-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathAD_SChannel_VerifyRepairPS.ps1
More file actions
74 lines (61 loc) · 2.19 KB
/
AD_SChannel_VerifyRepairPS.ps1
File metadata and controls
74 lines (61 loc) · 2.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#20150604 dc
#dchow[AT]xtecsystems.com
#usage run AD_SChannel_Verify.ps1
#Enter your domain admin credentials in DOMAIN\username format as prompted
#Use of nltest https://technet.microsoft.com/en-us/library/cc731935.aspx
#Didn't create an argument pass through; too lazy. Do it yourself.
Try
{
Import-Module ActiveDirectory -ErrorAction Stop
}
Catch
{
Write-Host "Install RSAT tools"; Break
}
#grab interactive creds
$creds = Get-Credential
$hostsArr = Get-ADComputer -Filter * | Select name
#convert arraytoString
#$hostsStr = $hostsArr | Out-String
ForEach ($i in $hostsArr)
{
#Must use $i.Name method otherwise pulls array in all at once
Invoke-Command -ComputerName $i.Name -Credential $creds -ThrottleLimit 15 -ScriptBlock `
{
#Replace MYDOMAINHERE.COM with your domain
nltest /sc_verify:MYDOMAINHERE.COM
} -Verbose 2>> "problemhosts.tmp"
#For use in case you want to stderror or stdout to diff files
#>> "C:\good.txt" 2>> "C:\bad.txt"
#For use in case you want to stderror or stdout to same file
#2>&1 >> "C:\results.txt"
}
#Too lazy to try this in memory. Do it in a file.
Get-Content "problemhosts.tmp" | Select-String -pattern "\[(.+[^\[\]])\]" | Select Matches `
| "resethosts.tmp"
#Going back to an Array
$problemHostsArr = Get-Content "resethosts.tmp" | % {$_.Trim("{[ ]}") }
ForEach ($j in $problemHostsArr)
{
Invoke-Command -ComputerName $j.Name -Credential $creds -ThrottleLimit 15 -ScriptBlock `
{
#Replace MYDOMAINHERE.COM with your domain
nltest /sc_reset:MYDOMAINHERE.COM
} -Verbose 2>&1 >> "sChannelResetResults.log"
}
#Standard out the results
$problemhosts = Get-Content "problemhosts.tmp"
$problemresets = Get-Content "resethosts.tmp"
Write-Host "---"
Write-Host "Hosts that failed sChannel verification" -BackgroundColor "black" -ForegroundColor "yellow"
Write-Host "---"
Write-Host $problemhosts
Write-Host "---"
Write-Host "Hosts that failed sChannel reset" -BackgroundColor "yellow" -ForegroundColor "red"
Write-Host "---"
Write-Host $problemresets
Write-Host "---"
Write-Host "Error log: sChannelResetResults.log"
#Clean up files
Remove-Item "problemhosts.tmp"
Remove-Item "resethosts.tmp"