Powershell : GPO Issues Assessment Script

This script is a diagnostic tool for Windows environments to troubleshoot connectivity issues between member servers and domain controllers. This script methodically assesses various aspects of domain controller connectivity, from basic network connectivity to advanced authentication mechanisms.

This will result if you wish to generate a HTML report and no read the log file as the following:

Key Features and Diagnostics

Domain Information Collection

The script begins by gathering basic information about your current domain environment, including the domain name, site information, and a list of available domain controllers with their roles.

Basic Connectivity Testing

It performs fundamental connectivity tests to each domain controller, including:

ICMP ping tests
TCP port connectivity checks for critical services (LDAP, Global Catalog, Kerberos, DNS, SMB, and RPC)

Active Directory Services Validation

Beyond basic connectivity, the script verifies that Active Directory services are functioning correctly:

LDAP binding tests
Query response time measurements
LDAPS (LDAP over SSL) connectivity
Global Catalog availability

DNS Functionality Testing

DNS is the backbone of Active Directory, so the script thoroughly tests DNS functionality:

Resolution of critical service records
SRV record validation for domain controllers, PDC, and Global Catalog servers
Reverse lookup validation
DNS server response time measurement

Group Policy Diagnostics

Group Policy depends on proper access to SYSVOL shares and specific registry keys:

SYSVOL access validation
Policy folder accessibility testing
Registry key access verification
Event log analysis for Group Policy processing events

ADFS Connectivity Testing

For organizations using Active Directory Federation Services, the script tests:

ADFS server connectivity
HTTPS accessibility
Federation metadata endpoints
SSL certificate validation

Authentication Testing

The script verifies that authentication mechanisms are working properly:

NETLOGON share access
Kerberos ticket acquisition
Secure channel validation
SMB connectivity with domain credentials

Event Log Analysis

To identify potential issues that might not be immediately apparent:

Collects critical events from System, Security, and Application logs
Focuses on authentication, Group Policy, DNS, and time service events
Summarizes error and warning event

Why would this script help me ?

Experiencing intermittent authentication issues
Group Policy settings aren't applying correctly
After network changes that might affect domain communication
During Active Directory health checks
When onboarding new servers to verify proper domain integration
After domain controller maintenance or changes

By running this script proactively and addressing the issues it identifies, you can ensure smoother operations and minimize downtime related to domain controller connectivity problems.

Note : This script is compatible with PowerShell 3.0 and above, and should be run with administrative privileges on a domain-joined computer.

Script : GPOAnalyserwithEventID.ps1

This script is available only if request the script using scripts@a6n.co.uk as its rather large to include in a blog post

However when it runs it will look like this, this is the DC discovery part, however I cannot go into more than this as its redacted for security:

This will also produce a log file which will log all the checks

======================================================

Domain Controller Connectivity and Services Test Script

Started: 2025-03-03 11:58:59

Computer: BWrkSta01

User: Lee.Croucher

======================================================

[2025-03-03 11:58:59] [INFO] SECTION 1: Collecting Domain Information

[2025-03-03 11:59:00] [INFO] Current Domain: bear.cloud

[2025-03-03 11:59:00] [INFO] Current Site: Azure

[2025-03-03 11:59:04] [INFO] Found 9 domain controllers

[2025-03-03 11:59:04] [INFO] DC: beardc5.bear.cloud, Site: Datacentre, Roles: SchemaRole, NamingRole, PdcRole, RidRole, InfrastructureRole

[2025-03-03 11:59:04] [INFO] DC: beardc3.bear.cloud, Site: London, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc4.bear.cloud, Site: SFO, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc6.bear.cloud, Site: NYC, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc7.bear.cloud, Site: Azure, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc1.bear.cloud, Site: MCO, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc2.bear.cloud, Site: ATL, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc8.bear.cloud, Site:LGW, Roles:

[2025-03-03 11:59:04] [INFO] DC: beardc9.bear.cloud, Site: Azure, Roles:

[2025-03-03 11:59:04] [INFO] SECTION 2: Testing Basic Connectivity to Domain Controllers

[2025-03-03 11:59:04] [INFO] Testing connectivity to beardc5.bear.cloud...

[2025-03-03 11:59:07] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:07] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:07] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:07] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:08] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:08] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:08] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:08] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:08] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:08] [INFO] Testing connectivity to beardc3.bear.cloud...

[2025-03-03 11:59:12] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:12] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:12] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:12] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:12] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:12] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:12] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:12] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:12] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:12] [INFO] Testing connectivity to beardc4.bear.cloud...

[2025-03-03 11:59:15] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:15] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:16] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:16] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:16] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:16] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:16] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:16] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:16] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:16] [INFO] Testing connectivity to beardc6.bear.cloud...

[2025-03-03 11:59:19] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:19] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:19] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:20] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:20] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:20] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:20] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:20] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:20] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:20] [INFO] Testing connectivity to beardc7.bear.cloud...

[2025-03-03 11:59:23] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:23] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:23] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:23] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:23] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:23] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:23] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:24] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:24] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:24] [INFO] Testing connectivity to beardc1.bear.cloud...

[2025-03-03 11:59:27] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:27] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:27] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:27] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:27] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:27] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:27] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:27] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:27] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:27] [INFO] Testing connectivity to beardc2.bear.cloud...

[2025-03-03 11:59:31] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:31] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:31] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:31] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:31] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:31] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:31] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:31] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:31] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:31] [INFO] Testing connectivity to beardc8.bear.cloud...

[2025-03-03 11:59:34] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:35] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:35] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:35] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:35] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:35] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:35] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:35] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:35] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:35] [INFO] Testing connectivity to beardc9.bear.cloud...

[2025-03-03 11:59:38] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:39] [SUCCESS] LDAP (Port 389): Success

[2025-03-03 11:59:39] [SUCCESS] Kerberos (Port 88): Success

[2025-03-03 11:59:39] [SUCCESS] SMB (Port 445): Success

[2025-03-03 11:59:39] [SUCCESS] LDAPS (Port 636): Success

[2025-03-03 11:59:39] [SUCCESS] DNS (Port 53): Success

[2025-03-03 11:59:39] [SUCCESS] RPC (Port 135): Success

[2025-03-03 11:59:39] [SUCCESS] Global Catalog (Port 3268): Success

[2025-03-03 11:59:39] [SUCCESS] Global Catalog SSL (Port 3269): Success

[2025-03-03 11:59:39] [INFO] SECTION 3: Testing Active Directory Services

[2025-03-03 11:59:39] [INFO] Testing AD services on beardc5.bear.cloud...

[2025-03-03 11:59:39] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:39] [SUCCESS] AD Query Response Time: 47.7203 ms

[2025-03-03 11:59:39] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:39] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:39] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:39] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:40] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:40] [INFO] Testing AD services on beardc3.bear.cloud...

[2025-03-03 11:59:40] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:40] [SUCCESS] AD Query Response Time: 47.773 ms

[2025-03-03 11:59:40] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:40] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:40] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:40] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:40] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:40] [INFO] Testing AD services on beardc4.bear.cloud...

[2025-03-03 11:59:40] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:40] [SUCCESS] AD Query Response Time: 48.437 ms

[2025-03-03 11:59:40] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:40] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:40] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:40] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:40] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:40] [INFO] Testing AD services on beardc6.bear.cloud...

[2025-03-03 11:59:40] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:41] [SUCCESS] AD Query Response Time: 47.6749 ms

[2025-03-03 11:59:41] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:41] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:41] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:41] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:41] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:41] [INFO] Testing AD services on beardc7.bear.cloud...

[2025-03-03 11:59:41] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:41] [SUCCESS] AD Query Response Time: 5.1102 ms

[2025-03-03 11:59:41] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:41] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:41] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:41] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:41] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:41] [INFO] Testing AD services on beardc1.bear.cloud...

[2025-03-03 11:59:41] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:41] [SUCCESS] AD Query Response Time: 50.0952 ms

[2025-03-03 11:59:41] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:41] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:41] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:41] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:41] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:41] [INFO] Testing AD services on beardc2.bear.cloud...

[2025-03-03 11:59:41] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:41] [SUCCESS] AD Query Response Time: 50.8016 ms

[2025-03-03 11:59:41] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:41] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:41] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:41] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:42] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:42] [INFO] Testing AD services on beardc8.bear.cloud...

[2025-03-03 11:59:42] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:42] [SUCCESS] AD Query Response Time: 56.7318 ms

[2025-03-03 11:59:42] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:42] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:42] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:42] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:42] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:42] [INFO] Testing AD services on beardc9.bear.cloud...

[2025-03-03 11:59:42] [SUCCESS] LDAP Binding: Success

[2025-03-03 11:59:42] [SUCCESS] AD Query Response Time: 7.6205 ms

[2025-03-03 11:59:42] [INFO] Testing LDAPS connection with enhanced diagnostics...

[2025-03-03 11:59:42] [SUCCESS] LDAPS Port Connectivity: Success - Port 636 is open

[2025-03-03 11:59:42] [SUCCESS] LDAPS Connection: Success (Port connectivity verified)

[2025-03-03 11:59:42] [INFO] Note: Full LDAPS binding not attempted - only port connectivity verified

[2025-03-03 11:59:42] [SUCCESS] Global Catalog Connection: Success

[2025-03-03 11:59:42] [INFO] SECTION 4: Testing DNS Functionality

[2025-03-03 11:59:42] [INFO] Discovered DNS Servers: <redacted>

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for 'bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for 'gc._msdcs.bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for '_ldap._tcp.bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for '_kerberos._tcp.bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for '_kpasswd._tcp.bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for 'DomainDnsZones.bear.cloud': Success

[2025-03-03 11:59:42] [SUCCESS] DNS Resolution for 'ForestDnsZones.bear.cloud': Success

[2025-03-03 11:59:43] [SUCCESS] SRV Record for '_ldap._tcp.dc._msdcs.bear.cloud': Success

[2025-03-03 11:59:43] [INFO] - beardc6.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc9.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc8.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc2.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc4.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc1.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc5.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc3.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc7.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - : (Priority: , Weight: )

[2025-03-03 11:59:43] [SUCCESS] SRV Record for '_ldap._tcp.pdc._msdcs.bear.cloud': Success

[2025-03-03 11:59:43] [INFO] - beardc5.bear.cloud:389 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - : (Priority: , Weight: )

[2025-03-03 11:59:43] [SUCCESS] SRV Record for '_ldap._tcp.gc._msdcs.bear.cloud': Success

[2025-03-03 11:59:43] [INFO] - beardc6.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc5.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc9.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc2.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc8.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc3.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc4.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc1.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc7.bear.cloud:3268 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - : (Priority: , Weight: )

[2025-03-03 11:59:43] [SUCCESS] SRV Record for '_kerberos._tcp.dc._msdcs.bear.cloud': Success

[2025-03-03 11:59:43] [INFO] - beardc9.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc7.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc8.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc3.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc6.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc2.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc5.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc4.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - beardc1.bear.cloud:88 (Priority: 0, Weight: 100)

[2025-03-03 11:59:43] [INFO] - : (Priority: , Weight: )

[2025-03-03 11:59:43] [INFO] Reverse Lookup for local IP (10.245.161.136): st1w1622.bear.cloud

[2025-03-03 11:59:43] [SUCCESS] DNS Server 10.82.11.10 Response Time: 28.8355 ms

[2025-03-03 11:59:43] [SUCCESS] DNS Server 10.82.11.11 Response Time: 2.9988 ms

[2025-03-03 11:59:43] [SUCCESS] DNS Server 10.82.11.12 Response Time: 23.5243 ms

[2025-03-03 11:59:43] [SUCCESS] DNS Server 10.82.11.13 Response Time: 25.8015 ms

[2025-03-03 11:59:43] [SUCCESS] DNS Server 10.82.11.14 Response Time: 18.1222 ms

[2025-03-03 11:59:43] [INFO] SECTION 5: Testing Group Policy Connectivity

[2025-03-03 11:59:43] [SUCCESS] SYSVOL Access: Success - Can access \\bear.cloud\SYSVOL\bear.cloud

[2025-03-03 11:59:43] [SUCCESS] Policies Folder Access: Success - Can access \\bear.cloud\SYSVOL\bear.cloud\Policies

[2025-03-03 11:59:43] [INFO] Found 408 policy folders in SYSVOL

[2025-03-03 11:59:43] [SUCCESS] Policy {FBE19580-793D-4565-891B-668E06B9F681}: Full access (Machine and User folders)

[2025-03-03 11:59:43] [SUCCESS] Policy {2A1D04DC-7AF4-46A5-BA1D-32F8FCF64FFA}: Full access (Machine and User folders)

[2025-03-03 11:59:43] [SUCCESS] Policy {DC93E20B-8839-4E24-9FBE-BE10A743A710}: Full access (Machine and User folders)

[2025-03-03 11:59:43] [SUCCESS] Policy {E173D600-B208-49DB-9A7F-FFA0B7D78C2D}: Full access (Machine and User folders)

[2025-03-03 11:59:43] [SUCCESS] Policy {C6BF6C5D-2CF6-44D7-942B-B3156876BF6B}: Full access (Machine and User folders)

[2025-03-03 11:59:43] [SUCCESS] Registry Key Access: Success - Can access HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions

[2025-03-03 11:59:43] [INFO] Registry Key Access: Info - Cannot directly access HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GroupPolicy

[2025-03-03 11:59:43] [INFO] Note: This is normal on client systems as the key is often restricted for security

[2025-03-03 11:59:43] [INFO] Group Policy Events: No GP processing events found in the last 7 days

[2025-03-03 11:59:43] [INFO] SECTION 6: Testing ADFS Connectivity and Operations

[2025-03-03 11:59:43] [INFO] Testing connectivity to ADFS server (adfs.croucher.cloud)...

[2025-03-03 11:59:46] [SUCCESS] ICMP (Ping): Success

[2025-03-03 11:59:47] [INFO] Testing ADFS HTTPS connectivity...

[2025-03-03 11:59:47] [SUCCESS] HTTPS (Port 443): Success

[2025-03-03 11:59:47] [INFO] Testing ADFS backend services...

[2025-03-03 11:59:49] [SUCCESS] HTTP (Port 80): Success - Available on backend servers

[2025-03-03 11:59:52] [SUCCESS] WS-Trust TCP (Port 49443): Success - Available on backend servers

[2025-03-03 11:59:52] [SUCCESS] DNS Resolution: Success

[2025-03-03 11:59:52] [INFO] - Resolved to: 10.243.14.1

[2025-03-03 11:59:52] [INFO] Proxy settings configured to bypass proxy for ADFS traffic

[2025-03-03 11:59:52] [INFO] Note: Skipping testing of ADFS backend servers as they may not be directly accessible

[2025-03-03 11:59:52] [INFO] Testing endpoint https://adfs.croucher.cloud/adfs/ls/ (Timeout: 5s)...

[2025-03-03 11:59:52] [SUCCESS] Endpoint https://adfs.croucher.cloud/adfs/ls/: Success (91.987 ms) - Status: OK

[2025-03-03 11:59:52] [INFO] Testing endpoint https://adfs.croucher.cloud/adfs/services/trust/mex (Timeout: 5s)...

[2025-03-03 11:59:52] [SUCCESS] Endpoint https://adfs.croucher.cloud/adfs/services/trust/mex: Success (16.1008 ms) - Status: OK

[2025-03-03 11:59:52] [INFO] Testing endpoint https://adfs.croucher.cloud/FederationMetadata/2007-06/FederationMetadata.xml (Timeout: 5s)...

[2025-03-03 11:59:52] [SUCCESS] Endpoint https://adfs.croucher.cloud/FederationMetadata/2007-06/FederationMetadata.xml: Success (103.1923 ms) - Status: OK

[2025-03-03 11:59:52] [INFO] SSL Certificate: Checking certificate...

[2025-03-03 11:59:52] [INFO] SSL Certificate Details:

[2025-03-03 11:59:52] [INFO] Subject: CN=adfs.croucher.cloud, O=BearVille, L=London, C=GB

[2025-03-03 11:59:52] [INFO] Valid From: 07/17/2024 19:59:02

[2025-03-03 11:59:52] [INFO] Valid To: 07/25/2025 19:59:01

[2025-03-03 11:59:52] [INFO] Days Until Expiration: 144

[2025-03-03 11:59:52] [SUCCESS] Certificate Expiration: OK - 144 days remaining

[2025-03-03 11:59:52] [INFO] Network path trace to ADFS server:

[2025-03-03 11:59:53] [INFO] Path has 11 hops

[2025-03-03 11:59:53] [INFO] Proxy settings restored to original configuration

[2025-03-03 11:59:53] [INFO] SECTION 7: Testing Authenticated Access to Domain Resources

[2025-03-03 11:59:53] [SUCCESS] NETLOGON Access: Success - Can access \\bear.cloud\NETLOGON

[2025-03-03 11:59:53] [SUCCESS] NETLOGON Content: Success - Can list 15 items

[2025-03-03 11:59:53] [INFO] Testing Kerberos authentication...

[2025-03-03 11:59:53] [SUCCESS] Kerberos Secure Channel: Success - Secure channel with beardc5.bear.cloud is intact

[2025-03-03 11:59:53] [SUCCESS] Kerberos Tickets: Success - Kerberos tickets found in cache

[2025-03-03 11:59:54] [SUCCESS] Kerberos Network Authentication: Success - Connected to beardc5.bear.cloud with domain credentials

[2025-03-03 11:59:56] [SUCCESS] Net Use Authentication: Success - Connected to \\beardc5.bear.cloud\SYSVOL

[2025-03-03 11:59:57] [INFO] SECTION 7B: Collecting Critical Event Logs

[2025-03-03 11:59:57] [INFO] Collecting events from the last 48 hours (since 2025-03-01 11:59:57)

[2025-03-03 11:59:57] [INFO] Checking Security event log...

[2025-03-03 11:59:57] [INFO] Account Logon: No events found in the last 48 hours

[2025-03-03 11:59:58] [INFO] Logon/Logoff: No events found in the last 48 hours

[2025-03-03 11:59:58] [INFO] Secure Channel: No events found in the last 48 hours

[2025-03-03 11:59:58] [INFO] Account Management: No events found in the last 48 hours

[2025-03-03 11:59:58] [INFO] Directory Service Access: No events found in the last 48 hours

[2025-03-03 11:59:58] [INFO] Checking System event log...

[2025-03-03 12:00:01] [INFO] Kerberos Authentication: Found 68 events

[2025-03-03 12:00:01] [WARNING] Kerberos Authentication: Found 64 error/warning events!

[2025-03-03 12:00:01] [WARNING] 2025-03-03 11:59:34 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:01] [WARNING] 2025-03-03 11:54:33 - Event ID 10016 - The application-specific permission settings do not grant Local [2025-03-03 12:00:18] [WARNING] 2025-03-03 11:49:31 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:21] [INFO] GroupPolicy: Found 1 events

[2025-03-03 12:00:23] [INFO] DNS Client: Found 1 events

[2025-03-03 12:00:25] [INFO] Time Service: Found 1 events

[2025-03-03 12:00:25] [WARNING] Time Service: Found 1 error/warning events!

[2025-03-03 12:00:25] [WARNING] 2025-03-03 11:59:34 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:27] [INFO] CAPI2: Found 63 events

[2025-03-03 12:00:27] [WARNING] CAPI2: Found 61 error/warning events!

[2025-03-03 12:00:27] [WARNING] 2025-03-03 11:59:34 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:27] [WARNING] 2025-03-03 11:54:33 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:27] [WARNING] 2025-03-03 11:49:31 - Event ID 10016 - The application-specific permission settings do not grant Local Activation permission for the COM Server application wit...

[2025-03-03 12:00:27] [INFO] Checking Application event log...

[2025-03-03 12:00:29] [INFO] ADFS/OAuth: Found 33 events

[2025-03-03 12:00:29] [WARNING] ADFS/OAuth: Found 4 error/warning events!

[2025-03-03 12:00:29] [WARNING] 2025-03-02 17:54:03 - Event ID 100 - Unknown DNS packet type 1000 from 10.243.180.200 :51046 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:29] [WARNING] 2025-03-02 17:54:02 - Event ID 100 - Unknown DNS packet type 1000 from 10.243.180.200 :51044 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:29] [WARNING] 2025-03-01 23:39:37 - Event ID 100 - Unknown DNS packet type 1000 from 10.245.162.5 :53533 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:33] [INFO] Schannel: Found 29 events

[2025-03-03 12:00:35] [INFO] Certificate Services: Found 45 events

[2025-03-03 12:00:35] [WARNING] Certificate Services: Found 4 error/warning events!

[2025-03-03 12:00:35] [WARNING] 2025-03-02 17:54:03 - Event ID 100 - Unknown DNS packet type 1000 from 10.243.180.200 :51046 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:35] [WARNING] 2025-03-02 17:54:02 - Event ID 100 - Unknown DNS packet type 1000 from 10.243.180.200 :51044 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:35] [WARNING] 2025-03-01 23:39:37 - Event ID 100 - Unknown DNS packet type 1000 from 10.245.162.5 :53533 to 10.245.161.136 :5353 length 12 on 0000000001A80080 (ignored)

[2025-03-03 12:00:38] [INFO] Licensing: Found 29 events

[2025-03-03 12:00:38] [INFO] Event Collection Summary:

[2025-03-03 12:00:38] [INFO] Security: 0 events

[2025-03-03 12:00:38] [INFO] System: 256 events

[2025-03-03 12:00:38] [INFO] Application: 136 events

[2025-03-03 12:00:38] [WARNING] Warning: Critical issues found in event logs (see above for details).

[2025-03-03 12:00:38] [WARNING] Please review the detailed event messages for troubleshooting steps.

[2025-03-03 12:00:38] [INFO] Recommended Action: Export full event logs using Event Viewer for detailed analysis.

[2025-03-03 12:00:38] [INFO] You can export logs from Event Viewer using the 'Save All Events As...' option.

[2025-03-03 12:00:38] [INFO] SECTION 8: Summary of Issues Identified

[2025-03-03 12:00:38] [SUCCESS] No errors found

[2025-03-03 12:00:38] [SUCCESS] No warnings found

Script completed at: 2025-03-03 12:00:38

Duration: 1 minutes, 38 seconds

Log file: C:\Quarantine\GPOIssuesAnalyser\GPOAnalyserwithEventID_20250303_115859.log

======================================================

Then from this we are looking to get a web based HTML report to show you this in a health card style format in the usual format to show you "at a glance visual" of what has been detected:

This will also include all the relevant events as specified by the code as you can see below:

This section is the script will set the name of the log file:

$logFilePath = Join-Path -Path $currentDir -ChildPath "GPOAnalyserwithEventID_$(Get-Date -Format 'yyyyMMdd_HHmmss').log"

Then the script below will produce the HTML report.

Script : Generate_report.ps1

# GPO Analyzer Report Generator

# This script creates an HTML report from GPO Analyzer log files

# Get the latest GPO log file in the current directory

$logFiles = Get-ChildItem -Path $PWD -Filter "GPOAnalyserwithEventID_*.log" | Sort-Object LastWriteTime -Descending

if ($logFiles.Count -eq 0) {

Write-Host "No GPOAnalyserwithEventID_*.log files found in the current directory." -ForegroundColor Red

exit

}

$logFile = $logFiles[0].FullName

$logFileName = [System.IO.Path]::GetFileNameWithoutExtension($logFile)

$outputFile = Join-Path -Path $PWD -ChildPath "$logFileName.html"

Write-Host "Processing log file: $logFile" -ForegroundColor Cyan

Write-Host "Output will be saved to: $outputFile" -ForegroundColor Cyan

# Read the log file line by line for better parsing

$logLines = Get-Content -Path $logFile

Write-Host "Log file has $($logLines.Count) lines" -ForegroundColor Cyan

# Initialize metadata and counters

$metadata = @{

Started = "Unknown"

Computer = "Unknown"

User = "Unknown"

Domain = "Unknown"

Site = "Unknown"

Duration = "Unknown"

}

$domainControllers = @()

$errors = @()

$warnings = @()

$events = @()

$recommendations = @()

$successTests = 0

$errorTests = 0

$warningTests = 0

$inRecommendations = $false

# Process each line

foreach ($line in $logLines) {

# Extract script metadata

if ($line -match "^Started: (.+)$") {

$metadata.Started = $matches[1].Trim()

}

elseif ($line -match "^Computer: (.+)$") {

$metadata.Computer = $matches[1].Trim()

}

elseif ($line -match "^User: (.+)$") {

$metadata.User = $matches[1].Trim()

}

elseif ($line -match "\[INFO\] Current Domain: (.+)$") {

$metadata.Domain = $matches[1].Trim()

}

elseif ($line -match "\[INFO\] Current Site: (.+)$") {

$metadata.Site = $matches[1].Trim()

}

elseif ($line -match "^Duration: (.+)$") {

$metadata.Duration = $matches[1].Trim()

}

# Extract domain controllers

if ($line -match "\[INFO\] DC: (.+?), Site: (.+?), Roles: (.*)$") {

$dc = @{

Name = $matches[1].Trim()

Site = $matches[2].Trim()

Roles = $matches[3].Trim()

}

$domainControllers += $dc

}

# Extract test results and count them

if ($line -match "\[SUCCESS\]") {

$successTests++

}

elseif ($line -match "\[ERROR\]\s+(.+?)$") {

$errorTests++

$errors += $matches[1].Trim()

}

elseif ($line -match "\[WARNING\]\s+(?!.*Event ID)(.+?)$") {

$warningTests++

$warnings += $matches[1].Trim()

}

# Extract event log data

if ($line -match "\[WARNING\]\s+(\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}) - Event ID (\d+) - (.+?)$") {

$events += @{

Timestamp = $matches[1].Trim()

EventId = $matches[2].Trim()

Message = $matches[3].Trim()

}

# Extract recommendations

if ($line -match "SECTION 9: Recommendations") {

$inRecommendations = $true

continue

}

if ($inRecommendations -and $line -match "\[INFO\]\s+\d+\. (.+?)$") {

$recommendations += $matches[1].Trim()

}

# Count total tests

$totalTests = $successTests + $errorTests

# Determine overall health status

$overallHealth = "Healthy"

$healthClass = "healthy"

$healthPercentage = 100

if ($errorTests -gt 0) {

$overallHealth = "Critical"

$healthClass = "critical"

$healthPercentage = [Math]::Max(0, 100 - ($errorTests * 10))

} elseif ($warningTests -gt 0) {

$overallHealth = "Warning"

$healthClass = "warning"

$healthPercentage = [Math]::Max(0, 100 - ($warningTests * 5))

}

Write-Host "Metadata extracted:" -ForegroundColor Green

Write-Host " Computer: $($metadata.Computer)" -ForegroundColor Green

Write-Host " Domain: $($metadata.Domain)" -ForegroundColor Green

Write-Host "Found $($domainControllers.Count) domain controllers" -ForegroundColor Green

Write-Host "Found $($errors.Count) errors" -ForegroundColor Yellow

Write-Host "Found $($warnings.Count) warnings" -ForegroundColor Yellow

Write-Host "Found $($events.Count) event logs" -ForegroundColor Green

# Create HTML content

$html = @"

<!DOCTYPE html>

<head>

<title>GPO Analyzer Report - $($metadata.Computer)</title>

<style>

:root {

--primary-color: #2563eb;

--success-color: #10b981;

--warning-color: #f59e0b;

--error-color: #ef4444;

--info-color: #3b82f6;

--text-color: #1f2937;

--text-secondary: #6b7280;

--bg-color: #ffffff;

--bg-secondary: #f9fafb;

--border-color: #e5e7eb;

}

* {

box-sizing: border-box;

margin: 0;

padding: 0;

}

body {

font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;

line-height: 1.6;

color: var(--text-color);

background-color: var(--bg-secondary);

padding: 0;

margin: 0;

}

.container {

max-width: 1200px;

margin: 0 auto;

padding: 20px;

}

header {

background-color: var(--bg-color);

border-bottom: 1px solid var(--border-color);

padding: 20px 0;

margin-bottom: 30px;

}

h1, h2, h3, h4 {

margin-bottom: 15px;

font-weight: 600;

}

h1 {

font-size: 24px;

}

h2 {

font-size: 20px;

margin-top: 30px;

}

h3 {

font-size: 18px;

margin-top: 25px;

}

p {

margin-bottom: 15px;

}

.metadata {

display: grid;

grid-template-columns: repeat(auto-fill, minmax(200px, 1fr));

gap: 15px;

margin-bottom: 30px;

}

.metadata-item {

background-color: var(--bg-color);

border-radius: 8px;

padding: 15px;

box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);

}

.metadata-label {

font-size: 14px;

color: var(--text-secondary);

margin-bottom: 5px;

}

.metadata-value {

font-weight: 500;

}

.health-dashboard {

display: grid;

grid-template-columns: repeat(auto-fill, minmax(280px, 1fr));

gap: 20px;

margin-bottom: 30px;

}

.health-card {

background-color: var(--bg-color);

border-radius: 8px;

padding: 20px;

box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);

display: flex;

flex-direction: column;

}

.health-card-header {

display: flex;

align-items: center;

justify-content: space-between;

margin-bottom: 15px;

}

.health-card-title {

font-weight: 600;

}

.health-status {

padding: 5px 10px;

border-radius: 4px;

font-size: 14px;

font-weight: 500;

}

.status-success {

background-color: rgba(16, 185, 129, 0.1);

color: var(--success-color);

}

.status-warning {

background-color: rgba(245, 158, 11, 0.1);

color: var(--warning-color);

}

.status-error {

background-color: rgba(239, 68, 68, 0.1);

color: var(--error-color);

}

.status-healthy {

background-color: rgba(16, 185, 129, 0.1);

color: var(--success-color);

}

.status-warning {

background-color: rgba(245, 158, 11, 0.1);

color: var(--warning-color);

}

.status-critical {

background-color: rgba(239, 68, 68, 0.1);

color: var(--error-color);

}

.progress-bar {

width: 100%;

height: 10px;

background-color: var(--border-color);

border-radius: 5px;

margin-bottom: 15px;

overflow: hidden;

}

.progress-bar-inner {

height: 100%;

border-radius: 5px;

transition: width 0.5s ease;

}

.progress-healthy {

background-color: var(--success-color);

}

.progress-warning {

background-color: var(--warning-color);

}

.progress-critical {

background-color: var(--error-color);

}

.issue-list {

margin-top: 10px;

max-height: 200px;

overflow-y: auto;

}

.issue-item {

padding: 8px 10px;

border-radius: 4px;

font-size: 14px;

margin-bottom: 5px;

}

.issue-error {

background-color: rgba(239, 68, 68, 0.1);

}

.issue-warning {

background-color: rgba(245, 158, 11, 0.1);

}

.section-container {

background-color: var(--bg-color);

border-radius: 8px;

padding: 20px;

margin-bottom: 20px;

box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);

}

.section-header {

display: flex;

align-items: center;

justify-content: space-between;

margin-bottom: 15px;

padding-bottom: 10px;

border-bottom: 1px solid var(--border-color);

}

.section-title {

font-weight: 600;

font-size: 18px;

}

.content-list {

list-style: none;

}

.content-item {

padding: 8px 0;

border-bottom: 1px solid var(--border-color);

}

.content-item:last-child {

border-bottom: none;

}

.recommendations {

background-color: var(--bg-color);

border-radius: 8px;

padding: 20px;

box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);

margin-bottom: 30px;

}

.recommendations ul {

margin-left: 20px;

}

.dc-table {

width: 100%;

border-collapse: collapse;

margin-bottom: 30px;

}

.dc-table th, .dc-table td {

padding: 10px;

text-align: left;

border-bottom: 1px solid var(--border-color);

}

.dc-table th {

background-color: var(--bg-secondary);

font-weight: 500;

}

.dc-roles {

display: inline-block;

background-color: rgba(59, 130, 246, 0.1);

color: var(--primary-color);

padding: 3px 8px;

border-radius: 4px;

font-size: 12px;

margin-right: 5px;

margin-bottom: 5px;

}

footer {

text-align: center;

margin-top: 50px;

padding: 20px;

color: var(--text-secondary);

font-size: 14px;

border-top: 1px solid var(--border-color);

}

/* Responsive adjustments */

@media (max-width: 768px) {

.metadata, .health-dashboard {

grid-template-columns: 1fr;

}

</style>

</head>

<body>

<h1>GPO Analyzer Report</h1>

<p>Generated on: $(Get-Date -Format "yyyy-MM-dd HH:mm:ss")</p>

</div>

</header>

<div class="metadata-label">Computer Name</div>

<div class="metadata-value">$($metadata.Computer)</div>

</div>

<div class="metadata-label">Username</div>

<div class="metadata-value">$($metadata.User)</div>

</div>

<div class="metadata-label">Domain</div>

<div class="metadata-value">$($metadata.Domain)</div>

</div>

<div class="metadata-value">$($metadata.Site)</div>

</div>

<div class="metadata-label">Script Run Time</div>

<div class="metadata-value">$($metadata.Started)</div>

</div>

<div class="metadata-label">Duration</div>

<div class="metadata-value">$($metadata.Duration)</div>

</div>

</section>

<h2>System Health</h2>

<div class="health-card-title">Overall Health</div>

<div class="health-status status-$healthClass">$overallHealth</div>

</div>

</div>

<div>

<strong>Total Tests:</strong> $totalTests<br>

<strong>Successful:</strong> $successTests<br>

<strong>Failed:</strong> $errorTests

</div>

<div class="health-card-title">Errors</div>

$($errors.Count) Found

</div>

$(if($errors.Count -gt 0) {

"<div class='issue-list'>"

foreach($error in $errors) {

"<div class='issue-item issue-error'>$error</div>"

}

"</div>"

} else {

"<p>No errors detected.</p>"

})

</div>

<div class="health-card-title">Warnings</div>

$($warnings.Count) Found

</div>

$(if($warnings.Count -gt 0) {

"<div class='issue-list'>"

foreach($warning in $warnings) {

"<div class='issue-item issue-warning'>$warning</div>"

}

"</div>"

} else {

"<p>No warnings detected.</p>"

})

</div>

</section>

$(if($events.Count -gt 0) {

"<h2>Event Log Issues</h2>

<div class='section-title'>Recent Events</div>

<div class='health-status status-warning'>$($events.Count) Events</div>

</div>

<ul class='content-list'>"

foreach($event in $events) {

"<li class='content-item'>

<strong>$($event.Timestamp)</strong> - Event ID $($event.EventId)<br>

$($event.Message)

</li>"

}

"</ul>

</div>"

})

<h2>Recommendations</h2>

<ul>

$(if($recommendations.Count -gt 0) {

foreach($recommendation in $recommendations) {

"<li>$recommendation</li>"

}

} else {

"<li>No specific recommendations found.</li>"

})

</ul>

</div>

<h2>Domain Controllers</h2>

<thead>

<tr>

<th>Roles</th>

</tr>

</thead>

<tbody>

$(foreach($dc in $domainControllers) {

$roles = if ($dc.Roles) {

$roleArray = $dc.Roles -split ", " | Where-Object { $_ -ne "" }

if ($roleArray.Count -gt 0) {

($roleArray | ForEach-Object { "<span class='dc-roles'>$_</span>" }) -join " "

} else {

"<span class='dc-roles'>Member DC</span>"

}

} else {

"<span class='dc-roles'>Member DC</span>"

}

"<tr>

<td>$roles</td>

</tr>"

})

</tbody>

</table>

</div>

<h2>Log Summary</h2>

<p>For full details, please refer to the original log file: <strong>$($logFiles[0].Name)</strong></p>

<p>Total lines in log: $($logLines.Count)</p>

</div>

<p>GPO Analyzer Report Generator | Generated on $(Get-Date -Format "yyyy-MM-dd HH:mm:ss")</p>

</footer>

</div>

</body>

</html>

# Write the HTML to file

$html | Out-File -FilePath $outputFile -Encoding utf8

Write-Host "Report has been generated successfully!" -ForegroundColor Green

Write-Host "Report location: $outputFile" -ForegroundColor Green

Powershell : GPO Issues Assessment Script

نموذج الاتصال