So in the never ending GPM project, a new requirement came about recently. It was a report to show the current state of the GPOs within Quest Group Policy Manager before any of the other work is done. I wound up dubbing the report a ‘pre-flight’ report since we have one already for VAS and its a name that Ross J came up with a few years at another company he and I worked at.
The first pre-flight report, which just listed every GPO and some info, was done in about 10-15 minutes during the meeting with the client. However, they also pointed out that there may be many, many GPOs, and they would like to pare the list down to a specific subset of GPOs. Of course, that proved a little more challenging but I managed to do it in short order. So now the script takes in the file path of a CSV and assumes GPOName is the column name with all the GPOs listed.
So, without further ado, here is the preliminary script:
########################################################################################################################################
#
# In an ideal world, this would be a cmdlet called:
# Preflight-QGPO GPOName [-GPMServer] [-GPMPort] [-GPOListCSV]
#
########################################################################################################################################
Set-ExecutionPolicy Unrestricted;
########################################################################################################################################
# the next section is all hard coded variables which need to be set to script parameters
########################################################################################################################################
# set this param to $true to start taking in command line arguments
$useParams = $true;
if ($useParams)
{
# Which GPM Server to export from
$GPMHostname = $args[0];
# Which GPM Server port to use
$GPMPort = $args[1];
# the location of a CSV file with a list of specified GPOs
$GPOListCSV = $args[2];
}
else
{
# Which GPM Server to export from
$GPMHostname = "localhost";
# Which GPM Server port to use
$GPMPort = 40200;
# the location of a CSV file with a list of specified GPOs
$GPOListCSV = "";
# $GPOListCSV = "C:\GPMScripts\GPMPreflight\PreflightGPOs.csv";
}
function OutputGPOSettings ($p_currentGPO)
{
$gpoName = $p_currentGPO.Name;
$gpoVersion = $currentGPO.Version;
$gpoStatus = $currentGPO.Status;
$gpoLive = $currentGPO.HasLive;
$gpoTrustee = $currentGPO.Trustee;
$gpoApprovalRequired = $currentGPO.ApprovalsRequired;
$gpoApprovalReceived = $currentGPO.ApprovalsReceived;
Write-Output "GPO $iCounter : '$gpoName' - the most current version is $gpoVersion ";
Write-Output " The current status is $gpoStatus "
# not quite sure how useful this is - it is basically live/not live indicator - but is not for the most current version
# Write-Output " Is a version of this GPO live ? $gpoLive ";
if (($gpoStatus -eq $statusCheckedOut) -or ($gpoStatus -eq $statusPending) -or ($gpoStatus -eq $statusPendingDeployment ))
{
Write-Output " The current user is: $gpoTrustee ";
Write-Output " The approval count required? $gpoApprovalRequired ";
Write-Output " The approval count received? $gpoApprovalReceived ";
}
Write-Output "";
}
#############################################################################################################
# include the GPM stuff - redirected to $null to avoid output to logfile
& 'C:\Program Files\Quest Software\Quest Group Policy Manager\QGPMInit.ps1' -computerName $GPMHostname -portNumber $GPMPort > $null
#valid GPO status for import operation are Available or Check-out
$statusAvailable = [Quest.Avalanche.Enums.StatusType]::Available;
$statusCheckedOut = [Quest.Avalanche.Enums.StatusType]::CheckedOut;
$statusDeleted = [Quest.Avalanche.Enums.StatusType]::Deleted;
$statusError = [Quest.Avalanche.Enums.StatusType]::Error ;
$statusErrorNoWorkingCopy = [Quest.Avalanche.Enums.StatusType]::ErrorNoWorkingCopy ;
$statusPending = [Quest.Avalanche.Enums.StatusType]::Pending ;
$statusPendingDeployment = [Quest.Avalanche.Enums.StatusType]::PendingDeployment ;
$statusUnregistered = [Quest.Avalanche.Enums.StatusType]::Unregistered ;
Write-Output "----------------------------";
Write-Output "Beginning Preflight Check of GPM Server '$GPMHostname' on port $GPMPort ";
$iCounter = 0;
if (($GPOListCSV -eq "") -or ($GPOListCSV -eq $null))
{
# loop through all the objects in the data set and find the policy we want
foreach($currentGPO in $VCManager.GetControlledObjects("GPO"))
{
$iCounter = $iCounter + 1;
OutputGPOSettings $currentGPO;
}
}
else
{
# bring the file
$GPOList = Import-Csv $GPOListCSV;
# loop through all the objects in the data set and find the policy we want
:GPOLoopCSV foreach($currentGPO in $VCManager.GetControlledObjects("GPO"))
{
foreach ($GPOName in $GPOList)
{
if ($currentGPO.Name -eq $GPOName.GPOName )
{
$iCounter = $iCounter + 1;
OutputGPOSettings $currentGPO;
}
}
}
}
if ($foundGPO -eq $false)
{
Write-Output "No GPO named '$gpoName' was found.";
}
Write-Output "Preflight Completed";
Write-Output "----------------------------";
Comments on this entry are closed.