Merge pull request #22 from CriticalSolutionsNetwork/20-fix-property-order

20 fix property order

Author: DrIOSX

CHANGELOG.md

@@ -5,6 +5,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.9.2] - 2022-11-08
+
+### Fixed
+
+- Fixed ordered hashtable in departed users audit.
+- Fixed service principal name output.
+
+## [1.9.0] - 2022-11-08
+
 ### Fixed
 
 - Fixed line 36 of `Switch-SurnameWithGivenName` to `$HRCSV = Import-Csv $RosterCSV`

README.md

@@ -0,0 +1,113 @@
+## [1.9.2] - 2022-11-08
+
+### Fixed
+
+- Fixed ordered hashtable in departed users audit.
+- Fixed service principal name output.
+
+## [1.9.0] - 2022-11-08
+
+### Fixed
+
+- Fixed line 36 of `Switch-SurnameWithGivenName` to `$HRCSV = Import-Csv $RosterCSV`
+
+## [1.8.0] - 2022-11-08
+
+### Removed
+
+- Removed function `Format-HRRoster` to public functions to format roster for compare.
+
+### Added
+
+- Renamed function `Format-HRRoster` for clarity to `Switch-SurnameWithGivenName`.
+- Added `Get-NetworkScan` public function to scan subnets for hosts and open ports.
+
+## [1.6.1] - 2022-07-21
+
+### Added
+
+- Added Name parameter to `Get-ADDSActiveUsersAudit` and `Get-ADDSDepartedUsersAudit`
+
+## [1.5.4] - 2022-07-21
+
+### Fixed
+
+- Fixed Log output of ADDSActiveUserAudit function.
+- Fixed Release
+
+## [1.5.0] - 2022-05-16
+
+### Fixed
+
+- Fixed Timestamp unassigned variable.
+- Fixed unassigned time variables in public functions.
+
+## [1.4.0] - 2022-05-15
+
+### Fixed
+
+- Fixed output for export in Privileged Account Audit.
+
+## [1.3.0] - 2022-05-15
+
+### Added
+
+- Added FTP submission error handling.
+- Added Class `[ADAuditAccount]`
+
+## [1.2.0] - 2022-05-14
+
+### Added
+
+- Added Upload via WinSCP using private function `Submit-FTPUpload`
+
+## [1.1.0] - 2022-05-11
+
+### Added
+
+- Added proper attachment handling with multiple files.
+
+## [1.1.0-preview0001] - 2022-05-11
+
+### Added
+
+- Added proper attachment handling with multiple files.
+
+## [0.7.0] - 2022-05-11
+
+### Added
+
+- Added fixes to zip handling.
+
+## [0.6.5] - 2022-05-11
+
+### Added
+
+- Added extended rights to privileged account audit.
+- Added private function `Get-ADExtendedRight`
+
+### Changed
+
+- Changed how extended user rights are obtained.
+- Changed CSV and ZIP files names to sort by date.
+
+### Removed
+
+- Removed old method of retrieving AD privileged audit output.
+
+### Fixed
+
+- Fixed `Get-ADDSDepartedUsersAccountAudit` Not requiring wildcard.
+- Log output for csv export.
+- Log output filename for log file.
+
+### Security
+
+- In case of vulnerabilities.
+
+## [0.6.4] - 2022-05-09
+
+### Fixed
+
+- Fixed unused parameters in public functions.
+

ReleaseNotes.md

@@ -12,7 +12,12 @@ Remove-Item C:\temp\ADDS* -Recurse
 
 
 
-
+# Update Changelog
+# Update Manifest from Previous Module
+# git tag -a v1.0.0 -m "v1.0.0 Release"
+# Build / Test
+# Add Api Variables to session.
+# Build / Publish
 
 .\build.ps1 -tasks build,pack,publish -CodeCoverageThreshold 0
 

Unbuild.ps1 buildpak.ps1

@@ -2,7 +2,7 @@
 <!--
 <auto-generated>
   <synopsis>
-    This code was generated by a tool. on: 11/08/2022 16:57:48
+    This code was generated by a tool. on: 11/08/2022 19:25:50
   </synopsis>
   <description>
     If you'd like to regenerate the documentation, please open up powershell and run

docs/index.html

@@ -12,7 +12,7 @@
     RootModule        = 'ADDSAuditTasks.psm1'
 
     # Version number of this module.
-    ModuleVersion     = '1.7.1'
+    ModuleVersion     = '1.9.2'
 
     # Supported PSEditions
     # CompatiblePSEditions = @()
@@ -69,7 +69,7 @@
     # NestedModules = @()
 
     # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
-    FunctionsToExport = @('Get-ADDSActiveAccountAudit','Get-ADDSDepartedUsersAccountAudit','Get-ADDSPrivilegedAccountAudit','Get-ADUsersLastLogon')
+    FunctionsToExport = @('Get-ADDSActiveAccountAudit','Get-ADDSDepartedUsersAccountAudit','Get-ADDSPrivilegedAccountAudit','Get-ADUsersLastLogon','Get-NetworkScan','Switch-SurnameWithGivenName')
 
     # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
     CmdletsToExport   = @()
@@ -108,11 +108,12 @@
             IconUri      = 'https://csn-source.s3.us-east-2.amazonaws.com/CSN-Icon.png'
 
             # ReleaseNotes of this module
-            ReleaseNotes = '## [1.6.0] - 2022-07-21
+            ReleaseNotes = '## [1.9.2] - 2022-11-08
 
-### Added
+### Fixed
 
-- Added Name parameter to `Get-ADDSActiveUsersAudit` and `Get-ADDSDepartedUsersAudit`
+- Fixed ordered hashtable in departed users audit.
+- Fixed service principal name output.
 
 '
 
@@ -126,4 +127,4 @@
     # Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
     # DefaultCommandPrefix = ''
 
-}
+}

source/ADDSAuditTasks.psd1

@@ -236,8 +236,8 @@ function Get-ADDSPrivilegedAccountAudit {
                 @{N = 'PriviledgedGroup'; E = { $group } }, `
                 @{N = 'Enabled'; E = { (Get-ADUser -Identity $_.samaccountname).Enabled } }, `
                 @{N = 'PasswordNeverExpires'; E = { (Get-ADUser -Identity $_.samaccountname -Properties PasswordNeverExpires).PasswordNeverExpires } }, `
-                @{N = "LastSign-in"; E = { [DateTime]::FromFileTime((Get-ADUser -Identity $_.samaccountname -Properties lastLogonTimestamp).lastLogonTimestamp) } }, `
-                @{N = 'LastSeen?'; E = {
+                @{N = 'LastLogin'; E = { [DateTime]::FromFileTime((Get-ADUser -Identity $_.samaccountname -Properties lastLogonTimestamp).lastLogonTimestamp) } }, `
+                @{N = 'LastSeen'; E = {
                         switch ([DateTime]::FromFileTime((Get-ADUser -Identity $_.samaccountname -Properties lastLogonTimestamp).lastLogonTimestamp)) {
                             # Over 90 Days
                             { ($_ -lt $time90) } { '3+ months'; break }
@@ -262,30 +262,31 @@ function Get-ADDSPrivilegedAccountAudit {
                         } # end else
                     }
                 }, # End Named Expression SuspectedSvcAccount
-                Department, "AccessRequired?", "NeedMailbox?" -OutVariable members | Out-Null
+                Department, AccessRequired, NeedMailbox -OutVariable members | Out-Null
                 $ADUsers += $members
             }
             $Export = @()
             # Create $Export Object
             foreach ($User in $ADUsers) {
-                New-Object -TypeName PSCustomObject -Property @{
+                $hash = [ordered]@{
+                    PriviledgedGroup     = $User.PriviledgedGroup
                     SamAccountName       = $User.SamAccountName
                     Name                 = $User.Name
-                    PriviledgedGroup     = $User.PriviledgedGroup
-                    Enabled              = $User.Enabled
-                    PasswordNeverExpires = $User.PasswordNeverExpires
-                    SuspectedSvcAccount  = $User.SuspectedSvcAccount
-                    "LastSign-in"        = $User."LastSign-in"
-                    "LastSeen?"          = $User."LastSeen?"
+                    ObjectClass          = $User.ObjectClass
+                    LastLogin            = $User.LastLogin
+                    LastSeen             = $User.LastSeen
+                    GroupMemberships     = $User.GroupMemberships
                     Title                = $User.Title
                     Manager              = $User.Manager
                     Department           = $User.Department
                     OrgUnit              = $User.OrgUnit
-                    "AccessRequired?"    = $User."AccessRequired?"
-                    "NeedMailbox?"       = $User."NeedMailbox?"
-                    ObjectClass          = $User.ObjectClass
-                    GroupMemberships     = $User.GroupMemberships
-                } -OutVariable PSObject | Out-Null
+                    Enabled              = $User.Enabled
+                    PasswordNeverExpires = $User.PasswordNeverExpires
+                    SuspectedSvcAccount  = $User.SuspectedSvcAccount
+                    AccessRequired       = $false
+                    NeedMailbox          = $true
+                }
+                New-Object -TypeName PSCustomObject -Property $hash -OutVariable PSObject | Out-Null
                 $Export += $PSObject
             }
             # Create filenames
@@ -308,10 +309,11 @@ function Get-ADDSPrivilegedAccountAudit {
             # Export Delegated access, allowed protocols and Destination Serivces.
             $Export3 = Get-ADObject -Filter { (msDS-AllowedToDelegateTo -like '*') -or (UserAccountControl -band 0x0080000) -or (UserAccountControl -band 0x1000000) } `
                 -prop samAccountName, msDS-AllowedToDelegateTo, servicePrincipalName, userAccountControl | `
-                Select-Object DistinguishedName, ObjectClass, samAccountName, servicePrincipalName, `
-            @{name = 'DelegationStatus'; expression = { if ($_.UserAccountControl -band 0x80000) { 'AllServices' }else { 'SpecificServices' } } }, `
-            @{name = 'AllowedProtocols'; expression = { if ($_.UserAccountControl -band 0x1000000) { 'Any' }else { 'Kerberos' } } }, `
-            @{name = 'DestinationServices'; expression = { $_.'msDS-AllowedToDelegateTo' } }
+                Select-Object DistinguishedName, ObjectClass, samAccountName, `
+            @{N = 'servicePrincipalName'; E = { $_.servicePrincipalName -join " | " } }, `
+            @{N = 'DelegationStatus'; E = { if ($_.UserAccountControl -band 0x80000) { 'AllServices' }else { 'SpecificServices' } } }, `
+            @{N = 'AllowedProtocols'; E = { if ($_.UserAccountControl -band 0x1000000) { 'Any' }else { 'Kerberos' } } }, `
+            @{N = 'DestinationServices'; E = { $_.'msDS-AllowedToDelegateTo' } }
             # Try first export.
             Export-AuditCSVtoZip -Exported $Export -CSVName $csv -ZipName $zip -ErrorVariable ExportAuditCSVZipErr
             # Try second export.