PsModuleManagement.psm1
|
Function InstalledModuleInfoPsModuleManagement { [CmdletBinding()] param( [Parameter()] [string]$MainModule, [Parameter()] [string]$AuthModule, [Parameter()] [array]$MaintenancePowershellServices, [Parameter()] [array]$MaintenancePowershellProcesses, [Parameter()] [switch]$GetOldVersions, [Parameter()] [switch]$CheckInstallation ) If ($CheckInstallation) { # Checking if Main module is installed ... Otherwise it will install it write-host "" write-host "Installation: Checking installation of main module $($MainModule) ... Please Wait !" $Global:InstalledVersionMainModule = Get-installedmodule $MainModule -ErrorAction SilentlyContinue # Installing Main module if not found ! If (!($Global:InstalledVersionMainModule)) { # Stopping all services PowershellServiceProcessMaintenance -Services $MaintenancePowershellServices -Processes $MaintenancePowershellProcesses -Action STOP # install module write-host "" write-host "Installing module $($MainModule) as it wasn't found ... Please Wait !" Try { install-module $MainModule -force -Scope AllUsers -AllowClobber -ErrorAction Stop } Catch { Try { install-module $MainModule -force -Scope AllUsers -ErrorAction Stop } Catch { write-host "" write-host "Errors occured .... terminating as modules are locked in memory !!" write-host "Close down the current Powershell session and re-run this script !" Exit 1 } } } # Verify critical Auth component exists ! If not, then install component write-host "" write-host "Installation: Checking installation of authentication module $($AuthModule) ... Please Wait !" $AuthModuleInfo = Get-installedmodule $AuthModule -ErrorAction SilentlyContinue If (!($AuthModuleInfo)) { # Stopping all services PowershellServiceProcessMaintenance -Services $MaintenancePowershellServices -Processes $MaintenancePowershellProcesses -Action STOP Try { install-module $AuthModule -force -Scope AllUsers -AllowClobber -ErrorAction Stop } Catch { Try { install-module $AuthModule -force -Scope AllUsers -ErrorAction Stop } Catch { write-host "Errors occured .... terminating as modules are locked in memory !!" write-host "Close down the current Powershell session and re-run this script !" Exit 1 } } } } # If ($CheckInstallation) # Get info about current version of Main Module write-host "" write-host "Getting info about current version of $($MainModule) ... Please Wait !" $Global:InstalledVersionMainModule = Get-installedmodule $MainModule If ($Global:InstalledVersionMainModule) { write-host "" write-host "Installed: Version of $($MainModule) found on system: $($Global:InstalledVersionMainModule.Version)" } Else { write-host "" write-host "Could not detect $($MainModule) on system .... exiting !" Exit 1 } $Global:CurrentInstalledVersion = $InstalledVersionMainModule.Version # Getting information about Sub modules write-host "" write-host "Getting info about sub modules of $($MainModule) ... Please Wait !" $Global:InstalledVersionSubModules = Get-installedmodule "$($MainModule).*" -ErrorAction SilentlyContinue # Getting information about Auth Module $AuthModuleInfo = $InstalledVersionSubModules | Where-Object { $_.name -eq $AuthModule } $Global:AuthModuleRequiredVersion = $AuthModuleInfo.Version If ($Global:AuthModuleRequiredVersion) { write-host "" write-host "Installed: Version of $($AuthModule) found on system: $($Global:AuthModuleRequiredVersion)" } Else { write-host "" write-host "Could not detect $($AuthModule) on system .... exiting !" Exit 1 } If ($GetOldVersions) { # Getting information about other versions of main module write-host "" write-host "Getting info about all versions of main module $($MainModule) on local system ... Please Wait !" $Global:InstalledAllVersionsMainModule = Get-installedmodule $MainModule -AllVersions -ErrorAction SilentlyContinue # Old Installed Version(s) $Global:OldInstalledVersionsMainModule = $InstalledAllVersionsMainModule | Where-Object { ([version]$_.Version -ne [version]$InstalledVersionMainModule.Version) -and ($_.Name -eq $InstalledVersionMainModule.Name) } If ($Global:OldInstalledVersionsMainModule) { write-host "" write-host "Building overview of old installed modules of $($MainModule) ... Please Wait !" $Global:OldInstalledVersionsSubModules = @() ForEach ($Module in $Global:InstalledVersionSubModules) { $Global:OldInstalledVersionsSubModules += $Global:InstalledAllVersionsSubModules | Where-Object { ([version]$_.Version -ne [version]$Module.Version) -and ($_.Name -eq $Module.Name) } } } } } Function PostActionsPsModuleManagement { [CmdletBinding()] param( [Parameter(mandatory)] [string]$FileName, [Parameter(mandatory)] [string]$GitHubUri ) write-host "" write-host "Known Mitigations are in progress .... Please Wait !" write-host "" $TargetFile = $env:windir + "\temp\" + $PostMitigationScriptKnownIssues Remove-Item $TargetFile -ErrorAction SilentlyContinue $ScriptFromGitHub = Invoke-WebRequest "$($GitHubUri)/$($PostMitigationScriptKnownIssues)" -OutFile $TargetFile & $TargetFile Return $global:TerminateSession } Function SendMailNotificationsPsModuleManagement { [CmdletBinding()] param( [Parameter(mandatory)] [boolean]$SendMailAlerts, [Parameter(mandatory)] [string]$SMTP_Host, [Parameter(mandatory)] [AllowEmptyString()] [AllowNull()] [string]$SMTP_UserId, [Parameter(mandatory)] [AllowEmptyString()] [AllowNull()] [string]$SMTP_Password, [Parameter(mandatory)] [string]$SMTP_Port, [Parameter(mandatory)] [string]$SMTP_From, [Parameter(mandatory)] [array]$SMTP_To, [Parameter(mandatory)] [string]$SMTP_Subject, [Parameter(mandatory)] [string]$SMTP_Body, [Parameter(mandatory)] [string]$Description ) If ($SendMailAlerts) { $SMTP_Body += "<br>" $SMTP_Body += "Mail sent from $($Description) using SMTP Host: $($SMTP_Host)<br>" If ( ($SMTP_UserId -eq "") -or ($SMTP_UserId -eq $null) ) { $SMTP_Body += "SMTP Authentication: Anonymous" Write-host "Sending mail to $($SMTP_To) with subject '$($SMTP_Subject)' (anonymous)" Send-MailMessage -SmtpServer $SMTP_Host -To $SMTP_To -From $SMTP_From -Subject $SMTP_Subject -Body $SMTP_Body -Encoding UTF8 -BodyAsHtml -Priority high -port $SMTP_Port } Else { $SMTP_Body += "SMTP Authentication: Userid/password" $SecureCredentialsSMTP = New-Object System.Management.Automation.PSCredential($SMTP_UserId,(ConvertTo-SecureString $SMTP_Password -AsPlainText -Force)) Write-host "Sending mail to $($SMTP_To) with subject '$($SMTP_Subject)' (secure)" Send-MailMessage -SmtpServer $SMTP_Host -To $SMTP_To -From $SMTP_From -Subject $SMTP_Subject -Body $SMTP_Body -Encoding UTF8 -BodyAsHtml -Priority high -port $SMTP_Port -Credential $SecureCredentialsSMTP } } } Function TestConnectivityPsModuleManagement { [CmdletBinding()] param( [Parameter(mandatory)] [string]$Entra_App_ApplicationID, [Parameter(mandatory)] [string]$Entra_App_Secret, [Parameter(mandatory)] [string]$Entra_App_TenantID, [Parameter(mandatory)] [string]$MainModule, [Parameter()] [AllowEmptyString()] [AllowNull()] [string]$AuthModule, [Parameter()] [AllowEmptyString()] [AllowNull()] [string]$AuthModuleRequiredVersion, [Parameter()] [string]$AzSubscriptionId ) # Default $ErrorsDetected = $False write-host "" write-host "Testing connectivity with $($MainModule) using Entra App & Secret" If ($AuthModule) { write-host "" write-host "Auth Module version: $($AuthModuleRequiredVersion))" import-module $AuthModule -RequiredVersion $AuthModuleRequiredVersion } #------------------------------------------------------------------------------------------------ If ( ($MainModule -eq "Microsoft.Graph") -or ($MainModule -eq "Microsoft.Graph.Beta") ) { Try { $Disconnect = Disconnect-MgGraph -ErrorAction SilentlyContinue $ClientSecretCredential = New-Object System.Management.Automation.PSCredential ($Entra_App_ApplicationID, (ConvertTo-SecureString $Entra_App_Secret -AsPlainText -Force)) Connect-MgGraph -TenantId $Entra_App_TenantID -ClientSecretCredential $ClientSecretCredential -NoWelcome -ErrorAction Stop } Catch { $ErrorsDetected = $True write-host "CONNECTIVITY ERRORS DETECTED" -ForegroundColor Yellow write-host "" $_ write-host "" } } #------------------------------------------------------------------------------------------------ ElseIf ($MainModule -eq "Azure") { Try { $Disconnect = Disconnect-AzAccount -ErrorAction SilentlyContinue $ClientSecretCredential = New-Object System.Management.Automation.PSCredential ($Entra_App_ApplicationID, (ConvertTo-SecureString $Entra_App_Secret -AsPlainText -Force)) Connect-AzAccount -ServicePrincipal -TenantId $Entra_App_TenantID -Credential $ClientSecretCredential -SkipContextPopulation -Force -ErrorAction Stop Set-AzContext -Subscription $AzSubscriptionId -ErrorAction Stop } Catch { $ErrorsDetected = $True write-host "$($MainModule) CONNECTIVITY FAILED" -ForegroundColor Yellow write-host "" $_ write-host "" } } #------------------------------------------------------------------------------------------------ ElseIf ($MainModule -eq "ExchangeOnlineManagement") { Try { $ClientSecretCredential = New-Object System.Management.Automation.PSCredential ($Entra_App_ApplicationID, (ConvertTo-SecureString $Entra_App_Secret -AsPlainText -Force)) Connect-ExchangeOnline -Credential $ClientSecretCredential -ShowProgress $false } Catch { $ErrorsDetected = $True write-host "$($MainModule) CONNECTIVITY FAILED" -ForegroundColor Yellow write-host "" $_ write-host "" } } #------------------------------------------------------------------------------------------------ If ($ErrorsDetected) { write-host "$($MainModule) CONNECTIVITY FAILED" -ForegroundColor Yellow write-host "" } ElseIf (!($ErrorsDetected)) { write-host "$($MainModule) CONNECTIVITY SUCCESS" -ForegroundColor Green write-host "" } Return $ErrorsDetected } |