Operations Toolchest

Useful tools without the ceremony.

Start with a focused script, reporting starter, practical app, or guided validation drill. Every free item is designed to solve a specific job on its own, with clearer upgrade paths reserved for work that genuinely needs more.

41 published tools4 focused collectionsSee what is coming

Choose A Starting Point

Browse by the kind of work

Complete Directory

All free tools

See recent additions

Scripting

Reusable PowerShell and command starters for repeatable admin work, quick checks, and practical automation.

View collection
PowerShell server connectivity quick checkA concise read-only connectivity triage script that separates DNS, ICMP reachability, and expected TCP-port failures before escalation.Connectivity and Network TriageRead-onlyWindows server health snapshotA read-only Windows Server health snapshot that returns one compact row per host for uptime, disk pressure, memory headroom, stopped automatic services, and recent system errors.Windows Server HealthRead-onlyPending reboot detection across Windows serversA read-only pending reboot check for Windows servers before patching, application installs, or maintenance-window closure.Patch and Reboot ReadinessRead-onlyCertificate expiration scannerA read-only certificate inventory that finds local-machine store certificates nearing expiration and captures certificates presented by known TLS endpoints for review.Security and Exposure ChecksRead-onlyIIS site and binding inventoryA read-only IIS inventory that correlates sites, bindings, ports, host headers, app-pool identities, content paths, and certificate thumbprints for migration or renewal work.Windows Server HealthRead-onlyLocal administrator group audit across Windows endpointsA read-only local administrator audit that records privileged group membership across Windows endpoints for review.Active Directory and IdentityRead-onlyFile share permission auditA read-only file share audit that records SMB share permissions, NTFS access, and ownership evidence for review.File, Backup, and Storage OperationsRead-onlyService account usage finderA read-only service account discovery pass for Windows services, scheduled tasks, and IIS application pools.Active Directory and IdentityRead-onlyWindows firewall rule auditA read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.Security and Exposure ChecksRead-onlyDNS resolution and reverse lookup auditA read-only DNS audit that compares forward and reverse lookup results across host lists and expected DNS servers.Connectivity and Network TriageRead-onlyInstalled Application Inventory for Windows EndpointsA read-only PowerShell inventory starter for collecting installed applications from local or remote Windows endpoints.InventoryRead-onlyRDP failure triage scriptA read-only RDP triage script pattern for DNS, TCP 3389, listener state, firewall evidence, sessions, and event logs.Connectivity and Network TriageRead-onlyRobocopy job template and log parserA safer Robocopy job template with dry-run review, log capture, exit-code interpretation, and migration evidence.File, Backup, and Storage OperationsChanges system stateRobocopy Job TemplateA safer starting point for repeatable Windows file copy jobs with logging and dry-run review.File ServicesChanges system stateAzure Arc bulk onboarding CSV and logging starterReusable starter for Azure Arc onboarding waves using a host CSV, dry-run expectations, per-host logging, and repeatable result tracking suitable for tickets, change records, and post-wave reporting.Hybrid Cloud OperationsRead-onlyAzure Update Manager patch wave planning templateOperator-ready planning template for Azure Update Manager patch waves covering scope, maintenance windows, reboot tolerance, exclusions, soak periods, rollback contacts, and stop-go criteria before scheduled patching.Hybrid Cloud OperationsRead-onlyAll-DC lastLogon collector and stale-user evidence reportCollect non-replicated lastLogon values from every writable domain controller, calculate the newest observed logon per account, and export evidence suitable for stale-user or stale-computer cleanup decisions without relying on replicated lastLogonTimestamp alone.Active Directory and IdentityRead-onlyAuthenticated Users drive ACL scannerPowerShell scanner that checks fixed local drives on Windows servers for root ACL entries where Authenticated Users have broad access. Produces console and CSV evidence so admins can review exposure before any ACL changes.Security and Exposure ChecksRead-only

Reporting

Foundations, helpers, templates, and report-oriented tools for turning raw checks into repeatable operator evidence.

View collection
Disk space cleanup candidate reportA read-only disk-pressure report that captures low-space context and returns targeted cleanup candidates from known folders without deleting, compressing, or moving anything.Windows Server HealthRead-onlyScheduled task inventory and failure reportA read-only scheduled task inventory that highlights failed runs, missed runs, disabled tasks, and ownership gaps.Windows Server HealthRead-onlyDHCP scope utilization reportA read-only DHCP scope report that surfaces high utilization, exhausted ranges, and cleanup candidates.Connectivity and Network TriageRead-onlyAD stale computer cleanup reportA read-only Active Directory stale computer report for last logon, OU, operating system, enabled state, and cleanup planning.Active Directory and IdentityRead-onlyIncident Note TemplateA compact operator note format for capturing symptoms, checks, decisions, and follow-up while the issue is fresh.Operations TemplatesChanges system stateAzure Update Manager compliance workbook starterStarter template for an Azure Workbook plus Resource Graph evidence pack that shows patch compliance, pending updates, unsupported coverage, and patch-group drift across Azure and Arc-enabled machines.Reporting and Evidence PacksRead-onlyRADIUS and NPS server detection reportRead-only PowerShell reporting script pattern to identify likely Microsoft NPS or other RADIUS-capable Windows servers using multiple evidence sources: NPS service presence, NPAS role/feature state, IAS/NPS event log activity, UDP 1812/1813 listener evidence, and registry indicators. Designed for migration discovery, audit support, and authentication troubleshooting.InventoryRead-onlyPowerShell HTML operations report starterConcrete PowerShell reporting pattern for turning host-check results into an HTML operations summary with a status rollup, per-host table, failure section, saved local artifacts, and optional email delivery.Reporting and Evidence PacksChanges system state

Apps

Built-in and third-party utilities worth keeping around when the workflow is better served by a purpose-built tool.

View collection

Guided Drills

Step-by-step validation drills for backup restores, access checks, readiness checks, and other proof work.

View collection
DNS and DHCP Health CheckA read-only DNS and DHCP triage checklist that captures client-side evidence, compares DNS paths, and narrows the failure domain before anyone flushes caches or changes records.DNS and DHCPRead-onlyRDP Connectivity ChecklistA structured check for RDP failures before changing firewall rules, user rights, or server policy.Remote AccessRead-onlyBackup Restore Drill Evidence ChecklistA restore-drill evidence template for proving backups are usable, measuring recovery time, and turning failed assumptions into repair tasks before an outage.Backup and RecoveryChanges system stateWindows Update Repair ChecksA staged Windows Update troubleshooting path that starts read-only and escalates only when needed.PatchingChanges system stateWindows Update readiness and repair evidence packA patch readiness and repair evidence pack for reboot state, servicing health, update logs, and approved repair actions.Patch and Reboot ReadinessChanges system stateAzure Arc onboarding preflight checklistPreflight checklist for onboarding Windows servers to Azure Arc. Confirms supported OS state, outbound connectivity, proxy/TLS behavior, local admin rights, target Azure placement, tagging, pilot scope, and rollback notes before any agent install.Hybrid Cloud OperationsRead-onlyInactive AD user disable review workflowTwo-phase review checklist for identifying inactive AD user accounts, validating inactivity evidence, applying exclusions, capturing approval, and preparing rollback details before any disable action.Active Directory and IdentityChanges system stateRobocopy migration cutover checklist and evidence packOperator checklist and evidence structure for file migration cutovers using Robocopy. Covers pre-copy checks, dry-run evidence, final sync readiness, exclusion review, validation samples, rollback details, and signoff artifacts suitable for tickets and change records.Migration and CutoverChanges system stateInternal IIS site rollout checklistOperator checklist for launching an internal IIS-hosted site with evidence capture for IIS role presence, site folder layout, bindings, app pool identity, DNS readiness, browser validation, and rollback notes.Application HostingRead-only

Disclosure: Some future recommendations may use affiliate links where available. Recommendations should stay practical, clearly labeled, and tied to operator use cases.