Skip to content

Commit 5d44a80

Browse files
x-limitless-xx-limitless-x
authored
Update format of script to standard.
1 parent a1942f4 commit 5d44a80

File tree

1 file changed

+74
-19
lines changed

1 file changed

+74
-19
lines changed

Powershell/Get-TLSRegistryKeys.ps1

Lines changed: 74 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,37 @@
1+
<#
2+
.SYNOPSIS
3+
Check TLS Settings for SCOM
4+
5+
.DESCRIPTION
6+
Gathers TLS settings from the registry.
7+
8+
.PARAMETER Servers
9+
The servers you would like to run this script to check TLS settings for Operations Manager.
10+
11+
.EXAMPLE
12+
PS C:\> .\Get-TLSRegistryKeys.ps1
13+
14+
.NOTES
15+
Author: Blake Drumm (blakedrumm@microsoft.com)
16+
17+
Hosted here: https://github.com/blakedrumm/SCOM-Scripts-and-SQL/blob/master/Powershell/Get-TLSRegistryKeys.ps1
18+
#>
19+
param
20+
(
21+
[Parameter(HelpMessage = 'The servers you would like to run this script to check TLS settings for Operations Manager.')]
22+
[string[]]$Servers
23+
)
124
Function Get-TLSRegistryKeys
225
{
326
[CmdletBinding()]
427
Param
528
(
629
[string[]]$Servers
730
)
8-
if(!$Servers)
9-
{
10-
$Servers = $env:COMPUTERNAME
11-
}
31+
if (!$Servers)
32+
{
33+
$Servers = $env:COMPUTERNAME
34+
}
1235
# Blake Drumm - modified on 09/02/2021
1336
Write-Host " Accessing Registry on:`n" -NoNewline -ForegroundColor Gray
1437
$scriptOut = $null
@@ -90,7 +113,7 @@ Function Get-TLSRegistryKeys
90113
{
91114
$Crypt2 = $False
92115
}
93-
116+
94117
$DefaultTLSVersions = (Get-ItemProperty -Path $CrypKey1 -Name $Strong -ea 0).SystemDefaultTlsVersions
95118
If ($DefaultTLSVersions -eq 1)
96119
{
@@ -109,14 +132,37 @@ Function Get-TLSRegistryKeys
109132
{
110133
$DefaultTLSVersions64 = $False
111134
}
112-
135+
113136
## ODBC : https://www.microsoft.com/en-us/download/details.aspx?id=50420
114137
## OLEDB : https://docs.microsoft.com/en-us/sql/connect/oledb/download-oledb-driver-for-sql-server?view=sql-server-ver15
115138
[string[]]$data = (Get-WmiObject -Class Win32_Product | Where-Object { $_.Name -like "*sql*" }).name
116139
$odbc = $data | where { $_ -like "Microsoft ODBC Driver *" } # Need to validate version
117-
if ($odbc -match "11|13") { Write-Verbose "FOUND $odbc"; $odbc = "$odbc (Good)" }
118-
elseif ($odbc) { $odbc = $odbc }
119-
else { $odbc = "Not Found." }
140+
if ($odbc -match "11|13")
141+
{
142+
$odbc = $null
143+
$odbc = @()
144+
foreach ($driver in $odbc)
145+
{
146+
Write-Verbose "FOUND $driver"
147+
$odbc += "$driver (Good)"
148+
}
149+
150+
}
151+
elseif ($odbc)
152+
{
153+
$odbc = $null
154+
$odbc = @()
155+
foreach ($driver in $odbc)
156+
{
157+
Write-Verbose "FOUND $driver"
158+
$odbc += "$driver"
159+
}
160+
161+
}
162+
else
163+
{
164+
$odbc = "Not Found."
165+
}
120166
$oledb = $data | where { $_ -eq 'Microsoft OLE DB Driver for SQL Server' }
121167
if ($oledb)
122168
{
@@ -263,8 +309,8 @@ Function Get-TLSRegistryKeys
263309

264310
$additional = ('PipeLineKickStart' | Select @{ n = 'SchUseStrongCrypto'; e = { $Crypt1 } },
265311
@{ n = 'SchUseStrongCrypto_WOW6432Node'; e = { $Crypt2 } },
266-
@{ n = 'DefaultTLSVersions'; e = { $DefaultTLSVersions } },
267-
@{ n = 'DefaultTLSVersions_WOW6432Node'; e = { $DefaultTLSVersions64 } },
312+
@{ n = 'DefaultTLSVersions'; e = { $DefaultTLSVersions } },
313+
@{ n = 'DefaultTLSVersions_WOW6432Node'; e = { $DefaultTLSVersions64 } },
268314
@{ n = 'OLEDB'; e = { $OLEDB } },
269315
@{ n = 'ODBC'; e = { $odbc } },
270316
@{ n = 'ODBC (ODBC Data Sources\OpsMgrAC)'; e = { $odbcODBCDataSources } },
@@ -285,20 +331,29 @@ Function Get-TLSRegistryKeys
285331
{
286332
$InnerTLSRegKeysFunctionScript = "function Inner-TLSRegKeysFunction { ${function:Inner-TLSRegKeysFunction} }"
287333
$scriptOut += (Invoke-Command -ComputerName $server -ArgumentList $InnerTLSRegKeysFunctionScript -ScriptBlock {
288-
Param ($script)
289-
. ([ScriptBlock]::Create($script))
290-
Write-Host "-" -NoNewLine -ForegroundColor Green
291-
return Inner-TLSRegKeysFunction
292-
} -HideComputerName | Out-String) -replace "RunspaceId.*",""
334+
Param ($script)
335+
. ([ScriptBlock]::Create($script))
336+
Write-Host "-" -NoNewLine -ForegroundColor Green
337+
return Inner-TLSRegKeysFunction
338+
} -HideComputerName | Out-String) -replace "RunspaceId.*", ""
293339
Write-Host "> Completed!`n" -NoNewline -ForegroundColor Green
294340

295341
}
296342
else
297343
{
298-
Write-Host "-" -NoNewLine -ForegroundColor Green
299-
$scriptOut += Inner-TLSRegKeysFunction
300-
Write-Host "> Completed!`n" -NoNewline -ForegroundColor Green
344+
Write-Host "-" -NoNewLine -ForegroundColor Green
345+
$scriptOut += Inner-TLSRegKeysFunction
346+
Write-Host "> Completed!`n" -NoNewline -ForegroundColor Green
301347
}
302348
}
303349
$scriptOut | Out-String -Width 4096
304350
}
351+
if ($Servers)
352+
{
353+
Get-TLSRegistryKeys -Servers $Servers
354+
}
355+
else
356+
{
357+
# Change the default action of this script when run without any parameters
358+
Get-TLSRegistryKeys
359+
}

0 commit comments

Comments
 (0)