2022-05-19 10:59:00 +02:00
Import-Module ActiveDirectory
<#
2022-02-14 09:19:59 +01:00
. SYNOPSIS
Sync all DC in a Forest
. DESCRIOTION
Sync all sites and services in a domain
. INPUTS
No Input needed
. OUTPUTS
Return a list of last sync elements
. EXAMPLE
PS > Replicate-ADSitesAndServices
Server LastReplicationSuccess
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
DC01 . dev . intra 14.02 . 2022 09 : 07 : 48
DC01 . dev . intra 14.02 . 2022 09 : 07 : 47
DC02 . dev . intra 14.02 . 2022 09 : 07 : 53
DC02 . dev . intra 14.02 . 2022 09 : 07 : 44
DC03 . dev . intra 14.02 . 2022 09 : 07 : 41
DC03 . dev . intra 14.02 . 2022 09 : 07 : 56
#>
function Replicate-ADSitesAndServices {
( Get-ADDomainController -Filter * ) . Name | ForEach-Object {
repadmin / syscall $_ ( Get-ADDomain ) . DistinguishedName / e / A | Out-Null
}
Start-Sleep 10 ;
Get-ADReplicationPartnerMetadata -Target " $env:USERDNSDOMAIN " -Scope Domain | Select-Object Server , LastReplicationSuccess
}
2022-05-19 10:59:00 +02:00
function Get-ADObjectTypeGUID {
param (
[ Parameter (
Mandatory = $true ,
ParameterSetName = " ObjectType " ,
Position = 0 ,
ValueFromPipeline = $true
) ]
[ string ] $GUID
)
if ( $Global:adObjectTypeGUID -eq $null ) {
$ObjectTypeGUID = @ { }
$GetADObjectParameter = @ {
SearchBase = ( Get-ADRootDSE ) . SchemaNamingContext
LDAPFilter = '(SchemaIDGUID=*)'
Properties = @ ( " Name " , " SchemaIDGUID " )
}
$SchGUID = Get-ADObject @GetADObjectParameter
Foreach ( $SchemaItem in $SchGUID ) {
$ObjectTypeGUID . Add ( [ GUID ] $SchemaItem . SchemaIDGUID , $SchemaItem . Name )
}
$ADObjExtPar = @ {
SearchBase = " CN=Extended-Rights, $( ( Get-ADRootDSE ) . ConfigurationNamingContext ) "
LDAPFilter = '(ObjectClass=ControlAccessRight)'
Properties = @ ( " Name " , " RightsGUID " )
}
$SchExtGUID = Get-ADObject @ADObjExtPar
ForEach ( $SchExtItem in $SchExtGUID ) {
$ObjectTypeGUID . Add ( [ GUID ] $SchExtItem . RightsGUID , $SchExtItem . Name )
}
$Global:adObjectTypeGUID = $ObjectTypeGUID
}
return $Global:adObjectTypeGUID [ [GUID ] $ ( $GUID ) ]
}
function Get-ADObjectPermission {
param (
[ Parameter (
Mandatory = $true ,
ParameterSetName = " Identity " ,
Position = 0 ,
ValueFromPipeline = $true
) ]
[ string ] $Identity ,
[ string ] $Reference = " * "
)
( Get-Acl " AD: $( $Identity ) " ) . access | Where-Object IdentityReference -Like $Reference | ForEach-Object {
$object = $_
switch ( $object . InheritanceType )
{
" None " { $object | Add-Member -Force -NotePropertyName InheritanceTypeName -NotePropertyValue " This Object Only " }
" All " { $object | Add-Member -Force -NotePropertyName InheritanceTypeName -NotePropertyValue " This object and all descendant objects " }
" Descendents " { $object | Add-Member -Force -NotePropertyName InheritanceTypeName -NotePropertyValue " All descendant objects " }
" Children " { $object | Add-Member -Force -NotePropertyName InheritanceTypeName -NotePropertyValue " Only apply this permission to objects and/or containers within this container " }
" SelfAndChildren " { $object | Add-Member -Force -NotePropertyName InheritanceTypeName -NotePropertyValue " Only apply this permission to objects and/or containers within this container " }
}
switch ( $object . PropagationFlags )
{
" None " { $object | Add-Member -Force -NotePropertyName PropagationFlags -NotePropertyValue " no inheritance " }
" InheritOnly " { $object | Add-Member -Force -NotePropertyName PropagationFlags -NotePropertyValue " inheritance child items only " }
" NoPropagateInherit " { $object | Add-Member -Force -NotePropertyName PropagationFlags -NotePropertyValue " Only Apply this permission to objects and/or containers within this container is selected " }
}
if ( $object . ObjectType -eq [ GUID ] " 00000000-0000-0000-0000-000000000000 " ) {
$objectTypeName = " all properties "
} else {
$objectTypeName = Get-ADObjectTypeGUID -GUID $object . ObjectType
}
$object | Add-Member -Force -NotePropertyName ObjectTypeName -NotePropertyValue $objectTypeName
if ( $object . InheritedObjectType -eq [ GUID ] " 00000000-0000-0000-0000-000000000000 " ) {
$InheritedObjectType = " all objects "
} else {
$InheritedObjectType = Get-ADObjectTypeGUID -GUID $object . InheritedObjectType
}
$object | Add-Member -Force -NotePropertyName InheritedObjectTypeName -NotePropertyValue $InheritedObjectType
Write-Output $object
}
}
Export-ModuleMember -Function Replicate-ADSitesAndServices , Get-ADObjectPermission