Computer Auditing – Part 4 – Windows Services, DHCP Scopes, and IIS Websites

I’ve recently been looking at extending the standard set of auditing (from the previous scripts mentioned in Part 1, Part 2, and Part 3) to include DHCP scope information, and IIS-based website information.

Before getting into DHCP and IIS, I run an audit of all services, like this:

$getservices now contains all of your service information.

The next section gathers DHCP data, but checks the above variable, $getservices, for the DHCP Server service first.

I’ve used an “old-school” method to get the DHCP data, so that the script will work on all versions of PowerShell and Windows operating systems.  There are some very good DHCP cmdlets in the later versions of PowerShell, but I can’t rely on all servers having the newest/compatible version.

 

$getscopes should now look like this (assuming you have DHCP scopes configured):

 

For IIS websites, we first check the $features variable gathered from the previous script from Part 3, and then check for both IIS6 and II7+ version websites:

 

Assuming you have IIS websites configured, $getiis should have one or more entries, like this:

2 Comments Computer Auditing – Part 4 – Windows Services, DHCP Scopes, and IIS Websites

  1. olivier

    Hi Kamal,

    I follow regulary your post. Very interresting. But for this one, just a question : Why use netsh to query info about DCHP ? I know that Netsh is a swiss knife DOS cmd. but in 2020, using the cmdlets of DHCPServer PS module seems to be more appropriate.
    regards
    Olivier

    Reply
    1. Kamal

      Hi Olivier,
      I tried to articulate it in the post, but maybe I was being too subtle?

      In my experience (working across a lot of different companies) is that very few of them run the latest version of anything. Latest version (or even n-1 version) of Windows Server? Rare. Similarly, the PowerShell versions usually never get upgraded. Your experience might be different – but having the latest PS modules in place is an extremely rare sight for me, and upgrading PowerShell across hundreds or thousands of servers is also next to impossible to get any traction on.

      As an example, one of my recent assignments had me reviewing 160+ DHCP servers in a single domain (most running Server 2008 R2, and PowerShell v3 – but also some Windows Server 2003 in the mix). Not a small number of PS upgrades required.

      So, with that in mind, I (usually) am forced to write more “universal” and backwards-compatible PowerShell scripts that will work on any version of PowerShell and any version of Windows Server; in that way, I know they will always work and give me the results I need.

      It’s pretty frustrating not having the latest and greatest, but sometimes you just need to work within the boundaries of what’s in front of you.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *