Dynamic Infrastructure Documentation with Powershell – Part 1 – You are here now
When I have asked my students or other IT Admins if they are using some kind of documentation system for the server infrastructure and most commonly I hear the word “Almost” but when I ask them if it is up to date I hear the word “Almost”. Well the word “Almost” is maybe almost nothing. So why is it like this, why don´t these IT Admins have fully functional documentation of the infrastructure and up to date all the time. I certainly don´t think they are lazy but I think the problem is that the infrastructure is changing to often and they forget to write so they try as they can to update the documentation but somehow fail because the environment changed at the same time as the IT guy was writing last changes. I looked all over the internet for something that would maybe help with having the documentation somewhat dynamic, but I could not find anything. The most best solution I could find was documentation system that would allow IT Admins to write documents in collaboration mode. Maybe I there is something out there that would help IT Admins. So I made a decision to make a little blog on if I could do a dynamic documentation of the infrastructure by only using Powershell. This blog will be in a few parts and each part I will add more requirements and features that would help me to build a dynamic documentation of the infrastructure.
First lets look at what the requirements are to do the documentation in this part :
- I need to get the total number of physical users in the environment. Now when I say physical users that are the employee accounts that are actively using the user.
- I need to get the total number of service accounts, on what servers and what service the service account is running on.
- I will need to figure out what servers all users have administrative rights on and what users have Remote access to the server.
- I will need to figure out what users are a part of administrative groups such as domain admins.
- I will need to figure out what software is installed in the environment and when the software was installed.
- I will need to figure out what IP addresses, MAC Addresses are set to the servers and maybe figure out if the server is on different VLAN.
- I will need to scan for new servers and get those information above.
- I will need to get software installed and when it was installed.
I will need to build a test environment to be able to get this information, in this scenario will create the following servers and all of them will be Windows Server 2016 Standard Evaluation.
- TSTAD01 – Active Directory Server will include about 250 active users, 100 disabled users, 10 service users
- TSTDFS01 – Will be an Distributed File System with data disk and will contain shares for users, public shares, application shares and some other neat stuff.
- TSTSQL01 – Will be an SQL Server running SQL Server 2016 Standard Evaluation with 10 databases. The databases will include SQL user, Windows User or a Windows Group or all of them.
- TSTMAIL01 – Will include Exchange 2016 Standard Evaluation with 100 Mailboxes, 50 Shared mailboxes and 50 Resource accounts.
- TSTRDS01 – Will include Remote Desktop Services installed and Office 2016 Evaluation.
- TSTIIS01 – Will be an Internet Information Server containing some internal website.
- TSTMGM01 – Will be a management server for the IT Admins and will only contain the remote management software to connect to servers and services.
- TSTDPM01 – Will be a backup server containing System Center Data Protection Manager 2016 Evaluation.
- TSTMON01 – Will be a monitoring system, I have not decided yet what I would use at this point.
On TSTMGM01 we need to create the Database, just use default settings and let everything be as it is and use this query in Microsoft SQL Server Management Studio:
Next create a table named ADUsersCount with the columns ID, UserCount, UserType, UserCostCenter and DateCreated. Just to clarify what each of these columns do is that ID is the primary key and will auto increment each time you add a new row, the UserCount will be counted users using Powershell, the UserType will be used for the type of the user i.e. if the user is ServiceUser or any kind of special users you want, the UserCostCenter will be just the department who owns the users and the DateCreated is to add new field for the Users so you can create a history of the userstatus. In Microsoft SQL Server Management Studio please run a query and this code:
USE DynamicDocumentationDB; GO CREATETABLE ADUsersCount ( [ID] intIDENTITY(1,1) PRIMARY KEYNOTNULL, [UserCount] intNOTNULL, [UserType] varchar(50) NOTNULL, [UserCostCenter] varchar(50) NOTNULL, [DateCreated] DATETIME DEFAULTCURRENT_TIMESTAMP )
- Create a folder on Management machine TSTMAN01 on C: drive named DynamicDocumentation.
- Create a child folder in DynamicDocumentation named Dependencies and create a file named DEPMSSQLActions.psm1
- Create another folder in DynamicDocumentation named Settings and create a file named GlobalVariables.psm1
- Create another folder in DynamicDocumentation named Tasks.
- Create another folder in DynamicDocumentation folder named Debug and create a file named Debug-SQL.psm1
Now we can start developing the actual Powershell code. In this code there will be few functions you can run and each of the function has different scenarios. On the management machine open up ISE Powershell Studio and open up the DEPMSSQLActions.psm1 and add this code.
Next open up GlobalVariables.psm1 and add the following code. This will include three types of database names if you want to have different types of databases i.e. development, test and production.
Now for the last Powershell script in this part open up the Debug-SQL.ps1 and add the following code
Next part we will continue with our scripts and add Active Directory functions. When all the parts are finished I will add all of the codes to git or similar solution where you can download it.
If you have any questions or you want me to write a dynamic documentation system for your environment you can contact me through LinkedIn or where I work at www.advania.is
End of Part 1
Complete repository on