ninja-one/check-custom-fields.ps1
|
begin { # Check for required PowerShell version (7+) if (!($PSVersionTable.PSVersion.Major -ge 7)) { try { # Install PowerShell 7 if missing if (!(Test-Path "$env:SystemDrive\Program Files\PowerShell\7")) { Write-Output 'Installing PowerShell version 7...' Invoke-Expression "& { $( Invoke-RestMethod https://aka.ms/install-powershell.ps1 ) } -UseMSI -Quiet" } # Refresh PATH $env:Path = [System.Environment]::GetEnvironmentVariable('Path', 'Machine') + ';' + [System.Environment]::GetEnvironmentVariable('Path', 'User') # Restart script in PowerShell 7 pwsh -File "`"$PSCommandPath`"" @PSBoundParameters } catch { Write-Output '[ERROR] PowerShell 7 was not installed. Update PowerShell and try again.' throw $Error } finally { exit $LASTEXITCODE } } else { $PSStyle.OutputRendering = 'PlainText' } function Write-LogMessage { param( [string]$Message, [System.ConsoleColor]$Color = 'White', [switch]$VerboseMessage ) $timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss' # Add prefix based on color $prefix = switch ($Color) { 'Red' { '[ERROR]' } 'Green' { '[SUCCESS]' } 'Yellow' { '[WARNING]' } 'Cyan' { '[INFO]' } default { '[INFO]' } } $logMessage = "${timestamp}: $prefix $Message" # Console output if (!$VerboseMessage -or $VerbosePreference -eq 'Continue') { Write-Host $logMessage -ForegroundColor $Color } # try { # Add-Content -Path $LogFilePath -Value $logMessage -ErrorAction Stop # } # catch { # Write-Host "Error writing to log file: $_" -ForegroundColor Red # } } function Get-BitlockerStatus { Write-LogMessage 'Checking BitLocker status...' try { $manageBdeOutput = manage-bde -status C: 2>&1 # Look for "Protection Status:" line and extract the status $protectionStatusLine = $manageBdeOutput | Where-Object { $_ -match 'Protection Status:' } if ($null -eq $protectionStatusLine) { Write-LogMessage 'Unable to determine BitLocker status. Setting bitlockerEnabled to false.' -Color Yellow Ninja-Property-Set bitlockerEnabled $false return } # Check if Protection Status is "Protection On" if ($protectionStatusLine -match 'Protection On') { Write-LogMessage 'BitLocker is enabled on the system drive. Setting bitlockerEnabled to true.' Ninja-Property-Set bitlockerEnabled $true } else { Write-LogMessage 'BitLocker protection is not enabled. Setting bitlockerEnabled to false.' Ninja-Property-Set bitlockerEnabled $false } } catch { Write-LogMessage "Error checking BitLocker status: $_" -Color Red Ninja-Property-Set bitlockerEnabled $false } } function Get-AzureEnrollment { try { $joinStatusLine = (dsregcmd /status | Select-String -Pattern "AzureAdJoined :" -ErrorAction SilentlyContinue) if ($null -eq $joinStatusLine) { Write-LogMessage "Could not determine Azure AD join status. Setting azureEnrolled to -1." Ninja-Property-Set azureEnrolled -1 exit 0 } $joinStatus = $joinStatusLine.ToString().Split(":")[1].Trim() if ($joinStatus -eq "YES") { Write-LogMessage "Device is Azure AD Joined. Setting azureEnrolled to 1." Ninja-Property-Set azureEnrolled 1 } elseif ($joinStatus -eq "NO") { Write-LogMessage "Device is NOT Azure AD Joined. Setting azureEnrolled to 0." Ninja-Property-Set azureEnrolled 0 } else { Write-LogMessage "Unexpected Azure AD join status: $joinStatus. Setting azureEnrolled to -1." Ninja-Property-Set azureEnrolled -1 } } catch { Write-LogMessage "Error checking Azure Enrollment status: $_" -Color Red Ninja-Property-Set azureEnrolled -1 } } } process { try { Get-BitlockerStatus Get-AzureEnrollment } catch { # output the error and the line it came from Write-LogMessage "Error: $_" -Color Red Write-LogMessage "Line: $($_.InvocationInfo.ScriptLineNumber)" -Color Red exit 1 } } end { } |