Scroll Top
Evotec Services sp. z o.o., ul. Drozdów 6, Mikołów, 43-190, Poland

PSWinDocumentation – Audit Active Directory Passwords

PSWinDocumentation - Password Quality

Another week, another release of PSWinDocumentation. This time focus was put back on Active Directory and it's crucial part – passwords. But that's not all. I've also fixed some other smaller issues and added more Active Directory types to work with.

PSWinDocumentation Information
Please notice this article contains parts of information (still useful) and may not reflect all functionalities of this module. For download, source code and so on you should refer to the dedicated PSWinDocumentation module page. After reading this one… of course! It contains useful informationexamples and know-how. Without it… you may be lost!

If you're paying attention to what's happening around the world now you probably know Have I Been Pwned service by now. You probably know that it has huge lists of hashes of passwords that leaked out over the years from different services (LinkedIn, Adobe, and so on). This means those passwords are now in possession of good guys, but also bad guys. With Active Directory being often a central place to store your password that allows you to access your Office 365 account, ADFS, Microsoft Exchange it's important that your AD passwords is both secure and safe. Bad guys may want to try and access your email accounts or other data that's available online. And having a list of passwords you or other people may have used before doesn't help you in protecting your own data.

What's new in this version?
Active Directory extended types (computers, servers, counts)
Active Directory Password Quality (DSInternals module is required)
Active Directory Password verification against list of passwords (clean text)
Active Directory Password verification against list of passwords (hashes) – ';–have i been pwned?
Fixes and changes I forgot about
Password Quality & Have I Been Pwned Support

In this version PSWinDocumentation adds support for open source DSInternals module that allows you to audit your Active Directory in two ways. For a password list that you define yourself and for a password list that Have I Been Pwned provides as NTLM Hash. Troy Hunt has nice article about it and a place to download place. Apart from that PSWinDocumentation supports passwords given in a clean form. Think of it a way to test if your users are changing passwords you give them? I'm pretty sure that you've been there multiple times setting a simple password to a user such as Microsoft123 or CompanyName2018 or even P@ssw0rd telling user to change it ASAP just to find out they never did. Well now you can test that and catch them with their pants down! You can also use some kind of known password lists such as those on Wikipedia or SecLists on GitHub. Minor drawback is that it only takes a list of passwords so you need to prepare the list you want to use.

Finally I just wanted to add that this wouldn't be possible without DSInternals module (and you need to install it for this to work) from Michael Grafnetter so all thanks should be directed his way! And if you're going to use Have I Been Pwned feature you need to thank Troy Hunt for this. I just deliver a nice looking Word / Excel documents so you can easily send it over to your management and tell them famous quote:

Houston, we have a problem

So how new output looks like?

This section is also new. Some computer, server statistics. Please remember that you may fully tweak this turning off displaying of systems which may not be the best way if you have huge domain.

And we have reached all new section of Domain Password Quality. In it you can find

Password with Reversible Encryption
Passwords with LM Hash
Empty Passwords
Known Passwords (your defined list or haveibeenpwned list)
Default Computer Passwords
Not required Passwords
Non expiring passwords
Passwords with AES Keys missing
Passwords were Kerberos Pre-Authentication is not required
Passwords where only DES Encrypt is allowed
Accounts that can be delegated to a service
Groups of users with same passwords

And so on… for every domain you have.

PSWinDocumentation Information
Please notice this article contains parts of information (still useful) and may not reflect all functionalities of this module. For download, source code and so on you should refer to the dedicated PSWinDocumentation module page. After reading this one… of course! It contains useful informationexamples and know-how. Without it… you may be lost!

Like any type of data that you can send straight to Microsoft Word this module also sends this to Microsoft Excel and Microsoft SQL if needed. This means you can deliver nice output to management with just some overview and at same time work with Excel or SQL to fix your situation.

And so on…

How to use new features?

Keep in mind that if you're new to this module you should start with PSWinDocumentation dedicated page. Not from here… after reading all articles related to it you can start below 😉

Update-Module PSWinDocumentation
Update-Module PSSharedGoods
Update-Module PSWriteExcel
Update-Module PSWriteWord

# if you're using SQL
# Install-Module DBATools
Update-Module DBATools 

# If you need feature for Password Quality 
Install-Module DSInsternals

This is adjusted template you can use for your own needs. Make sure to correct paths for password files, where documents are suppose to be saved and so on. Also remember you can enable / disable every section. You can also rearrange it. Remove it or event rename sections (to some degree). Only static part is SectionForest and SectionDomain has to stay the way it is. On a final note… quite important note. Please remember that when you enable scanning of your domain passwords and compare it against 16GB (yes that's 16GB of text file) file from Have I Been Pwned it will take hours or even days if not weeks on some domains to generate.  So choose carefully. Maybe start with clean text passwords that you define and then depending on your needs go further with testing. Just to give you an idea… on my test domain that you see on my page it took over 1 hour and 20 minutes per domain with less then 30 accounts to compare against Have I Been Pwned database. In comparison same data was compared against my own list of passwords (10-20 or so) in few seconds.

PSWinDocumentation Information
Please notice this article contains parts of information (still useful) and may not reflect all functionalities of this module. For download, source code and so on you should refer to the dedicated PSWinDocumentation module page. After reading this one… of course! It contains useful informationexamples and know-how. Without it… you may be lost!
How do I start new features?
Import-Module PSWinDocumentation
Import-Module PSWinDocumentation.AD
# Import-Module DbaTools # (if you require SQL export)

# Those should automatically load
#Import-Module PSWriteWord
#Import-Module PSWriteExcel
#Import-Module ActiveDirectory

$Document = [ordered]@{
    Configuration = [ordered] @{
        Prettify       = @{
            CompanyName        = 'Evotec'
            UseBuiltinTemplate = $true
            CustomTemplatePath = ''
            Language           = 'en-US'
        }
        Options        = @{
            OpenDocument = $true
            OpenExcel    = $true
        }
        DisplayConsole = @{
            ShowTime   = $false
            LogFile    = "$ENV:TEMP\PSWinDocumentationADTesting.log"
            TimeFormat = 'yyyy-MM-dd HH:mm:ss'
        }
        Debug          = @{
            Verbose = $false
        }
    }
    DocumentAD    = [ordered] @{
        Enable        = $true
        ExportWord    = $true
        ExportExcel   = $false
        ExportSql     = $false
        FilePathWord  = "$Env:USERPROFILE\Desktop\PSWinDocumentation-ADReportWithPasswords.docx"
        FilePathExcel = "$Env:USERPROFILE\Desktop\PSWinDocumentation-ADReportWithPasswords.xlsx"
        Configuration = [ordered] @{
            PasswordTests = @{
                Use                       = $true
                # Using '' will still process some usefull output
                PasswordFilePathClearText = '' #"$PSScriptRoot\Passwords\Passwords.txt"
                # Fair warning it will take ages if you use HaveIBeenPwned DB :-)
                UseHashDB                 = $false
                PasswordFilePathHash      = 'C:\Users\pklys\Downloads\pwned-passwords-ntlm-ordered-by-count\pwned-passwords-ntlm-ordered-by-count.txt'
            }
        }
        Sections      = [ordered] @{
            SectionForest = [ordered] @{
                SectionTOC                    = [ordered] @{
                    Use                  = $true
                    TocGlobalDefinition  = $true
                    TocGlobalTitle       = 'Table of content'
                    TocGlobalRightTabPos = 15
                    #TocGlobalSwitches    = 'A', 'C' #[TableContentSwitches]::C, [TableContentSwitches]::A
                    PageBreaksAfter      = 1
                }
                SectionForestIntroduction     = [ordered] @{
                    ### Enables section
                    Use             = $true
                    ### Decides how TOC should be visible
                    TocEnable       = $True
                    TocText         = 'Scope'
                    TocListLevel    = 0
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading1'
                    ### Text is added before table/list
                    Text            = "This document provides a low-level design of roles and permissions for" `
                        + " the IT infrastructure team at <CompanyName> organization. This document utilizes knowledge from" `
                        + " AD General Concept document that should be delivered with this document. Having all the information" `
                        + " described in attached document one can start designing Active Directory with those principles in mind." `
                        + " It's important to know while best practices that were described are important in decision making they" `
                        + " should not be treated as final and only solution. Most important aspect is to make sure company has full" `
                        + " usability of Active Directory and is happy with how it works. Making things harder just for the sake of" `
                        + " implementation of best practices isn't always the best way to go."
                    TextAlignment   = 'Both'
                    PageBreaksAfter = 1
                }
                SectionForestSummary          = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Forest Summary'
                    TocListLevel    = 0
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading1'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::ForestInformation
                    TableDesign     = 'ColorfulGridAccent5'
                    TableTitleMerge = $true
                    TableTitleText  = "Forest Summary"
                    Text            = "Active Directory at <CompanyName> has a forest name <ForestName>." `
                        + " Following table contains forest summary with important information:"
                    ExcelExport     = $true
                    ExcelWorkSheet  = 'Forest Summary'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::ForestInformation
                }
                SectionForestFSMO             = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestFSMO
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'FSMO Roles'
                    Text                  = 'Following table contains FSMO servers'
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest FSMO'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestFSMO
                }
                SectionForestOptionalFeatures = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestOptionalFeatures
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'Optional Features'
                    Text                  = 'Following table contains optional forest features'
                    TextNoData            = "Following section should have table containing forest features. However no data was provided."
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest Optional Features'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestOptionalFeatures
                }
                SectionForestUPNSuffixes      = [ordered] @{
                    Use                   = $true
                    Text                  = "Following UPN suffixes were created in this forest:"
                    TextNoData            = "No UPN suffixes were created in this forest."
                    #ListType              = 'Bulleted'
                    #ListData              = [PSWinDocumentation.ActiveDirectory]::ForestUPNSuffixes
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestUPNSuffixes
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'UPN Suffixes'
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest UPN Suffixes'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestUPNSuffixes
                }
                SectionForesSPNSuffixes       = [ordered] @{
                    Use                   = $true
                    Text                  = "Following SPN suffixes were created in this forest:"
                    TextNoData            = "No SPN suffixes were created in this forest."
                    #ListType              = 'Bulleted'
                    #ListData              = [PSWinDocumentation.ActiveDirectory]::ForestSPNSuffixes
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestSPNSuffixes
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'SPN Suffixes'
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest SPN Suffixes'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestSPNSuffixes
                }
                SectionForestSites1           = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Sites'
                    TocListLevel    = 1
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading1'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::ForestSites1
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = "Forest Sites list can be found below"
                    ExcelExport     = $false  ## Exported as one below
                    ExcelWorkSheet  = 'Forest Sites 1'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::ForestSites1
                }
                SectionForestSites2           = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestSites2
                    TableDesign           = 'ColorfulGridAccent5'
                    Text                  = "Forest Sites list can be found below"
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $false ## Exported as one below
                    ExcelWorkSheet        = 'Forest Sites 2'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestSites2
                }
                SectionForestSites            = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = 'Forest Sites'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::ForestSites
                }
                SectionForestSubnets1         = [ordered] @{
                    Use                   = $true
                    TocEnable             = $True
                    TocText               = 'General Information - Subnets'
                    TocListLevel          = 1
                    TocListItemType       = 'Numbered'
                    TocHeadingType        = 'Heading1'
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestSubnets1
                    TableDesign           = 'ColorfulGridAccent5'
                    Text                  = "Table below contains information regarding relation between Subnets and sites"
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest Subnets 1'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestSubnets1
                }
                SectionForestSubnets2         = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::ForestSubnets2
                    TableDesign           = 'ColorfulGridAccent5'
                    Text                  = "Table below contains information regarding relation between Subnets and sites"
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = 'Forest Subnets 2'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::ForestSubnets2
                }
                SectionForestSiteLinks        = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Site Links'
                    TocListLevel    = 1
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading1'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::ForestSiteLinks
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = "Forest Site Links information is available in table below"
                    ExcelExport     = $true
                    ExcelWorkSheet  = 'Forest Site Links'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::ForestSiteLinks
                }
            }
            SectionDomain = [ordered] @{
                SectionPageBreak                                  = [ordered] @{
                    Use              = $True
                    PageBreaksBefore = 1
                }
                SectionDomainStarter                              = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Domain <Domain>'
                    TocListLevel    = 0
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading1'
                }
                SectionDomainIntroduction                         = [ordered] @{
                    Use                   = $true
                    TocEnable             = $True
                    TocText               = 'General Information - Domain Summary'
                    TocListLevel          = 1
                    TocListItemType       = 'Numbered'
                    TocHeadingType        = 'Heading1'
                    Text                  = "Following domain exists within forest <ForestName>:"
                    ListBuilderContent    = "Domain <DomainDN>", 'Name for fully qualified domain name (FQDN): <Domain>', 'Name for NetBIOS: <DomainNetBios>'
                    ListBuilderLevel      = 0, 1, 1
                    ListBuilderType       = 'Bulleted', 'Bulleted', 'Bulleted'
                    EmptyParagraphsBefore = 0
                }
                SectionDomainControllers                          = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'General Information - Domain Controllers'
                    TocListLevel        = 1
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainControllers
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 8
                    Text                = 'Following table contains domain controllers'
                    TextNoData          = ''
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - DCs'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainControllers
                }
                SectionDomainFSMO                                 = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::DomainFSMO
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = "FSMO Roles for <Domain>"
                    Text                  = "Following table contains FSMO servers with roles for domain <Domain>"
                    EmptyParagraphsBefore = 1
                    ExcelExport           = $true
                    ExcelWorkSheet        = '<Domain> - FSMO'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::DomainFSMO
                }
                SectionDomainDefaultPasswordPolicy                = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Password Policies'
                    TocListLevel    = 1
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainDefaultPasswordPolicy
                    TableDesign     = 'ColorfulGridAccent5'
                    TableTitleMerge = $True
                    TableTitleText  = "Default Password Policy for <Domain>"
                    Text            = 'Following table contains password policies for all users within <Domain>'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - DefaultPasswordPolicy'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainDefaultPasswordPolicy
                }
                SectionDomainFineGrainedPolicies                  = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'General Information - Fine Grained Password Policies'
                    TocListLevel        = 1
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainFineGrainedPolicies
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 8
                    TableTitleMerge     = $false
                    TableTitleText      = "Fine Grained Password Policy for <Domain>"
                    Text                = 'Following table contains fine grained password policies'
                    TextNoData          = "Following section should cover fine grained password policies. " `
                        + "There were no fine grained password polices defined in <Domain>. There was no formal requirement to have " `
                        + "them set up."
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - Password Policy (Grained)'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainFineGrainedPolicies
                }
                SectionDomainGroupPolicies                        = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Group Policies'
                    TocListLevel    = 1
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainGroupPolicies
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = "Following table contains group policies for <Domain>"
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - GroupPolicies'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainGroupPolicies
                }
                SectionDomainGroupPoliciesDetails                 = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'General Information - Group Policies Details'
                    TocListLevel        = 1
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainGroupPoliciesDetails
                    TableMaximumColumns = 6
                    TableDesign         = 'ColorfulGridAccent5'
                    Text                = "Following table contains group policies for <Domain>"
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - GroupPolicies Details'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainGroupPoliciesDetails
                }
                SectionDomainGroupPoliciesACL                     = [ordered] @{
                    Use            = $true
                    #TocEnable           = $True
                    #TocText             = 'General Information - Group Policies ACL'
                    #TocListLevel        = 1
                    #TocListItemType     = 'Numbered'
                    #TocHeadingType      = 'Heading2'
                    #TableData           = [PSWinDocumentation.ActiveDirectory]::DomainGroupPoliciesACL
                    #TableMaximumColumns = 6
                    #TableDesign         = 'ColorfulGridAccent5'
                    #Text                = "Following table contains group policies ACL for <Domain>"
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - GroupPoliciesACL'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupPoliciesACL
                }
                SectionDomainDNSSrv                               = [ordered] @{
                    Use                  = $true
                    TocEnable            = $True
                    TocText              = 'General Information - DNS A/SRV Records'
                    TocListLevel         = 1
                    TocListItemType      = 'Numbered'
                    TocHeadingType       = 'Heading2'
                    TableData            = [PSWinDocumentation.ActiveDirectory]::DomainDNSSRV
                    TableMaximumColumns  = 10
                    TableDesign          = 'ColorfulGridAccent5'
                    Text                 = "Following table contains SRV records for Kerberos and LDAP"
                    EmptyParagraphsAfter = 1
                    ExcelExport          = $true
                    ExcelWorkSheet       = '<Domain> - DNSSRV'
                    ExcelData            = [PSWinDocumentation.ActiveDirectory]::DomainDNSSRV
                }
                SectionDomainDNSA                                 = [ordered] @{
                    Use                 = $true
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainDNSA
                    TableMaximumColumns = 10
                    TableDesign         = 'ColorfulGridAccent5'
                    Text                = "Following table contains A records for Kerberos and LDAP"
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - DNSA'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainDNSA
                }
                SectionDomainTrusts                               = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'General Information - Trusts'
                    TocListLevel        = 1
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainTrusts
                    TableMaximumColumns = 6
                    TableDesign         = 'ColorfulGridAccent5'
                    Text                = "Following table contains trusts established with domains..."
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - DomainTrusts'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainTrusts
                }
                SectionDomainOrganizationalUnits                  = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'General Information - Organizational Units'
                    TocListLevel        = 1
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainOrganizationalUnits
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = "Following table contains all OU's created in <Domain>"
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - OrganizationalUnits'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainOrganizationalUnits
                }
                SectionDomainPriviligedGroup                      = [ordered] @{
                    Use             = $False
                    TocEnable       = $True
                    TocText         = 'General Information - Priviliged Groups'
                    TocListLevel    = 1
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviliged
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following table contains list of priviliged groups and count of the members in it.'
                    ChartEnable     = $True
                    ChartTitle      = 'Priviliged Group Members'
                    ChartData       = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviliged
                    ChartKeys       = 'Group Name', 'Members Count'
                    ChartValues     = 'Members Count'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - PriviligedGroupMembers'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviliged
                }
                SectionDomainUsers                                = [ordered] @{
                    Use              = $true
                    TocEnable        = $True
                    TocText          = 'General Information - Domain Users in <Domain>'
                    TocListLevel     = 1
                    TocListItemType  = 'Numbered'
                    TocHeadingType   = 'Heading1'
                    PageBreaksBefore = 1
                    Text             = 'Following section covers users information for domain <Domain>. '
                }
                SectionDomainUsersCount                           = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Users Count'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainUsersCount
                    TableDesign     = 'ColorfulGridAccent5'
                    TableTitleMerge = $true
                    TableTitleText  = 'Users Count'
                    Text            = "Following table and chart shows number of users in its categories"
                    ChartEnable     = $True
                    ChartTitle      = 'Users Count'
                    ChartData       = [PSWinDocumentation.ActiveDirectory]::DomainUsersCount
                    ChartKeys       = 'Keys'
                    ChartValues     = 'Values'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - UsersCount'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainUsersCount
                }
                SectionDomainAdministrators                       = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Domain Administrators'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainAdministratorsRecursive
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following users have highest priviliges and are able to control a lot of Windows resources.'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - DomainAdministrators'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainAdministratorsRecursive
                }
                SectionEnterpriseAdministrators                   = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Enterprise Administrators'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainEnterpriseAdministratorsRecursive
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following users have highest priviliges across Forest and are able to control a lot of Windows resources.'
                    TextNoData      = 'No Enterprise Administrators users were defined for this domain.'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - EnterpriseAdministrators'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainEnterpriseAdministratorsRecursive
                }
                SectionDomainComputers                            = [ordered] @{
                    Use              = $true
                    TocEnable        = $True
                    TocText          = 'General Information - Computer Objects in <Domain>'
                    TocListLevel     = 1
                    TocListItemType  = 'Numbered'
                    TocHeadingType   = 'Heading1'
                    PageBreaksBefore = 1
                    Text             = 'Following section covers computers information for domain <Domain>. '
                }
                DomainComputers                                   = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Computers'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainComputers
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following client computers are created in <Domain>.'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - DomainComputers'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainComputers
                }
                DomainComputersCount                              = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::DomainComputersCount
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'Computers Count'
                    Text                  = "Following table and chart shows number of computers and their versions"
                    ChartEnable           = $True
                    ChartTitle            = 'Computers Count'
                    ChartData             = [PSWinDocumentation.ActiveDirectory]::DomainComputersCount
                    ChartKeys             = 'System Name', 'System Count'
                    ChartValues           = 'System Count'
                    ExcelExport           = $true
                    ExcelWorkSheet        = '<Domain> - DomainComputersCount'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::DomainComputersCount
                    EmptyParagraphsBefore = 1
                }
                DomainServers                                     = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Servers'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainServers
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following client computers are created in <Domain>.'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - DomainComputers'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainServers
                }
                DomainServersCount                                = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::DomainServersCount
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'Servers Count'
                    Text                  = "Following table and chart shows number of servers and their versions"
                    ChartEnable           = $True
                    ChartTitle            = 'Servers Count'
                    ChartData             = [PSWinDocumentation.ActiveDirectory]::DomainServersCount
                    ChartKeys             = 'System Name', 'System Count'
                    ChartValues           = 'System Count'
                    ExcelExport           = $true
                    ExcelWorkSheet        = '<Domain> - DomainServersCount'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::DomainServersCount
                    EmptyParagraphsBefore = 1
                }
                DomainComputersUnknown                            = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'General Information - Unknown Computer Objects'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainComputersUnknown
                    TableDesign     = 'ColorfulGridAccent5'
                    Text            = 'Following client computers are not asisgned to clients or computers in <Domain>.'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - ComputersUnknown'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainComputersUnknown
                }
                DomainComputersUnknownCount                       = [ordered] @{
                    Use                   = $true
                    TableData             = [PSWinDocumentation.ActiveDirectory]::DomainComputersUnknownCount
                    TableDesign           = 'ColorfulGridAccent5'
                    TableTitleMerge       = $true
                    TableTitleText        = 'Unknown Computers Count'
                    Text                  = "Following table and chart shows number of unknown object computers in domain."
                    ExcelExport           = $false
                    ExcelWorkSheet        = '<Domain> - ComputersUnknownCount'
                    ExcelData             = [PSWinDocumentation.ActiveDirectory]::DomainComputersUnknownCount
                    EmptyParagraphsBefore = 1
                }
                SectionPasswordQuality                            = [ordered] @{
                    ### Enables section
                    Use              = $true
                    ### Decides how TOC should be visible
                    TocEnable        = $True
                    TocText          = 'Domain Password Quality'
                    TocListLevel     = 1
                    TocListItemType  = 'Numbered'
                    TocHeadingType   = 'Heading1'
                    ### Text is added before table/list
                    Text             = "This section provides overview about password quality used in <Domain>. One should review if all those potentially" `
                        + " dangerous approaches to password quality should be left as is or addressed in one way or another."
                    TextAlignment    = 'Both'
                    PageBreaksAfter  = 0
                    PageBreaksBefore = 1
                }
                DomainPasswordClearTextPassword                   = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Passwords with Reversible Encryption'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordClearTextPassword
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Passwords of these accounts are stored using reversible encryption.'
                    TextNoData          = 'There are no accounts that have passwords stored using reversible encryption.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordClearText'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordClearTextPassword
                }
                DomainPasswordLMHash                              = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Passwords with LM Hash'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordLMHash
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'LM-hashes is the oldest password storage used by Windows, dating back to OS/2 system.' `
                        + ' Due to the limited charset allowed, they are fairly easy to crack. Following accounts are affected:'
                    TextNoData          = 'LM-hashes is the oldest password storage used by Windows, dating back to OS/2 system.' `
                        + ' There were no accounts found that use LM Hashes.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordLMHash'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordLMHash
                }
                DomainPasswordEmptyPassword                       = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Empty Passwords'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordEmptyPassword
                    TableMaximumColumns = 4
                    TableDesign         = 'ColorfulGridAccent5'
                    Text                = 'Following accounts have no password set:'
                    TextNoData          = 'There are no accounts in <Domain> that have no password set.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordEmpty'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordEmptyPassword
                }
                DomainPasswordWeakPassword                        = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Known passwords'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordWeakPassword
                    TableMaximumColumns = 4
                    TableDesign         = 'ColorfulGridAccent5'
                    Text                = "Passwords of these accounts have been found in given dictionary. It's highely recommended to " `
                        + "notify those users and ask them to change their passwords asap!"
                    TextNoData          = 'There were no passwords found that match given dictionary.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordKnown'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordWeakPassword
                }
                DomainPasswordDefaultComputerPassword             = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Default Computer Password'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDefaultComputerPassword
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'These computer objects have their password set to default:'
                    TextNoData          = 'There were no accounts found that match default computer password criteria.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordDefaultComputer'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDefaultComputerPassword
                }
                DomainPasswordPasswordNotRequired                 = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Password Not Required'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPasswordNotRequired
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'These accounts are not required to have a password. For some accounts it may be perfectly acceptable ' `
                        + ' but for some it may not. Those accounts should be reviewed and accepted or changed to proper security.'
                    TextNoData          = 'There were no accounts found that does not require password.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordNotRequired'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPasswordNotRequired
                }
                DomainPasswordPasswordNeverExpires                = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Non expiring passwords'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPasswordNeverExpires
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Following account have do not expire password policy set on them. Those accounts should be reviewed whether ' `
                        + 'allowing them to never expire is good idea and accepted risk.'
                    TextNoData          = 'There are no accounts in <Domain> that never expire.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordNeverExpire'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPasswordNeverExpires
                }
                DomainPasswordAESKeysMissing                      = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - AES Keys Missing'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordAESKeysMissing
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Following accounts have their Kerberos AES keys missing'
                    TextNoData          = 'There are no accounts that hvae their Kerberos AES keys missing.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordAESMissing'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordAESKeysMissing
                }
                DomainPasswordPreAuthNotRequired                  = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Kerberos Pre-Auth Not Required'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPreAuthNotRequired
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Kerberos pre-authentication is not required for these accounts'
                    TextNoData          = 'There were no accounts found that do not require pre-authentication.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordPreAuthNot'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordPreAuthNotRequired
                }
                DomainPasswordDESEncryptionOnly                   = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Only DES Encryption Allowed'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDESEncryptionOnly
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Only DES encryption is allowed to be used with these accounts'
                    TextNoData          = 'There are no account that require only DES encryption.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordDESEncr'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDESEncryptionOnly
                }
                DomainPasswordDelegatableAdmins                   = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Delegatable to Service'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDelegatableAdmins
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'These accounts are allowed to be delegated to a service:'
                    TextNoData          = 'No accounts were found that are allowed to be delegated to a service.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordDelegatable'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDelegatableAdmins
                }
                DomainPasswordDuplicatePasswordGroups             = [ordered] @{
                    Use                 = $true
                    TocEnable           = $True
                    TocText             = 'Password Quality - Groups of Users With Same Password'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDuplicatePasswordGroups
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = 'Following groups of users have same passwords:'
                    TextNoData          = 'There are no 2 passwords that are the same in <Domain>.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - PasswordGroups'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordDuplicatePasswordGroups
                }
                DomainPasswordHashesWeakPassword                  = [ordered] @{
                    Use                 = $false
                    TocEnable           = $True
                    TocText             = 'Password Quality - Leaked Passwords'
                    TocListLevel        = 2
                    TocListItemType     = 'Numbered'
                    TocHeadingType      = 'Heading2'
                    TableData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordHashesWeakPassword
                    TableDesign         = 'ColorfulGridAccent5'
                    TableMaximumColumns = 4
                    Text                = "Passwords of these accounts have been found in given HASH dictionary (https://haveibeenpwned.com/). It's highely recommended to " `
                        + "notify those users and ask them to change their passwords asap!"
                    TextNoData          = 'There were no passwords found that match in given dictionary.'
                    ExcelExport         = $true
                    ExcelWorkSheet      = '<Domain> - LeakedPasswords'
                    ExcelData           = [PSWinDocumentation.ActiveDirectory]::DomainPasswordHashesWeakPassword
                }
                DomainPasswordStats                               = [ordered] @{
                    Use             = $true
                    TocEnable       = $True
                    TocText         = 'Password Quality - Statistics'
                    TocListLevel    = 2
                    TocListItemType = 'Numbered'
                    TocHeadingType  = 'Heading2'
                    TableData       = [PSWinDocumentation.ActiveDirectory]::DomainPasswordStats
                    TableDesign     = 'ColorfulGridAccent5'
                    TableTitleMerge = $true
                    TableTitleText  = 'Password Quality Statistics'
                    Text            = "Following table and chart shows password statistics"
                    ChartEnable     = $True
                    ChartTitle      = 'Password Statistics'
                    ChartData       = [PSWinDocumentation.ActiveDirectory]::DomainPasswordStats
                    ChartKeys       = 'Keys'
                    ChartValues     = 'Values'
                    ExcelExport     = $true
                    ExcelWorkSheet  = '<Domain> - PasswordStats'
                    ExcelData       = [PSWinDocumentation.ActiveDirectory]::DomainPasswordStats
                }
                SectionExcelDomainOrganizationalUnitsBasicACL     = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - OU ACL Basic'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainOrganizationalUnitsBasicACL
                }
                SectionExcelDomainOrganizationalUnitsExtended     = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - OU ACL Extended'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainOrganizationalUnitsExtended
                }
                SectionExcelDomainUsers                           = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Users'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsers
                }
                SectionExcelDomainUsersAll                        = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Users All'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersAll
                }
                SectionExcelDomainUsersSystemAccounts             = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Users System'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersSystemAccounts
                }
                SectionExcelDomainUsersNeverExpiring              = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Never Expiring'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersNeverExpiring
                }
                SectionExcelDomainUsersNeverExpiringInclDisabled  = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Never Expiring incl Disabled'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersNeverExpiringInclDisabled
                }
                SectionExcelDomainUsersExpiredInclDisabled        = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Expired incl Disabled'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersExpiredInclDisabled
                }
                SectionExcelDomainUsersExpiredExclDisabled        = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Expired excl Disabled'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersExpiredExclDisabled
                }
                SectionExcelDomainUsersFullList                   = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Users List Full'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainUsersFullList
                }
                SectionExcelDomainComputersFullList               = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Computers List'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainComputersFullList
                }
                SectionExcelDomainGroupsFullList                  = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Groups List'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsFullList
                }
                SectionExcelDomainGroupsRest                      = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Groups'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroups
                }
                SectionExcelDomainGroupsSpecial                   = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Groups Special'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsSpecial
                }
                SectionExcelDomainGroupsPriviliged                = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Groups Priv'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviliged
                }
                SectionExcelDomainGroupMembers                    = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsMembers
                }
                SectionExcelDomainGroupMembersSpecial             = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members Special'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsSpecialMembers
                }
                SectionExcelDomainGroupMembersPriviliged          = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members Priv'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviligedMembers
                }
                SectionExcelDomainGroupMembersRecursive           = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members Rec'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsMembersRecursive
                }
                SectionExcelDomainGroupMembersSpecialRecursive    = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members RecSpecial'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsSpecialMembersRecursive
                }
                SectionExcelDomainGroupMembersPriviligedRecursive = [ordered] @{
                    Use            = $true
                    ExcelExport    = $true
                    ExcelWorkSheet = '<Domain> - Members RecPriv'
                    ExcelData      = [PSWinDocumentation.ActiveDirectory]::DomainGroupsPriviligedMembersRecursive
                }
            }
        }
    }
}
Start-Documentation -Document $Document -Verbose

Posty powiązane