-Name ("DriveLetter", "Label", "Path ","Action","Targeting")
-ErrorAction SilentlyContinue
$DriveLetter
= $_.Properties.Letter
$Label
= $_.Properties.label
$Path = $_.Properties.path
$Action
= $_.Properties.action
$Targeting
= $_.Filters.FilterGroup.Name
$OutputX
= New-Object
PSObject
$OutputX
| Add-Member
-type NoteProperty
-Name 'DriveLetter'
-Value $DriveLetter
$OutputX
| Add-Member
-type NoteProperty
-Name 'Label'
-Value $Label
$OutputX
| Add-Member
-type NoteProperty
-Name 'Path'
-Value $Path
$OutputX
| Add-Member
-type NoteProperty
-Name 'Action'
-Value $Action
$OutputX
| Add-Member
-type NoteProperty
-Name 'Targeting'
-Value $Targeting
$Output
+= $OutputX
}
}
$CRUD =
@{
C
= "Create"
R
= "Replace"
U
= "Update"
D
= "Delete"
}
$Output | sort DriveLetter
| % {
If (($_.Label -ne "")
-and ($_.Label -ne $null)) {
Write-Host
"
Drive Label: " -ForegroundColor
Yellow -NoNewline
Write-Host
$_.Label -ForegroundColor Cyan
}
Write-Host
"
Drive Letter: " -NoNewline
-ForegroundColor Yellow
Write-Host
"$($_.DriveLetter):"
-NoNewline -ForegroundColor
Yellow -BackgroundColor
Magenta
If (($_.Path -ne "")
-and ($_.Path -ne $null)) {
Write-Host
" $($_.Path)" -ForegroundColor Cyan
}
If (($_.Path -eq "")
-and ($_.Path -eq $null)) {
Write-Host
"" -ForegroundColor
Cyan
}
If (($_.Path -ne "")
-and ($_.Path -ne $null)) {
Write-Host
"
Targeting (group): " -NoNewline
-ForegroundColor Yellow
Write-Host
$_.Targeting
-ForegroundColor Cyan
}
If ($_.Action -ne "")
{
Write-Host
"
Action: $($CRUD[$_.Action])
"
}
}
|
No comments:
Post a Comment