OmerMicrosoft

## WVD_AddRdsUsers.ps1
#Get Azure admin credentials
Write-Host "Getting Azure credentials... "
$Credentials = Get-Credential -Message "Enter your Azure admin credentials"
#Add RDS Account in order to be able to change WVD configuration
$BrokerURL = "https://rdbroker.wvd.microsoft.com"
Write-Host "Adding the RDS account... " -NoNewline
Try {
    Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials -ErrorAction Stop | Out-Null
}
Catch {

## WVD_AssignTenantCreatorRoleAndCreatingWVDTenant.ps1
<#Script Summary:
This PowerShell script initialize the setup of Windows Virtual Desktop in Azure.
The script include:
1.Assign the “TenantCreator” role to a user account.
2.Create a Windows Virtual Desktop tenant.
Before running this script, you should allow the Windows Virtual Desktop service to access Azure AD on the following link: https://rdweb.wvd.microsoft.com/
#>

###Install and import Required Modules###
#Install-Module Az,AzureAD,Microsoft.RDInfra.RDPowerShell -AllowClobber -Force #Remove remark if the required modules have not been installed yet.

## WVD_CreateNewRDSTenant.ps1
$BrokerURL = "https://rdbroker.wvd.microsoft.com"
Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials
$RDSTenantName = Read-Host "Enter RDS tenant name"
$NewRDSTenant = New-RdsTenant -Name $RDSTenantName -AadTenantId $SelectedAzureSubscription.TenantId -AzureSubscriptionId $SelectedAzureSubscription.SubscriptionId
if ($NewRDSTenant) {
    Write-Host "A new RDS tenant was created with the name $($NewRDSTenant.TenantName)" -ForegroundColor Green
}
else {
    Write-Host "The creation of a new RDS tenant was failed." -ForegroundColor Red
}

## WVD_AssignTenantCreatorRoleToUser.ps1
$WVDApplication = Get-AzureADServicePrincipal -Filter "displayName eq 'Windows Virtual Desktop'"
$ApplicationRole = $WVDApplication.AppRoles | Where-Object { $_.DisplayName -eq 'TenantCreator'}
$UserAccount = Get-AzureADUser -ObjectId $AzureAccount.Id
New-AzureADUserAppRoleAssignment -ObjectId $UserAccount.ObjectId -PrincipalId $UserAccount.ObjectId -ResourceId $WVDApplication.ObjectId -Id $ApplicationRole.Id

## gist:796661fd6cc58c0ab4060a1e9e718473
$WVDApplication = Get-AzureADServicePrincipal -Filter "displayName eq 'Windows Virtual Desktop'"
$ApplicationRole = $WVDApplication.AppRoles | Where-Object { $_.DisplayName -eq 'TenantCreator'}
$UserAccount = Get-AzureADUser -ObjectId $AzureAccount.Id
New-AzureADUserAppRoleAssignment -ObjectId $UserAccount.ObjectId -PrincipalId $UserAccount.ObjectId -ResourceId $WVDApplication.ObjectId -Id $ApplicationRole.Id

## Create-ClientsWithNoAssociatedSiteReport.ps1
#Get Domain Controllers for current domain
$DCs = Get-ADGroupMember "Domain Controllers"
#Initiate the clients array
$Clients = @()
Foreach ($DC in $DCs) {
    #Define the netlogon.log path
    $NetLogonFilePath = "\\" + $DC.Name + "\C$\Windows\debug\netlogon.log"
    #Reading the content of the netlogon.log file
    try {$NetLogonFile = Get-Content -Path $NetLogonFilePath -ErrorAction Stop}
    catch {"Error reading $NetLogonFilePath"}

## Create-DomainControllersRolesReport.ps1
#Get Installed Roles on each Domain Controller
$DCsInForest = (Get-ADForest).Domains | % {Get-ADDomainController -Filter * -Server $_}
$DCsRolesArray = @()
foreach ($DC in $DCsInForest) {
    $DCRoles=""
    $Roles = Get-WindowsFeature -ComputerName $DC.HostName | Where-Object {$_.Installed -like "True" -and $_.FeatureType -like "Role"} | Select DisplayName
    foreach ($Role in $Roles) {
        $DCRoles += $Role.DisplayName +","
    }
    try {$DCRoles = $DCRoles.Substring(0,$DCRoles.Length-1)}

## ChangeForestAndDomainFunctionalLevels.ps1
#Changing The Forest Level
$CurrentForest = Get-ADForest
Set-ADForestMode -Identity $CurrentForest -Server $CurrentForest.SchemaMaster -ForestMode Windows2008R2Forest
#Changing The Domain Level
$CurrentDomain = Get-ADDomain
Set-ADDomainMode -Identity $CurrentDomain.Name -Server $CurrentDomain.PDCEmulator -DomainMode Windows2008R2Domain

## Create-DNSScavengingRecordsReport.ps1
Function Create-DNSScavengingRecordsReport
{
    <#The script checks any Dynamic DNS Record and decided whether it’s:
        1)A stale record which responded to ping.
        2)stale record which doesn’t responded to ping.
        3)An updated record (not stale).#>
    $DC = (Get-ADDomainController).Name
    $DNSRoot = (Get-ADDomain).DNSRoot
    $DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot
    $DateThershold = (Get-Date).AddDays(-14)

## Create-DNSScavengingRecordsReport.ps1
Function Create-DNSScavengingRecordsReport
{
    <#Creates a report with DNS records stale data.
    For any record, checks if:
    1)Stale record, responding to ping.
    2)Stale record, NOT responding to ping.
    3)Valid record, timestamp is updated (not stale).#>
    $DC = (Get-ADDomainController).Name
    $DNSRoot = (Get-ADDomain).DNSRoot
    $DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot
	#Get Azure admin credentials
	Write-Host "Getting Azure credentials... "
	$Credentials = Get-Credential -Message "Enter your Azure admin credentials"
	#Add RDS Account in order to be able to change WVD configuration
	$BrokerURL = "https://rdbroker.wvd.microsoft.com"
	Write-Host "Adding the RDS account... " -NoNewline
	Try {
	Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials -ErrorAction Stop \| Out-Null
	}
	Catch {
	<#Script Summary:
	This PowerShell script initialize the setup of Windows Virtual Desktop in Azure.
	The script include:
	1.Assign the “TenantCreator” role to a user account.
	2.Create a Windows Virtual Desktop tenant.
	Before running this script, you should allow the Windows Virtual Desktop service to access Azure AD on the following link: https://rdweb.wvd.microsoft.com/
	#>

	###Install and import Required Modules###
	#Install-Module Az,AzureAD,Microsoft.RDInfra.RDPowerShell -AllowClobber -Force #Remove remark if the required modules have not been installed yet.
	$BrokerURL = "https://rdbroker.wvd.microsoft.com"
	Add-RdsAccount -DeploymentUrl $BrokerURL -Credential $Credentials
	$RDSTenantName = Read-Host "Enter RDS tenant name"
	$NewRDSTenant = New-RdsTenant -Name $RDSTenantName -AadTenantId $SelectedAzureSubscription.TenantId -AzureSubscriptionId $SelectedAzureSubscription.SubscriptionId
	if ($NewRDSTenant) {
	Write-Host "A new RDS tenant was created with the name $($NewRDSTenant.TenantName)" -ForegroundColor Green
	}
	else {
	Write-Host "The creation of a new RDS tenant was failed." -ForegroundColor Red
	}
	$WVDApplication = Get-AzureADServicePrincipal -Filter "displayName eq 'Windows Virtual Desktop'"
	$ApplicationRole = $WVDApplication.AppRoles \| Where-Object { $_.DisplayName -eq 'TenantCreator'}
	$UserAccount = Get-AzureADUser -ObjectId $AzureAccount.Id
	New-AzureADUserAppRoleAssignment -ObjectId $UserAccount.ObjectId -PrincipalId $UserAccount.ObjectId -ResourceId $WVDApplication.ObjectId -Id $ApplicationRole.Id
	#Get Domain Controllers for current domain
	$DCs = Get-ADGroupMember "Domain Controllers"
	#Initiate the clients array
	$Clients = @()
	Foreach ($DC in $DCs) {
	#Define the netlogon.log path
	$NetLogonFilePath = "\\" + $DC.Name + "\C$\Windows\debug\netlogon.log"
	#Reading the content of the netlogon.log file
	try {$NetLogonFile = Get-Content -Path $NetLogonFilePath -ErrorAction Stop}
	catch {"Error reading $NetLogonFilePath"}
	#Get Installed Roles on each Domain Controller
	$DCsInForest = (Get-ADForest).Domains \| % {Get-ADDomainController -Filter * -Server $_}
	$DCsRolesArray = @()
	foreach ($DC in $DCsInForest) {
	$DCRoles=""
	$Roles = Get-WindowsFeature -ComputerName $DC.HostName \| Where-Object {$_.Installed -like "True" -and $_.FeatureType -like "Role"} \| Select DisplayName
	foreach ($Role in $Roles) {
	$DCRoles += $Role.DisplayName +","
	}
	try {$DCRoles = $DCRoles.Substring(0,$DCRoles.Length-1)}
	#Changing The Forest Level
	$CurrentForest = Get-ADForest
	Set-ADForestMode -Identity $CurrentForest -Server $CurrentForest.SchemaMaster -ForestMode Windows2008R2Forest
	#Changing The Domain Level
	$CurrentDomain = Get-ADDomain
	Set-ADDomainMode -Identity $CurrentDomain.Name -Server $CurrentDomain.PDCEmulator -DomainMode Windows2008R2Domain
	Function Create-DNSScavengingRecordsReport
	{
	<#The script checks any Dynamic DNS Record and decided whether it’s:
	1)A stale record which responded to ping.
	2)stale record which doesn’t responded to ping.
	3)An updated record (not stale).#>
	$DC = (Get-ADDomainController).Name
	$DNSRoot = (Get-ADDomain).DNSRoot
	$DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot
	$DateThershold = (Get-Date).AddDays(-14)
	Function Create-DNSScavengingRecordsReport
	{
	<#Creates a report with DNS records stale data.
	For any record, checks if:
	1)Stale record, responding to ping.
	2)Stale record, NOT responding to ping.
	3)Valid record, timestamp is updated (not stale).#>
	$DC = (Get-ADDomainController).Name
	$DNSRoot = (Get-ADDomain).DNSRoot
	$DNSRecords = Get-DnsServerResourceRecord -ComputerName $DC -ZoneName $DNSRoot