Ops Knowledge BaseThe Ops Stack
Toolchest/Scripting

Toolchest Topic

Scripting

Reusable PowerShell and command starters for repeatable admin work, quick checks, and practical automation.

Use this lane when you already understand the problem space and need the reusable operator asset, not just the concept page.

ScriptWindows Server HealthRead-only

Windows server health snapshot

A read-only Windows Server health snapshot that returns one compact row per host for uptime, disk pressure, memory headroom, stopped automatic services, and recent system errors.

Open item
ScriptWindows Server HealthRead-only

Disk space cleanup candidate report

A read-only disk-pressure report that captures low-space context and returns targeted cleanup candidates from known folders without deleting, compressing, or moving anything.

Open item
ScriptSecurity and Exposure ChecksRead-only

Certificate expiration scanner

A read-only certificate inventory that finds local-machine store certificates nearing expiration and captures certificates presented by known TLS endpoints for review.

Open item
ScriptWindows Server HealthRead-only

IIS site and binding inventory

A read-only IIS inventory that correlates sites, bindings, ports, host headers, app-pool identities, content paths, and certificate thumbprints for migration or renewal work.

Open item
ScriptFile, Backup, and Storage OperationsRead-only

File share permission audit

A read-only file share audit that records SMB share permissions, NTFS access, and ownership evidence for review.

Open item
ScriptActive Directory and IdentityRead-only

Service account usage finder

A read-only service account discovery pass for Windows services, scheduled tasks, and IIS application pools.

Open item
ScriptSecurity and Exposure ChecksRead-only

Windows firewall rule audit

A read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.

Open item
ScriptConnectivity and Network TriageRead-only

RDP failure triage script

A read-only RDP triage script pattern for DNS, TCP 3389, listener state, firewall evidence, sessions, and event logs.

Open item
ScriptActive Directory and IdentityRead-only

AD stale computer cleanup report

A read-only Active Directory stale computer report for last logon, OU, operating system, enabled state, and cleanup planning.

Open item
ScriptActive Directory and IdentityRead-only

All-DC lastLogon collector and stale-user evidence report

Collect non-replicated lastLogon values from every writable domain controller, calculate the newest observed logon per account, and export evidence suitable for stale-user or stale-computer cleanup decisions without relying on replicated lastLogonTimestamp alone.

Open item
ScriptSecurity and Exposure ChecksRead-only

Authenticated Users drive ACL scanner

PowerShell scanner that checks fixed local drives on Windows servers for root ACL entries where Authenticated Users have broad access. Produces console and CSV evidence so admins can review exposure before any ACL changes.

Open item
ScriptInventoryRead-only

RADIUS and NPS server detection report

Read-only PowerShell reporting script pattern to identify likely Microsoft NPS or other RADIUS-capable Windows servers using multiple evidence sources: NPS service presence, NPAS role/feature state, IAS/NPS event log activity, UDP 1812/1813 listener evidence, and registry indicators. Designed for migration discovery, audit support, and authentication troubleshooting.

Open item