Toolchest Topic

Scripting

Reusable PowerShell and command starters for repeatable admin work, quick checks, and practical automation.

Use this lane when you already understand the problem space and need the reusable operator asset, not just the concept page.

ScriptWindows Server HealthRead-only

Windows server health snapshot

A read-only Windows Server health snapshot that returns one compact row per host for uptime, disk pressure, memory headroom, stopped automatic services, and recent system errors.

ScriptSecurity and Exposure ChecksRead-only

Certificate expiration scanner

A read-only certificate inventory that finds local-machine store certificates nearing expiration and captures certificates presented by known TLS endpoints for review.

ScriptWindows Server HealthRead-only

IIS site and binding inventory

A read-only IIS inventory that correlates sites, bindings, ports, host headers, app-pool identities, content paths, and certificate thumbprints for migration or renewal work.

ScriptFile, Backup, and Storage OperationsRead-only

File share permission audit

A read-only file share audit that records SMB share permissions, NTFS access, and ownership evidence for review.

ScriptActive Directory and IdentityRead-only

Service account usage finder

A read-only service account discovery pass for Windows services, scheduled tasks, and IIS application pools.

ScriptSecurity and Exposure ChecksRead-only

Windows firewall rule audit

A read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.

ScriptConnectivity and Network TriageRead-only

RDP failure triage script

A read-only RDP triage script pattern for DNS, TCP 3389, listener state, firewall evidence, sessions, and event logs.

TemplateFile ServicesChanges system state

Robocopy Job Template

A safer starting point for repeatable Windows file copy jobs with logging and dry-run review.

TemplateHybrid Cloud OperationsRead-only

Azure Arc bulk onboarding CSV and logging starter

Reusable starter for Azure Arc onboarding waves using a host CSV, dry-run expectations, per-host logging, and repeatable result tracking suitable for tickets, change records, and post-wave reporting.

TemplateHybrid Cloud OperationsRead-only

Azure Update Manager patch wave planning template

Operator-ready planning template for Azure Update Manager patch waves covering scope, maintenance windows, reboot tolerance, exclusions, soak periods, rollback contacts, and stop-go criteria before scheduled patching.

ScriptActive Directory and IdentityRead-only

All-DC lastLogon collector and stale-user evidence report

Collect non-replicated lastLogon values from every writable domain controller, calculate the newest observed logon per account, and export evidence suitable for stale-user or stale-computer cleanup decisions without relying on replicated lastLogonTimestamp alone.

ScriptSecurity and Exposure ChecksRead-only

Authenticated Users drive ACL scanner

PowerShell scanner that checks fixed local drives on Windows servers for root ACL entries where Authenticated Users have broad access. Produces console and CSV evidence so admins can review exposure before any ACL changes.