PortQry ALL Domain Controllers using #Powershell

So I don’t trust my network guys (sorry) as they say all ports are open but think they is not telling me the trust.

So knocked this up to test. You need to download PortQry from here: http://www.microsoft.com/en-us/download/details.aspx?id=17148

Change $PortQryExe to the location of the .exe

$matrix = @()
$PortQryExe = “Y:ToolsPortQryV2PortQry.exe”
$Ports2Scan = “udp-389″, “tcp-389″, “tcp-135″, “udp-135″, “udp-88″, “tcp-88″, “udp-445″, “tcp-445″, “tcp-1025″
$PortCnt = $Ports2Scan.count
$Fields = @();$fields += “Server”; $fields += $Ports2Scan

Write-Host “`nGetting Domain Controllers [$Server]”
$forest = [System.DirectoryServices.ActiveDirectory.Forest]::getcurrentforest()
$domains = $forest.domains
$servers = @()
$intDCcnt = 0
ForEach($Domain in $domains){
Write-Host $Domain.Name
$tmpDCs = $Domain.DomainControllers
ForEach($tmpDC in $tmpDCs){$servers += $tmpDC.name;$intDCcnt ++}
Write-Host ” -$intDCcnt Found” -Foregroundcolor Green

ForEach($Server in $Servers){
Write-host $Server
$tmpMatrix = “” | Select $Fields
$tmpMatrix.Server = $Server
For($i=0;$i -le $PortCnt -1;$i++){
$tmpPort2Scan = ($Ports2Scan[$i]).split(“-”)
$Protocol = $tmpPort2Scan[0]
$port = $tmpPort2Scan[-1]
$cmd = $PortQryExe + ” -n ” + $Server + ” -p ” + $Protocol + ” -e ” + $port

Write-Host ” – $cmd”
$Output = Invoke-Expression $cmd
$Output = $Output | Where {$_}
$tmpOutput = “” | Select Host, Server, Protocol, Port, Service, Status, Result
$tmpOutput.Host = (HOSTNAME)
$tmpOutput.Server = $Server
$tmpOutput.Protocol = $Port.Protocol
$tmpOutput.Port = $Port.port
$tmpOutput.Result = $Output[-1]

$tmpSplit = $tmpOutput.Result.Split(“:”)
$tmpOutput.Service = $tmpSplit[0]
$tmpOutput.Status = $tmpSplit[-1].trim()
Write-host ” +-” $tmpOutput.Result

$tmpMatrix.($Ports2Scan[$i]) = $tmpOutput.Result
$matrix += $tmpMatrix


The result is an array that you can export to csv and use some excel love on it.


Get a List of InSite DCs from Eventlog

#MsExchange #Powershell

So I have been having a bit of fun (well not really). The company I am working for has multiple AD domains in a single forest and the users are spread over the domains.

To start with, with almost every Exchange Management Shell cmdlet I run I need to also run the following:

Set-AdServerSettings -ViewEntireForest $True

Now with mailbox move requests, the exchange servers are in one domain and the users in another. I wanted a way to take the output from the MSExchange ADAccess 2080 event in the application event log and generate an array I can then play with in a script. I then use the array to use the right DC with the -DomainController switch. I came up with this:

$Evt2080 = Get-EventLog Application -Source “MSExchange ADAccess” | where {($_.Category -eq “Topology”) -AND ($_.EventId -eq 2080)} | Select -first 1

$InSiteMatrix = @()
$Fields = “Server”, “Roles”, “Enabled”, “Reachability”, “Synchronized”, “GCcapable”, “PDC”, “SACLright”, “CriticalData”, “Netlogon”, “OSVersion”
$InSite = ($Evt2080.ReplacementStrings[-2]).Split(“`n”) | Where {$_}
ForEach($Item in $InSite){
$tmpMatrix = “” | Select $Fields
$tmpSplit = $item.Split(“`t”)
$tmpMatrix.Server = $tmpSplit[0]
If($tmpMatrix.Server -ne “”){
$tmpValues = $tmpSplit[-1].split(” “)
ForEach($thing in $tmpValues ){
$tmpMatrix.($Fields[$i]) = $thing
$InSiteMatrix += $tmpMatrix