• Microsoft Active Directory Documentation Script Update Version 2.22

    February 14, 2019

    Active Directory, PowerShell

    #Version 2.22 released 14-Feb-2019

    • Added a line under the OU table stating how many OUs are not protected
    • Added color $wdColorYellow
    • Added Exchange schema version 17000 for Exchange 2019
    • Added to the “Gathering user misc data” section, the following console message if there are more than 100,000 user accounts in AD:
      • There are $($UsersCount) user accounts to process. The following 17 actions will take a long time. Be patient.
    • Changed section heading “Domain trusts” to “Domain Trusts” to match the capitalization of other sections
    • Changed several $Var -eq $Null to $Null -eq $Var and on Get-Process line for WinWord (thanks to MBS)
    • Changed test for “No Certification Authority Root(s) were retrieved” by Michael B. Smith who contributed the original code
    • For HTML and Text output, for Heading1 and Heading2 output, added “/// ” and ” \\\” surrounding the heading text
      • This will help for those of us who read reports that contain > 100,000 OUs and users and > 1,000 GPOs
    • Removed “Preview” from Windows Server 2019 AD Schema version 88
    • Remove unused variables
    • Updated help text

    You can always find the most current script by going to https://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/



    About Carl Webster

    Carl Webster is an independent consultant specializing in Citrix, Active Directory, and technical documentation. Carl (aka “Webster”) serves the broader Citrix community by writing articles (see CarlWebster.com) and by being the most active person in the Citrix Zone on Experts Exchange. Webster has a long history in the IT industry beginning with mainframes in 1977, PCs and application development in 1986, and network engineering in 2001. He has worked with Citrix products since 1990 with the premiere of their first product – the MULTIUSER OS/2.

    View all posts by Carl Webster

    8 Responses to “Microsoft Active Directory Documentation Script Update Version 2.22”

    1. Khush Says:

      Thanks Carl, very useful script indeed.

      My PS script knowledge is limited so when I tried -PDF it won’t work unless I installed Word. So in my test lab I got it working with Word installed.

      Haven’t yet tried in production, ideally I’d like to avoid installing applications on a server. Anything I might be doing wrong ? Please suggest.

      Also is there a script to get inventory of all assets in CSV with Canonical Name, IP, H/W Vendor, date build etc … Looked around on the net but nothing very specific.


      • Carl Webster Says:

        From the Help Text and ReadMe:

        Word is NOT needed to run the script. This script will output in Text and HTML.

        You do NOT have to run this script on a domain controller. This script was developed and run from a Windows 10 VM.

        While most of the script can be run with a non-admin account, there are some features that will not or may not work without domain admin or enterprise admin rights.
        The Hardware and Services parameters require domain admin privileges.

        Version 2.0 of the script adds gathering information on Time Server and AD database, log file, and SYSVOL locations. Those require access to the registry on each domain controller, which means the script should now always be run from an elevated PowerShell session with an account with a minimum of domain admin rights.

        Running the script in a forest with multiple domains requires Enterprise Admin rights.

        To run the script from a workstation, RSAT is required.

        Remote Server Administration Tools for Windows 7 with Service Pack 1 (SP1)

        Remote Server Administration Tools for Windows 8

        Remote Server Administration Tools for Windows 8.1

        Remote Server Administration Tools for Windows 10

        Use the -ComputerName parameter to run the script against a specific domain controller.

        Specifies which domain controller to use to run the script against.
        If ADForest is a trusted forest, then ComputerName is required to detect the
        existence of ADForest.
        ComputerName can be entered as the NetBIOS name, FQDN, localhost or IP Address.
        If entered as localhost, the actual computer name is determined and used.
        If entered as an IP address, an attempt is made to determine and use the actual
        computer name.

        This parameter has an alias of ServerName.
        Default value is $Env:USERDNSDOMAIN

        The PDF file is generated using Word’s SaveAs PDF option.

        “Also is there a script to get inventory of all assets in CSV with Canonical Name, IP, H/W Vendor, date build etc” – Sorry, I know of nothing for this offhand.




    2. Johan Kallio Says:

      Hi carls thx for a great script, but it has a minor error if your’re using Swedish word regaring getting content table to work in the function SetWordHashTable

      LINE 3088 should be
      ‘sv-‘ { ‘Automatisk innehållsförteckn2’; Break }

      Since MS for some reason choose to call the template that (its not correct Swedish 🙂 ) your original code was correct Swedish but will unfortunately fail

      This will not work since the template will not be found
      ‘sv-‘ { ‘Automatisk innehållsförteckning2’; Break }

      Hope this helps some other of your Swedish readers



    3. Peter Johnson Says:

      Hi Carl

      Sorry no. I didn’t run the report and all I have is the HTML output..

      I might be able to get the guys to rerun it with the text option but it’s a large environment and has some pretty intense change control processes even just to run a report.. So I was looking for a quick way to extract the tables into a collection of CSV files..


    4. Peter Johnson Says:

      Hi Carl

      Really fantastic work with this. I’m trying to get the resultant HTML imported, or at least the tables in into PowerBI to do some funky reporting… Do you have any ideas on an approach.

      PowerBI itself bleats that the html requires activescripting on which I’ve tried with no luck.

      If I could get it converted to JSON or XML I would be golden, I think.

      Once great work..


    Leave a Reply