Powershell compliance reports

Hello EE,

I am looking for some powershell scripts available that will report on Access security formatted for the general competencies such as PCI or IT general Control listing . In summary , something to pull all the AD and preferably SQL access and formatted in excel or a table to drop into any required documents .

Thanks.
davesnbAsked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
Maybe something of a recursive read
https://4sysops.com/archives/display-access-rights-on-active-directory-ous-with-powershell/
there is a free scanner per se
Once the GUI is running, you can directly connect to your AD domain; loading the Active Directory PowerShell module is not required. Next, you have to select the AD object for which you want to retrieve the permissions. In AD ACL Scanner’s Advanced section, you can set several options, such as the scan type (DACL or SACL) and the scan depth (OUs, containers, all objects).
https://4sysops.com/archives/ad-acl-scanner-easily-generate-active-directory-permissions-reports/
0
 
btanExec ConsultantCommented:
You probably can get from AD based on event id e.g. To access event logs, Windows PowerShell comes with Get-EventLog cmdlet. For example, define the start date, grab event log of warning and error from that date, select the fields desired, and send it into xls..

$now=get-date
$startdate=$now.adddays(-7)
$el = get-eventlog -ComputerName Serv1 -log System -After $startdate -EntryType Error, Warning
$el|Select EntryType, TimeGenerated, Source, EventID | Export-CSV eventlog.csv -NoTypeInfo

http://eventlogxp.com/blog/exporting-event-logs-with-windows-powershell/

I see it more of object access event so need to check for the ID. In short, depending which audit enabled and application specific log with the specific id, the PS can be use to grab and print to xls.
0
 
davesnbAuthor Commented:
I am looking for something more for access control , so Active Directory reporting
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

 
btanExec ConsultantCommented:
There are also access event log for AD access if that is what you are looking at. For e.g.
https://blogs.technet.microsoft.com/heyscriptingguy/2012/03/12/use-powershell-to-explore-active-directory-security/
0
 
davesnbAuthor Commented:
I am using Add-PSSnapin Quest.ActiveRoles.ADManagement module now to pull a lot of this data, I wondered if there is a script already created to provide all group roles , and user roles in a domain
0
 
Gary DewrellSenior Network AdministratorCommented:
0
 
davesnbAuthor Commented:
ok thanks for the info guys!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.