31 lines
901 B
PowerShell
31 lines
901 B
PowerShell
|
function Test-AppTierGMSAAccounts {
|
|||
|
|
<#
|
|||
|
|
.SYNOPSIS
|
|||
|
|
Tests GMSA Accounts for App Tier applications and Services
|
|||
|
|
|
|||
|
|
.LINK
|
|||
|
|
Install-ActiveDirectoryModule
|
|||
|
|
|
|||
|
|
.LINK
|
|||
|
|
Test-OrInstallADServiceAccount
|
|||
|
|
#>
|
|||
|
|
[CmdletBinding()]
|
|||
|
|
[OutputType([bool])]
|
|||
|
|
param (
|
|||
|
|
)
|
|||
|
|
$logLead = (Get-LogLeadName);
|
|||
|
|
|
|||
|
|
if (!(Install-ActiveDirectoryModule)) {
|
|||
|
|
Write-Warning ("$logLead : Unable to install or load the ActiveDirectory module. GMSA accounts cannot be installed or tested and must be verified post-installation")
|
|||
|
|
return
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
foreach ($application in ($appTierApplications | Where-Object {$_.User.EndsWith("$") -and $_.IsGMSAAccount})) {
|
|||
|
|
Test-OrInstallADServiceAccount $application.User
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
foreach ($service in ((Get-AppTierServices) | Where-Object {$_.User.EndsWith("$") -and $_.IsGMSAAccount})) {
|
|||
|
|
Test-OrInstallADServiceAccount $service.User
|
|||
|
|
}
|
|||
|
|
}
|