<# SCRIPT 16 - WEB APPLICATION16 - WEB APPLICATION CONFIGURATION REPORT" -ForegroundColor CyanSCRIPT 16 - WEB APPLICATION CONFIGURATION REPORT Write-Host "READ-ONLY - NO CHANGES ARE MADE" -ForegroundColor Green Write-Host "" # ----------------------------- # Load SharePoint Snap-in # ----------------------------- try { if (-not (Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue)) { Add-PSSnapin "Microsoft.SharePoint.PowerShell" } } catch { throw "Run in SharePoint Management Shell. Error: $($_.Exception.Message)" } # ----------------------------- # Output Setup # ----------------------------- $outDir = Split-Path -Path $OutputCsv -Parent if ([string]::IsNullOrWhiteSpace($outDir)) { throw "Provide full OutputCsv path (example: C:\Temp\WebAppConfig.csv)" } if (-not (Test-Path $outDir)) { New-Item -Path $outDir -ItemType Directory -Force | Out-Null } $timestamp = (Get-Date).ToString("yyyyMMdd_HHmmss") $baseName = [System.IO.Path]::GetFileNameWithoutExtension($OutputCsv) $summaryPath = Join-Path $outDir "$baseName`_Summary_$timestamp.csv" $logPath = Join-Path $outDir "$baseName`_RunLog_$timestamp.txt" $errorPath = Join-Path $outDir "$baseName`_Errors_$timestamp.csv" # ----------------------------- # Logging Helpers # ----------------------------- $log = New-Object System.Collections.Generic.List[string] $errors = New-Object System.Collections.Generic.List[object] function Log($msg){ $line = "[{0}] {1}" -f (Get-Date -Format "yyyy-MM-dd HH:mm:ss"), $msg $log.Add($line) | Out-Null Write-Host $line } function Add-Error($scope, $msg){ $errors.Add([pscustomobject]@{ Timestamp = Get-Date Scope = $scope Message = $msg }) | Out-Null } # ----------------------------- # Prompt # ----------------------------- if (-not $NoPrompt) { Write-Host "This script inventories Web Application configuration." -ForegroundColor Yellow if ((Read-Host "Type YES to continue") -ne "YES") { return } } # ----------------------------- # Risk Model # ----------------------------- function Get-RiskLevel { param($AuthType, $UseSSL) if ($UseSSL -eq $false) { return "High" } if ($AuthType -notmatch "NTLM|Negotiate") { return "Medium" } return "Low" } function Get-Score { param($risk) switch ($risk) { "High" { 30 } "Medium" { 60 } "Low" { 90 } default { 50 } } } function Get-Recommendation { param($risk) switch ($risk) { "High" { "Enable SSL. Review security configuration before migration." } "Medium" { "Validate authentication providers and zone configuration." } "Low" { "Configuration acceptable for migration baseline." } } } # ----------------------------- # Main Execution # ----------------------------- $results = New-Object System.Collections.Generic.List[object] try { $webApps = Get-SPWebApplication Log "Found $($webApps.Count) web applications" } catch { Add-Error "WebAppDiscovery" $_.Exception.Message throw } foreach ($app in $webApps) { try { Log "Processing Web App: $($app.Url)" $appPool = $app.ApplicationPool.Name $dbServer = $app.ContentDatabases[0].Server $managedPaths = ($app.ManagedPaths | ForEach-Object { $_.RelativeUrl }) -join ";" # Zones (Default, Intranet, etc.) foreach ($zone in [Microsoft.SharePoint.Administration.SPUrlZone]::GetValues([Microsoft.SharePoint.Administration.SPUrlZone])) { try { $iis = $app.IisSettings[$zone] if ($iis -ne $null) { $authProviders = Get-SPAuthenticationProvider -WebApplication $app -Zone $zone -ErrorAction SilentlyContinue $authType = ($authProviders | ForEach-Object { $_.DisplayName }) -join ";" $url = $iis.ServerComment $port = $iis.Port $ssl = $iis.SecureBindings $host = $iis.ServerComment $risk = Get-RiskLevel -AuthType $authType -UseSSL $ssl $results.Add([pscustomobject]@{ WebAppName = $app.Name WebAppUrl = $app.Url Zone = $zone Port = $port UseSSL = $ssl Authentication = $authType AppPool = $appPool DatabaseServer = $dbServer ManagedPaths = $managedPaths RiskLevel = $risk Score = Get-Score $risk Category = "WebAppConfiguration" ActionRecommendation = Get-Recommendation $risk }) | Out-Null } } catch { Add-Error $app.Url $_.Exception.Message } } } catch { Add-Error $app.Url $_.Exception.Message } } # ----------------------------- # Export Reports # ----------------------------- $results | Export-Csv -Path $OutputCsv -NoTypeInformation -Encoding UTF8 $results | Group-Object RiskLevel | ForEach-Object { [pscustomobject]@{ RiskLevel = $_.Name Count = $_.Count } } | Export-Csv -Path $summaryPath -NoTypeInformation -Encoding UTF8 $log | Set-Content $logPath if ($errors.Count -gt 0) { $errors | Export-Csv -Path $errorPath -NoTypeInformation -Encoding UTF8 Write-Host "ERROR REPORT: $errorPath" -ForegroundColor Yellow } Write-Host "DETAIL REPORT: $OutputCsv" -ForegroundColor Green Write-Host "SUMMARY REPORT: $summaryPath" -ForegroundColor Green Write-Host "RUN LOG: $logPath" -ForegroundColor Green Write-Host "Complete." -ForegroundColor Green READ-ONLY | SAFE FOR PRODUCTION | GCC COMPATIBLE #> [CmdletBinding()] param( [Parameter(Mandatory = $true)] [string]$OutputCsv, [switch]$NoPrompt ) Set-StrictMode -Version Latest $ErrorActionPreference = "Stop"