Commit 2c6e8ced: Multiple changes

- Check output
- Updated list generation
- Started subdomain takeover check module

Powershell/Invite.sql

@@ -0,0 +1,420 @@
+DROP USER [ERS]
+GO
+
+DROP USER [Feedback@Effectory.com]
+GO
+
+DROP USER [IntranetApps]
+GO
+
+DROP USER [InviteReplication]
+GO
+
+DROP USER [InviteTOuser]
+GO
+
+DROP USER [LiveWebClient@Effectory.com]
+GO
+
+DROP USER [mscrm_sync]
+GO
+
+DROP USER [myprojectwebservice@effectory.com]
+GO
+
+DROP USER [participant_import]
+GO
+
+DROP USER [participant_validation]
+GO
+
+DROP USER [QuestionbaseWebservice]
+GO
+
+DROP USER [scratchcardgenerator]
+GO
+
+DROP USER [SurveyCenter]
+GO
+
+DROP USER [SurveyWebJob]
+GO
+
+
+
+
+
+
+------
+------ SCRIPTED OLD
+----------
+
+
+
+
+
+
+-- [-- DB CONTEXT --] --
+USE [Invite]
+ 
+-- [-- DB USERS --] --
+ 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'BuildServer') BEGIN CREATE USER  [BuildServer] FOR LOGIN [BuildServer] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'ClearConfirmedTeamsWebJob') BEGIN CREATE USER  [ClearConfirmedTeamsWebJob] FOR LOGIN [ClearConfirmedTeamsWebJob] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'dbo') BEGIN CREATE USER  [dbo] FOR LOGIN [dbo] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'Effectory-Core-MeasurementService') BEGIN CREATE USER  [Effectory-Core-MeasurementService] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo]  END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'ERS') BEGIN CREATE USER  [ERS] FOR LOGIN [ERS] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'GatherResponseWebJob') BEGIN CREATE USER  [GatherResponseWebJob] FOR LOGIN [GatherResponseWebJob] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'GenerateFlexQuestionnaireWebjob') BEGIN CREATE USER  [GenerateFlexQuestionnaireWebjob] FOR LOGIN [GenerateFlexQuestionnaireWebjob] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'guest') BEGIN CREATE USER  [guest] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [guest] , SID = [foo]  END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'HierarchyUserImport') BEGIN CREATE USER  [HierarchyUserImport] FOR LOGIN [HierarchyUserImport] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'IntranetApps') BEGIN CREATE USER  [IntranetApps] FOR LOGIN [IntranetApps] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'InviteExport') BEGIN CREATE USER  [InviteExport] FOR LOGIN [InviteExport] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'InviteImport') BEGIN CREATE USER  [InviteImport] FOR LOGIN [InviteImport] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'InviteReplication') BEGIN CREATE USER  [InviteReplication] FOR LOGIN [InviteReplication] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'InviteResponseWebJob') BEGIN CREATE USER  [InviteResponseWebJob] FOR LOGIN [InviteResponseWebJob] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'InviteTOuser') BEGIN CREATE USER  [InviteTOuser] FOR LOGIN [InviteTOuser] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'MailingManager') BEGIN CREATE USER  [MailingManager] FOR LOGIN [MailingManager] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'mailings_webapi') BEGIN CREATE USER  [mailings_webapi] FOR LOGIN [mailings_webapi] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'mscrm_sync') BEGIN CREATE USER  [mscrm_sync] FOR LOGIN [mscrm_sync] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'participant_import') BEGIN CREATE USER  [participant_import] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo]  END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'participant_validation') BEGIN CREATE USER  [participant_validation] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo]  END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'projectcenter') BEGIN CREATE USER  [projectcenter] FOR LOGIN [projectcenter] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'QuestionbaseWebservice') BEGIN CREATE USER  [QuestionbaseWebservice] FOR LOGIN [QuestionbaseWebservice] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'QuestionnaireWebApi') BEGIN CREATE USER  [QuestionnaireWebApi] WITHOUT LOGIN WITH DEFAULT_SCHEMA = [dbo] , SID = [foo]  END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'SurveyCenter') BEGIN CREATE USER  [SurveyCenter] FOR LOGIN [SurveyCenter] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'SurveyWebJob') BEGIN CREATE USER  [SurveyWebJob] FOR LOGIN [SurveyWebJob] WITH DEFAULT_SCHEMA = [dbo] END; 
+IF NOT EXISTS (SELECT [name] FROM sys.database_principals WHERE [name] =  'SyncDemographicsWebJob') BEGIN CREATE USER  [SyncDemographicsWebJob] FOR LOGIN [SyncDemographicsWebJob] WITH DEFAULT_SCHEMA = [dbo] END; 
+-- [-- ORPHANED USERS --] --
+-- [-- DB ROLES --] --
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'ClearConfirmedTeamsWebJob'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'Effectory-Core-MeasurementService'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'ERS'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'GenerateFlexQuestionnaireWebjob'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'HierarchyUserImport'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'IntranetApps'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteImport'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteResponseWebJob'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'InviteTOuser'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'mscrm_sync'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'participant_import'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'projectcenter'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'SurveyCenter'
+EXEC sp_addrolemember @rolename = 'db_datareader', @membername = 'SurveyWebJob'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'Effectory-Core-MeasurementService'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'ERS'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'GenerateFlexQuestionnaireWebjob'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'HierarchyUserImport'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'InviteImport'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'InviteResponseWebJob'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'mscrm_sync'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'participant_import'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'projectcenter'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'SurveyCenter'
+EXEC sp_addrolemember @rolename = 'db_datawriter', @membername = 'SurveyWebJob'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'ERS'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'GenerateFlexQuestionnaireWebjob'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'InviteImport'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'mscrm_sync'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'projectcenter'
+EXEC sp_addrolemember @rolename = 'db_executor', @membername = 'SurveyWebJob'
+EXEC sp_addrolemember @rolename = 'db_owner', @membername = 'BuildServer'
+EXEC sp_addrolemember @rolename = 'db_owner', @membername = 'InviteReplication'
+ 
+-- [-- OBJECT LEVEL PERMISSIONS --] --
+DENY DELETE ON [dbo].[HierarchyEventSync] TO [_AzureParticipantsDBReadExecute]
+DENY DELETE ON [dbo].[MeasurementParticipantEventSync] TO [_AzureParticipantsDBReadExecute]
+DENY DELETE ON [dbo].[ParticipantCharacteristicEventSync] TO [_AzureParticipantsDBReadExecute]
+DENY DELETE ON [dbo].[ParticipantEventSync] TO [_AzureParticipantsDBReadExecute]
+DENY DELETE ON [dbo].[ParticipantExtraColumnValueEventSync] TO [_AzureParticipantsDBReadExecute]
+DENY EXECUTE ON [dbo].[sp_alterdiagram] TO [guest]
+DENY EXECUTE ON [dbo].[sp_creatediagram] TO [guest]
+DENY EXECUTE ON [dbo].[sp_dropdiagram] TO [guest]
+DENY EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [guest]
+DENY EXECUTE ON [dbo].[sp_helpdiagrams] TO [guest]
+DENY EXECUTE ON [dbo].[sp_renamediagram] TO [guest]
+GRANT ALTER ON [dbo].[MeasurementParticipant] TO [ClearConfirmedTeamsWebJob]
+GRANT DELETE ON [dbo].[CharacteristicQuestionnaire] TO [ClearConfirmedTeamsWebJob]
+GRANT DELETE ON [dbo].[MeasurementParticipant] TO [projectcenter]
+GRANT DELETE ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
+GRANT DELETE ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
+GRANT DELETE ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
+GRANT DELETE ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[FailedToSentMailings] TO [MailingManager]
+GRANT DELETE ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[Mailing] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingAttachment] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingDisclaimer] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingTemplate] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailingText] TO [MailingManager]
+GRANT DELETE ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[MailSP_Log] TO [MailingManager]
+GRANT DELETE ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
+GRANT DELETE ON [Mailings].[SentMailings] TO [MailingManager]
+GRANT EXECUTE ON [dbo].[get_internalcodes_by_surveyId] TO [response.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[ImportParticipantsIntoMeasurement] TO [Effectory-Core-MeasurementService]
+GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [InviteExport]
+GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [InviteImport]
+GRANT EXECUTE ON [dbo].[ImportResultsDelete] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[insert_characteristic_characteristictext_from_xml] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [myprojectwebservice@effectory.com]
+GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [participant_import]
+GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [participant_validation]
+GRANT EXECUTE ON [dbo].[internalcodes_claim] TO [response.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[internalcodes_generate] TO [response.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[internalcodes_generate] TO [scratchcardgenerator]
+GRANT EXECUTE ON [dbo].[internalcodes_get_no_available_codes] TO [response.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[internalcodes_get_no_available_codes] TO [scratchcardgenerator]
+GRANT EXECUTE ON [dbo].[offboarding_participants_invalidlist] TO [IntranetApps]
+GRANT EXECUTE ON [dbo].[ParticipantCharacteristics_Clear_By_MeasurementID] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[ParticipantCharacteristics_Clear_By_SurveyID] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[Response_webjob_previoussurvey] TO [InviteResponseWebJob]
+GRANT EXECUTE ON [dbo].[sp_alterdiagram] TO [public]
+GRANT EXECUTE ON [dbo].[sp_creatediagram] TO [public]
+GRANT EXECUTE ON [dbo].[sp_dropdiagram] TO [public]
+GRANT EXECUTE ON [dbo].[sp_helpdiagramdefinition] TO [public]
+GRANT EXECUTE ON [dbo].[sp_helpdiagrams] TO [public]
+GRANT EXECUTE ON [dbo].[sp_renamediagram] TO [public]
+GRANT EXECUTE ON [dbo].[survey_update_measurement_info] TO [projectcenter]
+GRANT EXECUTE ON [dbo].[survey_update_measurement_info_with_ece_survey_id] TO [projectcenter]
+GRANT EXECUTE ON [dbo].[SurveyCenter_DemographicAnswer_Delete] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[sync_ece_update_ece_surveyid] TO [ece.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[sync_get_participant_information] TO [SurveyCenter]
+GRANT EXECUTE ON [dbo].[sync_update_hasresponded] TO [response.service@Effectory.com]
+GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [InviteExport]
+GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [InviteImport]
+GRANT EXECUTE ON [dbo].[Update_participant_xml] TO [SurveyCenter]
+GRANT EXECUTE ON [Mailings].[GetScheduledMailings] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[GetScheduledMailings] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_service_get_data_for_status_update_mail] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_service_get_data_for_status_update_mail] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_service_get_exta_data_for_one_participant] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_service_get_exta_data_for_one_participant] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_service_get_mailings_to_send] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_service_get_mailings_to_send] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_send_to_participant] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_send_to_participant] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_status_to_error] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_service_set_mailing_status_to_error] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[mm_update_and_get_mailing_state] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[mm_update_and_get_mailing_state] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[multipleResults] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[multipleResults] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[SurveyCenter_CreateSurveyProvider] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[SurveyCenter_CreateSurveyProvider] TO [MailingManager]
+GRANT EXECUTE ON [Mailings].[SurveyCenter_WebJob_Mailing_GetScheduledMails] TO [mailing.service@Effectory.com]
+GRANT EXECUTE ON [Mailings].[SurveyCenter_WebJob_Mailing_GetScheduledMails] TO [MailingManager]
+GRANT EXECUTE ON [Query].[GetMeasurementIdBySurveyId] TO [projectcenter]
+GRANT EXECUTE ON [Query].[MyResultsUserQueries_Impersonate] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyCharacteristicCategoryQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyDownloadQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyDownloadQueries_Get_GetHierarchyNames] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkAutoMapQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkAutoMapQueries_Get_Characteristics] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyGroupLinkQueries_Get_Characteristics] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyNodeCrossingQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get_Locks] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_Get_Statusses] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Categories] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_CharacteristicCategories] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Locks] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Statusses] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyQueries_GetById_Translations] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyTreeQueries_GetById] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyHierarchyTreeQueries_GetById_CharacteristicCategories] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyQueries_GetCharacteristicsCategories] TO [projectcenter]
+GRANT EXECUTE ON [Query].[SurveyQueries_GetCharacteristicsCategories_Characteristics] TO [projectcenter]
+GRANT EXECUTE ON [Query].[ToolkitQueries_GetRespondent] TO [projectcenter]
+GRANT EXECUTE ON [Query].[ToolkitQueries_GetRespondent_Characteristics] TO [projectcenter]
+GRANT EXECUTE ON [Query].[ToolkitQueries_Search] TO [projectcenter]
+GRANT INSERT ON [dbo].[Characteristic] TO [participant_validation]
+GRANT INSERT ON [dbo].[CharacteristicCategory] TO [participant_validation]
+GRANT INSERT ON [dbo].[CharacteristicCategoryText] TO [participant_validation]
+GRANT INSERT ON [dbo].[CharacteristicText] TO [participant_validation]
+GRANT INSERT ON [dbo].[InternalCodes] TO [scratchcardgenerator]
+GRANT INSERT ON [dbo].[MeasurementParticipant] TO [projectcenter]
+GRANT INSERT ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
+GRANT INSERT ON [dbo].[MeasurementSync] TO [participant_validation]
+GRANT INSERT ON [dbo].[Participant] TO [participant_validation]
+GRANT INSERT ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
+GRANT INSERT ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
+GRANT INSERT ON [dbo].[Project] TO [participant_validation]
+GRANT INSERT ON [dbo].[SurveySyncClusterMatrix] TO [projectcenter]
+GRANT INSERT ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
+GRANT INSERT ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[FailedToSentMailings] TO [MailingManager]
+GRANT INSERT ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[Mailing] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingAttachment] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingDisclaimer] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingTemplate] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailingText] TO [MailingManager]
+GRANT INSERT ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[MailSP_Log] TO [MailingManager]
+GRANT INSERT ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
+GRANT INSERT ON [Mailings].[SentMailings] TO [MailingManager]
+GRANT SELECT ON [dbo].[Characteristic] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[Characteristic] TO [participant_validation]
+GRANT SELECT ON [dbo].[CharacteristicCategory] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[CharacteristicCategory] TO [participant_validation]
+GRANT SELECT ON [dbo].[CharacteristicCategoryText] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[CharacteristicCategoryText] TO [participant_validation]
+GRANT SELECT ON [dbo].[CharacteristicText] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[CharacteristicText] TO [participant_validation]
+GRANT SELECT ON [dbo].[InternalCodes] TO [participant_validation]
+GRANT SELECT ON [dbo].[InternalCodes] TO [scratchcardgenerator]
+GRANT SELECT ON [dbo].[Measurement] TO [QuestionnaireWebApi]
+GRANT SELECT ON [dbo].[MeasurementColumn] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[MeasurementParticipant] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[MeasurementParticipant] TO [participant_validation]
+GRANT SELECT ON [dbo].[MeasurementParticipant] TO [projectcenter]
+GRANT SELECT ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
+GRANT SELECT ON [dbo].[MeasurementSurvey] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[MeasurementSurvey] TO [participant_validation]
+GRANT SELECT ON [dbo].[MeasurementSurvey] TO [QuestionnaireWebApi]
+GRANT SELECT ON [dbo].[MeasurementSync] TO [participant_validation]
+GRANT SELECT ON [dbo].[MeasurementText] TO [QuestionnaireWebApi]
+GRANT SELECT ON [dbo].[MSsubscription_agents] TO [public]
+GRANT SELECT ON [dbo].[Participant] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[Participant] TO [participant_validation]
+GRANT SELECT ON [dbo].[ParticipantCharacteristic] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
+GRANT SELECT ON [dbo].[ParticipantExtraColumn] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[ParticipantExtraColumnValue] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [dbo].[ParticipantProjectCharacteristic] TO [participant_validation]
+GRANT SELECT ON [dbo].[Project] TO [participant_validation]
+GRANT SELECT ON [dbo].[Survey] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
+GRANT SELECT ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[FailedToSentMailings] TO [MailingManager]
+GRANT SELECT ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[Mailing] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingAttachment] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingDisclaimer] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingTemplate] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailingText] TO [MailingManager]
+GRANT SELECT ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[MailSP_Log] TO [MailingManager]
+GRANT SELECT ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
+GRANT SELECT ON [Mailings].[SentMailings] TO [MailingManager]
+GRANT SELECT ON [sys].[database_firewall_rules] TO [public]
+GRANT UPDATE ON [dbo].[InternalCodes] TO [participant_validation]
+GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [ClearConfirmedTeamsWebJob]
+GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [participant_validation]
+GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [projectcenter]
+GRANT UPDATE ON [dbo].[MeasurementParticipant] TO [SurveyCenter]
+GRANT UPDATE ON [dbo].[Participant] TO [participant_validation]
+GRANT UPDATE ON [dbo].[ParticipantCharacteristic] TO [projectcenter]
+GRANT UPDATE ON [dbo].[ParticipantCharacteristic] TO [SurveyCenter]
+GRANT UPDATE ON [dbo].[Project] TO [participant_validation]
+GRANT UPDATE ON [dbo].[Survey] TO [ece.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[DomainSendTimeExceptions] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[DomainSendTimeExceptions] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[FailedToSentMailings] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[FailedToSentMailings] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[Mailing] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[Mailing] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingAttachment] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingAttachment] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingDisclaimer] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingDisclaimer] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingTemplate] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingTemplate] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingTemplateTypeNames] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingTemplateTypeNames] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingTemplateTypes] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingTemplateTypes] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailingText] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailingText] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[MailSP_Log] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[MailSP_Log] TO [MailingManager]
+GRANT UPDATE ON [Mailings].[SentMailings] TO [mailing.service@Effectory.com]
+GRANT UPDATE ON [Mailings].[SentMailings] TO [MailingManager]
+-- [-- TYPE LEVEL PERMISSIONS --] --
+GRANT EXECUTE ON [dbo].[ParticipantIdTable] TO [Effectory-Core-MeasurementService]
+GRANT EXECUTE ON [dbo].[RespondedParticipant] TO [response.service@Effectory.com]
+ 
+-- [--DB LEVEL PERMISSIONS --] --
+GRANT ALTER TO [SyncDemographicsWebJob]
+GRANT CONNECT TO [BuildServer]
+GRANT CONNECT TO [ClearConfirmedTeamsWebJob]
+GRANT CONNECT TO [Effectory-Core-MeasurementService]
+GRANT CONNECT TO [ERS]
+GRANT CONNECT TO [GatherResponseWebJob]
+GRANT CONNECT TO [GenerateFlexQuestionnaireWebjob]
+GRANT CONNECT TO [HierarchyUserImport]
+GRANT CONNECT TO [IntranetApps]
+GRANT CONNECT TO [InviteExport]
+GRANT CONNECT TO [InviteImport]
+GRANT CONNECT TO [InviteReplication]
+GRANT CONNECT TO [InviteResponseWebJob]
+GRANT CONNECT TO [InviteTOuser]
+GRANT CONNECT TO [MailingManager]
+GRANT CONNECT TO [mailings_webapi]
+GRANT CONNECT TO [mscrm_sync]
+GRANT CONNECT TO [participant_import]
+GRANT CONNECT TO [participant_validation]
+GRANT CONNECT TO [projectcenter]
+GRANT CONNECT TO [QuestionbaseWebservice]
+GRANT CONNECT TO [QuestionnaireWebApi]
+GRANT CONNECT TO [SurveyCenter]
+GRANT CONNECT TO [SurveyWebJob]
+GRANT CONNECT TO [SyncDemographicsWebJob]
+GRANT DELETE TO [GatherResponseWebJob]
+GRANT DELETE TO [InviteExport]
+GRANT DELETE TO [projectcenter]
+GRANT DELETE TO [SyncDemographicsWebJob]
+GRANT EXECUTE TO [GatherResponseWebJob]
+GRANT EXECUTE TO [InviteExport]
+GRANT EXECUTE TO [InviteImport]
+GRANT EXECUTE TO [InviteTOuser]
+GRANT EXECUTE TO [MailingManager]
+GRANT EXECUTE TO [mailings_webapi]
+GRANT INSERT TO [GatherResponseWebJob]
+GRANT INSERT TO [InviteExport]
+GRANT INSERT TO [projectcenter]
+GRANT INSERT TO [SyncDemographicsWebJob]
+GRANT SELECT TO [GatherResponseWebJob]
+GRANT SELECT TO [InviteExport]
+GRANT SELECT TO [mailings_webapi]
+GRANT SELECT TO [SyncDemographicsWebJob]
+GRANT UNMASK TO [Effectory-Core-MeasurementService]
+GRANT UNMASK TO [MailingManager]
+GRANT UNMASK TO [mailings_webapi]
+GRANT UNMASK TO [projectcenter]
+GRANT UPDATE TO [GatherResponseWebJob]
+GRANT UPDATE TO [InviteExport]
+GRANT UPDATE TO [SyncDemographicsWebJob]
+ 
+-- [--DB LEVEL SCHEMA PERMISSIONS --] --
+GRANT ALTER ON SCHEMA::[dbo] TO [_Invite_Alter_Schema_]

Powershell/Lists/ADMusers.ps1

@@ -22,7 +22,7 @@ function Get-ADGroupName ($DN)
 function Get-GroupMemberOf ($ADGroupName)
 {
 if ($ADGroupName -eq "# Developer") {
-break
+return
 }
 $ii++; $a=0
 $Message=""; $Prefix=""
@@ -41,26 +41,29 @@ if ($DNs.count -ne 0)
         $GroupScope = (Get-ADGroup $GroupName -Properties *).GroupScope
        
         $Message="$Prefix $ADGroupName => $GroupName [$GroupCategory - $GroupScope]"
-        Write-Host $Message
+        Write-Output $Message
       
         Get-GroupMemberOf $GroupName '   '
     }# End ForEach
   }# End IF
 }#End Function
 
-function Get-UserMemberships ($ADUser)
+function Get-UserMemberships ($ADUserSID)
 {
 
-$ADUserMembers=(Get-ADUser $ADUser -Properties *).MemberOf
+    $ADUser = Get-ADUser $ADUserSID -Properties *
+$ADUserMembers=$ADUser.MemberOf
 
-Write-Host "AD-User: $ADUser" -ForegroundColor blue 
+$ADUserName = $ADUser.name
+Write-Host "AD-User: $ADUserName"
+Write-Output "AD-User: $ADUserName"
 #PrimaryGroup
-    $ADPrimaryGroupDN = (Get-ADUser  -Properties * -Filter {SamAccountName -eq $ADUser}).PrimaryGroup
+    $ADPrimaryGroupDN = (Get-ADUser  -Properties * -Filter {SID -eq $ADUserSID}).PrimaryGroup
     $ADPrimaryGroupName=(Get-ADGroupName $ADPrimaryGroupDN)
     $ADGroupCategory=(Get-ADGroup $ADPrimaryGroupName).GroupCategory
     $ADGroupScope=(Get-ADGroup $ADPrimaryGroupName).GroupScope
     $Message = "Primary Group: $ADPrimaryGroupName [$ADGroupCategory, $ADGroupScope]"
-    Write-Host $Message -BackgroundColor yellow
+    Write-Output $Message
     
 #Other groups
 foreach ($ADUserMember in $ADUserMembers)
@@ -69,9 +72,9 @@ foreach ($ADUserMember in $ADUserMembers)
     $ADGroupCategory=(Get-ADGroup $ADGroupName).GroupCategory
     $ADGroupScope=(Get-ADGroup $ADGroupName).GroupScope
     $Message = "($i) $ADGroupName [$ADGroupCategory, $ADGroupScope]"
-    Write-Host $Message -ForegroundColor black
+    Write-Output $Message 
    Get-GroupMemberOf $ADGroupName '    '
-   Write-Host " " 
+   Write-Output " " 
 }
 }
 
@@ -79,8 +82,8 @@ function Get-AllMembershipsOfUsers($ADGroupName) {
 
 $devadmaccounts = get-adgroupmember -Identity $ADGroupName -Recursive 
 foreach ($devADM in $devadmaccounts) {
-    Get-UserMemberships $devADM.name 
-       Write-Host "======================================================================================================" 
+    Get-UserMemberships $devADM.SID 
+       Write-Output "======================================================================================================" 
 }
 
 }
@@ -89,8 +92,21 @@ foreach ($devADM in $devadmaccounts) {
 #-----------------------------------------------------------------
 Clear-Host
 
-$ADUser= "DannyADM"
-Get-UserMemberships $ADUser
+#$ADUser= "Qualys"
+#Get-UserMemberships $ADUser
+
+$ADGroupName = "# Developer ADM"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Developer ADM.txt"
+
+$ADGroupName = "Domain Admins"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Domain Admins.txt"
+
+$ADGroupName = "# Developer"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Developer.txt"
+
+$ADGroupName = "# Interne Automatisering Team-Assistent"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Interne Automatisering Team-Assistent.txt"
+
+$ADGroupName = "# Interne Automatisering"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Interne Automatisering.txt"
 
-#$ADGroupName = "# Developer ADM"
-#Get-AllMembershipsOfUsers $ADGroupName 

Powershell/Lists/AzureRBAC.ps1

@@ -0,0 +1,83 @@
+#Connect-AzAccount
+
+class ResourceCheck {
+    [string] $ResourceId = ""
+    [string] $Id = ""
+    [string] $Kind = ""
+    [string] $Location = ""
+    [string] $ResourceName = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceType = ""
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+    [string] $Tag_Delete = ""
+    [string] $Tag_Split = ""
+    [string] $RBAC_RoleAssignmentId = ""
+    [string] $RBAC_Scope = ""
+    [string] $RBAC_DisplayName = ""
+    [string] $RBAC_SignInName = ""
+    [string] $RBAC_RoleDefinitionName = ""
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Creating resource RBAC assignment overview."
+Write-Host "========================================================================================================================================================================"
+
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
+
+$fileName =  "c:\temp\2020-10-21 azure_rbac.csv" 
+$fileExists = Test-Path $fileName
+If ($fileExists -eq $True) {
+    Remove-Item $fileName 
+}
+
+foreach ($subscription in $subscriptions) 
+{
+Set-AzContext -SubscriptionId $subscription.Id
+
+    $allResources = Get-AzResource 
+    
+    foreach ($resource in $allResources) {
+
+        [ResourceCheck[]]$Result = @()
+
+        try {
+            $roleAssignments = Get-AzRoleAssignment -ResourceGroupName $resource.ResourceGroupName -ResourceName $resource.ResourceName -ResourceType $resource.ResourceType # | Where-Object Scope -EQ "/"
+
+            foreach($roleAssignment in $roleAssignments) {
+            [ResourceCheck] $resourceCheck = [ResourceCheck]::new()
+                $resourceCheck.ResourceId = $resource.ResourceId
+                $resourceCheck.Id = $resource.Id
+                $resourceCheck.Kind = $resource.Kind
+                $resourceCheck.Location = $resource.Location
+                $resourceCheck.ResourceName = $resource.ResourceName
+                $resourceCheck.ResourceGroupName = $resource.ResourceGroupName
+                $resourceCheck.ResourceType = $resource.ResourceType
+                $resourceCheck.SubscriptionId = $subscription.Id
+                $resourceCheck.SubscriptionName = $subscription.Name
+                $resourceCheck.Tag_Team = $resource.Tags.team
+                $resourceCheck.Tag_Product = $resource.Tags.product
+                $resourceCheck.Tag_Environment = $resource.Tags.environment
+                $resourceCheck.Tag_Data = $resource.Tags.data
+                $resourceCheck.Tag_Delete = $resource.Tags.delete
+                $resourceCheck.Tag_Split = $resource.Tags.split
+                $resourceCheck.RBAC_RoleAssignmentId = $roleAssignment.RoleAssignmentId
+                $resourceCheck.RBAC_Scope = $roleAssignment.Scope
+                $resourceCheck.RBAC_DisplayName = $roleAssignment.DisplayName
+                $resourceCheck.RBAC_SignInName = $roleAssignment.SignInName
+                $resourceCheck.RBAC_RoleDefinitionName = $roleAssignment.RoleDefinitionName
+                
+                $Result += $resourceCheck
+                }
+        } catch {
+        }
+        $Result | Export-Csv -Path $fileName -Append -NoTypeInformation
+    }
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Done."

Powershell/Lists/Certificates.ps1

@@ -1,8 +1,8 @@
 #Connect-AzAccount
 
-$fileName =  ".\azure_appservice_certificates.csv" 
+$fileName =  ".\2020-12-23 azure_appservice_certificates (3).csv" 
 
-$subscriptions = Get-AzSubscription
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
 
 class CertificateCheck {
     [string] $SubscriptionId = ""
@@ -18,74 +18,61 @@ class CertificateCheck {
 [CertificateCheck[]]$Result = @()
 
 $StartDate=(GET-DATE)
+[CertificateCheck[]]$Result = @()
 foreach ($subscription in $subscriptions)
 {
     Set-AzContext -SubscriptionId $subscription.Id
 
-    $certs = Get-AzResource -ResourceType Microsoft.Web/certificates 
+    $certs = Get-AzResource -ResourceType Microsoft.Web/certificates -ExpandProperties -ApiVersion 2018-02-01 | Select * -Expand Properties 
     foreach ($cert in $certs) 
     {    
         $id = $cert.Id
-        $thumbprint = ($cert.Name.Split([char]"#", [char]"-"))[0]
-
-        Write-Host "Certificate $id"
-
+        
         [CertificateCheck] $certificateCheck = [CertificateCheck]::new()
 
         $certificateCheck.SubscriptionId = $subscription.Id
         $certificateCheck.CertificateId = $id
-        $certificateCheck.ThumbPrint = $thumbprint
+        $certificateCheck.ThumbPrint = $cert.Properties.thumbprint
         $certificateCheck.ResourceGroupName = $cert.ResourceGroupName
 
-        $Result += $certificateCheck
-
-    }
-}
-
-$Result | Export-Csv -Path $fileName -NoTypeInformation -Force
-
-$fileName =  ".\azure_appservice_certificates_1.csv" 
-
-foreach ($certificateCheck in $Result) 
-{ 
-    try 
-    {
-        Set-AzContext -SubscriptionId $certificateCheck.SubscriptionId
-
-        $thumbprint = $certificateCheck.ThumbPrint
-        Write-Host "thumbprint: $thumbprint"
-
-        $certificate = Get-AzWebAppCertificate -ResourceGroupName $certificateCheck.ResourceGroupName -Thumbprint $thumbprint -debug -verbose
-
-        if ($null -eq $certificate) 
+        try 
         {
-            $certificateCheck.Comment = "Could not find certificate"
-        } 
-        else 
-        {
-            try 
-            { 
-                $subjectname = $certificate.SubjectName
-                $certificateCheck.SubjectName = $subjectname
+            $thumbprint = $certificateCheck.ThumbPrint
 
-                Write-Host "Subject name: $subjectname"
+            $certificate = Get-AzWebAppCertificate -ResourceGroupName $certificateCheck.ResourceGroupName -Thumbprint $thumbprint -debug -verbose
 
-                $EndDate=[datetime]$certificate.ExpirationDate
-                $certificateCheck.ExpirationDate = $EndDate
-                $span = NEW-TIMESPAN –Start $StartDate –End $EndDate
-                $certificateCheck.TotalDays = $span.TotalDays
-            }
-            catch {
-                $certificateCheck.Comment = "Could not find expiry for certificate"
+            if ($null -eq $certificate) 
+            {
+                $certificateCheck.Comment = "Could not find certificate"
+            } 
+            else 
+            {
+                try 
+                { 
+                    $subjectname = $certificate.SubjectName
+                    $certificateCheck.SubjectName = $subjectname
+
+                    Write-Host "Subject name: $subjectname"
+
+                    $EndDate=[datetime]$certificate.ExpirationDate
+                    $certificateCheck.ExpirationDate = $EndDate
+                    $span = NEW-TIMESPAN –Start $StartDate –End $EndDate
+                    $certificateCheck.TotalDays = $span.TotalDays
+                }
+                catch {
+                    $certificateCheck.Comment = "Could not find expiry for certificate"
+                }
             }
         }
-    }
-    catch 
-    {
-        $certificateCheck.Comment = "Could not load certificate"
+        catch 
+        {
+            $certificateCheck.Comment = "Could not load certificate"
+        }
+
+        $Result += $certificateCheck
     }
 }
- 
+
 $Result | Export-Csv -Path $fileName -NoTypeInformation -Force
 
 $Result | ft

Powershell/Lists/Policies.ps1

@@ -0,0 +1,42 @@
+#Connect-AzAccount
+
+class ResourceCheck {
+    [string] $ResourceId = ""
+    [string] $Id = ""
+    [string] $Kind = ""
+    [string] $Location = ""
+    [string] $ResourceName = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceType = ""
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+    [string] $Tag_Delete = ""
+    [string] $Tag_Split = ""
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Creating policy assignment overview."
+Write-Host "========================================================================================================================================================================"
+
+# $subscriptions = Get-AzSubscription
+
+# $fileName =  "c:\temp\2020-08-12 azure_policies.csv" 
+# rm $fileName
+
+# foreach ($subscription in $subscriptions) 
+# {
+# Set-AzContext -SubscriptionId $subscription.Id
+
+#     $allAssignments = Get-AzPolicyAssignment
+#     $allAssignments | Export-Csv -Path $fileName -Append -NoTypeInformation
+# }
+
+$fileName =  "c:\temp\2020-08-14 azure_policiy_definitions.csv" 
+Get-AzPolicyDefinition -Builtin  | Export-Csv -Path $fileName -NoTypeInformation
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Done."

Powershell/Lists/Resources.ps1

@@ -22,9 +22,9 @@ Write-Host "====================================================================
 Write-Host "Creating resource overview."
 Write-Host "========================================================================================================================================================================"
 
-$subscriptions = Get-AzSubscription
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
 
-$fileName =  "c:\temp\2020-07-07 azure_resources.csv" 
+$fileName =  "c:\temp\2021-01-19 azure_resources.csv" 
 rm $fileName
 
 foreach ($subscription in $subscriptions) 

Powershell/Masterl.sql

@@ -0,0 +1,86 @@
+DROP LOGIN [BuildServer]
+GO
+
+DROP LOGIN [ClearConfirmedTeamsWebJob]
+GO
+
+DROP LOGIN [EceService]
+GO
+
+DROP LOGIN [GatherResponseWebJob]
+GO
+
+DROP LOGIN [GenerateFlexQuestionnaireWebjob]
+GO
+
+DROP LOGIN [HierarchyUserImport]
+GO
+
+DROP LOGIN [InviteImport]
+GO
+
+DROP LOGIN [InviteResponseWebJob]
+GO
+
+DROP LOGIN [MailingManager]
+GO
+
+DROP LOGIN [mailings_webapi]
+GO
+
+DROP LOGIN [projectcenter]
+GO
+
+DROP LOGIN [SSIS_Offboarding]
+GO
+
+DROP LOGIN [SyncDemographicsWebJob]
+GO
+
+DROP LOGIN [ERS]
+GO
+
+DROP LOGIN [IntranetApps]
+GO
+
+DROP LOGIN [Invite]
+GO
+
+DROP LOGIN [Inviteadm]
+GO
+
+DROP LOGIN [InviteReplication]
+GO
+
+DROP LOGIN [InviteTOuser]
+GO
+
+DROP LOGIN [mscrm_sync]
+GO
+
+DROP LOGIN [PowerBIGateway]
+GO
+
+DROP LOGIN [QuestionbaseWebservice]
+GO
+
+DROP LOGIN [SSIS_DatawarehouseExport]
+GO
+
+DROP LOGIN [SSIS_ErscExportAzureReporting]
+GO
+
+DROP LOGIN [SSISMaintenance]
+GO
+
+DROP LOGIN [SSISProjectData]
+GO
+
+DROP LOGIN [SSISUser]
+GO
+
+DROP LOGIN [SurveyCenter]
+GO
+
+DROP LOGIN [SurveyWebJob]
+GO

Powershell/Modules/Effectory.Dns/Effectory.Dns.psd1

@@ -0,0 +1,132 @@
+#
+# Module manifest for module 'Effectory.Dns'
+#
+# Generated by: Jurjen Ladenius
+#
+# Generated on: 8/11/2021
+#
+
+@{
+
+# Script module or binary module file associated with this manifest.
+RootModule = 'Effectory.Dns.psm1'
+
+# Version number of this module.
+ModuleVersion = '0.0.1'
+
+# Supported PSEditions
+# CompatiblePSEditions = @()
+
+# ID used to uniquely identify this module
+GUID = '1e64644e-639c-47d1-8816-c0e48390a6a7'
+
+# Author of this module
+Author = 'Jurjen Ladenius'
+
+# Company or vendor of this module
+CompanyName = 'Effectory B.V.'
+
+# Copyright statement for this module
+Copyright = '(c) Effectory B.V. - Jurjen Ladenius. All rights reserved.'
+
+# Description of the functionality provided by this module
+# Description = ''
+
+# Minimum version of the PowerShell engine required by this module
+# PowerShellVersion = ''
+
+# Name of the PowerShell host required by this module
+# PowerShellHostName = ''
+
+# Minimum version of the PowerShell host required by this module
+# PowerShellHostVersion = ''
+
+# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# DotNetFrameworkVersion = ''
+
+# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
+# ClrVersion = ''
+
+# Processor architecture (None, X86, Amd64) required by this module
+# ProcessorArchitecture = ''
+
+# Modules that must be imported into the global environment prior to importing this module
+# RequiredModules = @()
+
+# Assemblies that must be loaded prior to importing this module
+# RequiredAssemblies = @()
+
+# Script files (.ps1) that are run in the caller's environment prior to importing this module.
+# ScriptsToProcess = @()
+
+# Type files (.ps1xml) to be loaded when importing this module
+# TypesToProcess = @()
+
+# Format files (.ps1xml) to be loaded when importing this module
+# FormatsToProcess = @()
+
+# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
+# NestedModules = @()
+
+# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
+FunctionsToExport = 'Get-EffectoryDomainResources'
+
+# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
+CmdletsToExport = '*'
+
+# Variables to export from this module
+VariablesToExport = '*'
+
+# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.
+AliasesToExport = '*'
+
+# DSC resources to export from this module
+# DscResourcesToExport = @()
+
+# List of all modules packaged with this module
+# ModuleList = @()
+
+# List of all files packaged with this module
+# FileList = @()
+
+# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
+PrivateData = @{
+
+    PSData = @{
+
+        # Tags applied to this module. These help with module discovery in online galleries.
+        # Tags = @()
+
+        # A URL to the license for this module.
+        # LicenseUri = ''
+
+        # A URL to the main website for this project.
+        # ProjectUri = ''
+
+        # A URL to an icon representing this module.
+        # IconUri = ''
+
+        # ReleaseNotes of this module
+        # ReleaseNotes = ''
+
+        # Prerelease string of this module
+        # Prerelease = ''
+
+        # Flag to indicate whether the module requires explicit user acceptance for install/update/save
+        # RequireLicenseAcceptance = $false
+
+        # External dependent modules of this module
+        # ExternalModuleDependencies = @()
+
+    } # End of PSData hashtable
+
+} # End of PrivateData hashtable
+
+# HelpInfo URI of this module
+# HelpInfoURI = ''
+
+# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
+# DefaultCommandPrefix = ''
+
+}
+

Powershell/Modules/Effectory.Dns/Effectory.Dns.psm1

@@ -0,0 +1,15 @@
+#Requires -Modules Az.Accounts,Az.Websites,Az.FrontDoor,Az.Storage,Az.Cdn,Az.Network,Az.TrafficManager,Az.ContainerInstance
+
+<#
+.SYNOPSIS
+Find dangling DNS records
+.DESCRIPTION
+Compares DNS bindings with a previous state and checks the existence of DNS records for bindings that may have been deleted.
+#>
+
+'public', 'private' |
+    Resolve-Path -Path $PSScriptRoot -ChildPath { $_ } |
+    Get-ChildItem -Recurse -File -Filter *.ps1 |
+    ForEach-Object {
+        . $_.FullName
+    }

Powershell/Modules/Effectory.Dns/build.psd1

@@ -0,0 +1,5 @@
+@{
+    ModuleManifest           = 'Effectory.Dns.psd1'
+    OutputDirectory          = '../build'
+    VersionedOutputDirectory = $true
+}

Powershell/Modules/Effectory.Dns/classes/Effectory-DomainNameCheck.ps1

@@ -0,0 +1,13 @@
+class Effectory-DomainNameCheck {
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $ResourceId = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceName = ""
+    [string] $ResourceType = ""
+    [string] $DomainName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+}

Powershell/Modules/build.ps1

@@ -0,0 +1,41 @@
+using namespace System.Management.Automation.Language
+
+Build-Module -Path (Resolve-Path -Path $PSScriptRoot\*\build.psd1)
+
+$rootModulePath = @{
+    Path      = $PSScriptRoot
+    ChildPath = 'build\*\*\*.psm1'
+}
+$rootModule = Join-Path @rootModulePath | Resolve-Path
+$tokens = $errors = $null
+$ast = [Parser]::ParseFile(
+    $rootModule,
+    [ref]$tokens,
+    [ref]$errors
+)
+$dscResourcesToExport = $ast.FindAll(
+    {
+        param ( $node )
+
+        $node -is [TypeDefinitionAst] -and
+        $node.IsClass -and
+        $node.Attributes.TypeName.FullName -contains 'DscResource'
+    },
+    $true
+).Name
+
+if ($dscResourcesToExport) {
+    $moduleManifestPath = @{
+        Path      = $pwd
+        ChildPath = 'build\*\*\*.psd1'
+    }
+    $moduleManifest = Join-Path @moduleManifestPath |
+        Get-Item |
+        Where-Object { $_.BaseName -eq $_.Directory.Parent.Name }
+
+    $updateParams = @{
+        Path                 = $moduleManifest
+        DscResourcesToExport = $dscResourcesToExport
+    }
+    Update-ModuleManifest @updateParams
+}

Powershell/Modules/testscript.ps1

@@ -0,0 +1,3 @@
+Import-Module .\Effectory.Dns
+
+Get-EffectoryDomainResources

Powershell/ParticipantImportLog.sql

@@ -0,0 +1,11 @@
+DROP USER [participant_import]
+GO
+
+DROP USER [participant_validation]
+GO
+
+DROP USER [SSISMaintenance]
+GO
+
+DROP USER [SSISUser]
+GO

Powershell/RunBooks/SubdomainTakeOver.ps1

@@ -0,0 +1,83 @@
+Import-Module Az.Accounts
+Import-Module Az.Websites
+Import-Module Az.FrontDoor
+Import-Module Az.Storage
+Import-Module Az.Cdn
+Import-Module Az.Network
+Import-Module Az.TrafficManager
+Import-Module Az.ContainerInstance
+
+class DomainNameCheck {
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $ResourceId = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceName = ""
+    [string] $ResourceType = ""
+    [string] $DomainName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+}
+
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
+
+
+foreach ($subscription in $subscriptions) 
+{
+    context = Set-AzContext -SubscriptionId $subscription.Id
+
+    $webApps = get-azwebapp 
+    $webAppsEffectory = $webApps | Where-Object {@($_.HostNames) -like "*.effectory.com"} # app service
+
+    foreach ($webApp in $webApps) {
+        $slot = Get-AzWebAppSlot -WebApp $webApp 
+        if ($slotHostNames = $slot | Where-Object {@($_.HostNames) -like "*.effectory.com"}) {
+           # app service slots
+        }
+    }
+
+    $frontDoors = Get-AzFrontDoor
+    foreach($frontDoor in $frontDoors) {
+        if ($endPointHostNames = $frontDoor.FrontendEndpoints | Where-Object HostName -like "*.effectory.com") {
+            # frontdoor
+        }
+    }
+
+    $effectoryStorage = Get-AzStorageAccount | Where-Object { $_.CustomDomain.Name -like "*.effectory.com" } # storage accounts
+
+    $cdnProfiles = Get-AzCdnProfile
+    foreach($cdnProfile in $cdnProfiles) {
+        $cdnEndPoints = Get-AzCdnEndpoint -ProfileName $cdnProfile.Name -ResourceGroupName $cdnProfile.ResourceGroupName
+        foreach($cdnEndPoint in $cdnEndPoints) {
+            $cdnEffectory = Get-AzCdnCustomDomain -CdnEndpoint $cdnEndPoint | Where-Object HostName -Like "*.effectory.com" # cdn endpoints
+        }
+    }
+
+    $ipAddresses = Get-AzPublicIpAddress | Where-Object DnsSettings -ne $null  | Where-Object { $_.DnsSettings.DomainNameLabel -ne "" } # public ip => Assume binding ? 
+
+    $trafficManagers = Get-AzTrafficManagerProfile
+    foreach ($trafficManager in $trafficManagers) {
+        #$trafficManager.RelativeDnsName
+        # traffic manager
+    }
+
+    $containerInstances =  Get-AzContainerGroup
+    foreach ($containerInstance in  $containerInstances) {
+        #$containerInstance.Fqdn
+        #container instance
+    }
+}
+
+## TODO
+
+
+## Azure API Management	microsoft.apimanagement/service	abc.azure-api.net
+
+
+
+
+#Set-AzContext -SubscriptionId "a134faf1-7a89-4f2c-8389-06d00bd5e2a7"
+#Set-AzContext -SubscriptionId "750d0421-da63-42fb-9f89-74aeb5dfe05b"
+

Powershell/Tools/ApplyStorageAccountTls12.ps1

@@ -0,0 +1,19 @@
+#Connect-AzAccount
+
+$subscriptions = Get-AzSubscription
+
+foreach ($subscription in $subscriptions) 
+{
+    Write-Host "----------------"
+
+    Set-AzContext -SubscriptionId $subscription.Id
+
+    $allResources = Get-AzStorageAccount | Where-Object minimumTlsVersion -ne TLS1_2
+
+    foreach ($resource in $allResources) {
+        Set-AzStorageAccount -ResourceGroupName $resource.ResourceGroupName -AccountName $resource.StorageAccountName -MinimumTlsVersion TLS1_2
+    }
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Done."

Powershell/Tools/ApplyTags.ps1

@@ -19,10 +19,12 @@ function ApplyTeamTag (
 
     }
     catch {
-        Write-Warning "Could not update $resourceId"
+         Write-Warning "Could not update $resourceId"
     }
 }
 
+ApplyTeamTag -resourceId '/subscriptions/a134faf1-7a89-4f2c-8389-06d00bd5e2a7/resourceGroups/RespondentIntegrationEventSync/providers/Microsoft.KeyVault/vaults/RespondentEventSync' -subscriptionId 'a134faf1-7a89-4f2c-8389-06d00bd5e2a7' -tagValue 'orange'
+
 function ApplyProductTag (
     [string] $resourceId, 
     [string] $subscriptionId,
@@ -80,7 +82,4 @@ function ApplyDataTag (
     catch {
         Write-Warning "Could not update $resourceId"
     }
-}
-
-
-
+}

Powershell/Tools/DNS verification/DNS.ps1

@@ -1,4 +1,93 @@
-class HostCheck {
+class AppServiceHostName {
+    [string] $resourceId = ""
+    [string] $subscriptionId = ""
+    [string] $subscriptionName = ""
+    [string] $webAppName = ""
+    [string] $resourceGroupName = ""
+    [string] $slotName = ""
+    [string] $hostname  = ""
+}
+
+function Effectory-GetAppServiceHostNames () {
+    $subscriptions = Get-AzSubscription
+    [AppServiceHostName[]]$ResultGetAppServiceHostNames = @()
+
+    foreach ($subscription in $subscriptions) 
+    {
+        $subscriptionContext = Set-AzContext -SubscriptionId $subscription.Id
+        $allWebApps = Get-AzWebApp
+
+        foreach ($webApp in $allWebApps) {
+            foreach ($webappHostName in $webApp.HostNames) {
+                [AppServiceHostName] $appServiceHostName = [AppServiceHostName]::new()
+                $appServiceHostName.resourceId = $webApp.Id
+                $appServiceHostName.subscriptionId = $subscription.Id
+                $appServiceHostName.subscriptionName = $subscription.Name
+                $appServiceHostName.webAppName = $webApp.Name
+                $appServiceHostName.resourceGroupName = $webApp.ResourceGroup
+                $appServiceHostName.slotName = ""
+                $appServiceHostName.hostname = $webappHostName
+                $ResultGetAppServiceHostNames += $appServiceHostName
+            }
+
+            $webAppSlots = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup
+            foreach ($webAppSlot in $webAppSlots) {
+                foreach ($webappSlotHostName in $webAppSlot.HostNames) {
+                    [AppServiceHostName] $appServiceHostNameSlot = [AppServiceHostName]::new()
+                    $appServiceHostNameSlot.resourceId = $webApp.Id
+                    $appServiceHostNameSlot.subscriptionId = $subscription.Id
+                    $appServiceHostNameSlot.subscriptionName = $subscription.Name
+                    $appServiceHostNameSlot.webAppName = $webApp.Name
+                    $appServiceHostNameSlot.resourceGroupName = $webApp.ResourceGroup
+                    $appServiceHostNameSlot.slotName = $webappSlot.Name
+                    $appServiceHostNameSlot.hostname = $webappSlotHostName
+                    $ResultGetAppServiceHostNames += $appServiceHostNameSlot
+                }
+            }
+        }
+    }
+
+    return $ResultGetAppServiceHostNames
+}
+
+class FrontDoorHostName {
+    [string] $resourceId = ""
+    [string] $subscriptionId = ""
+    [string] $subscriptionName = ""
+    [string] $frontDoorName = ""
+    [string] $endPointName = ""
+    [string] $hostname  = ""
+}
+
+function Effectory-GetFrontDoorHostNames () {
+    $subscriptions = Get-AzSubscription
+    [FrontDoorHostName[]]$ResultGetFrontDoorHostNames = @()
+
+    foreach ($subscription in $subscriptions) 
+    {
+        $subscriptionContext = Set-AzContext -SubscriptionId $subscription.Id
+        $allFrontDoors = Get-AzFrontDoor
+
+        foreach ($frontDoor in $allFrontDoors) {
+
+            foreach ($frontDoorEndPoint in $frontDoor.FrontendEndpoints) {
+                [FrontDoorHostName] $frontDoorHostName = [FrontDoorHostName]::new()
+                $frontDoorHostName.resourceId = $frontDoor.Id
+                $frontDoorHostName.subscriptionId = $subscription.Id
+                $frontDoorHostName.subscriptionName = $subscription.Name
+                $frontDoorHostName.frontDoorName = $frontDoor.Name
+                $frontDoorHostName.endPointName = $frontDoorEndPoint.Name
+                $frontDoorHostName.hostname = $frontDoorEndPoint.HostName
+                $ResultGetFrontDoorHostNames += $frontDoorHostName
+            }
+        }
+    }
+
+    return $ResultGetFrontDoorHostNames
+}
+
+
+class HostCheck {
     [string] $HostName = ""
     [string] $Fqdn = ""
     [string] $CName = ""
@@ -29,31 +118,44 @@ function HostExistsInExternal ([HostCheck] $hostCheck, [string] $ExternalDNSServ
 function GetIPAddress ([HostCheck] $hostCheck) {
     try {
         $hostAddresses = [System.Net.Dns]::GetHostAddresses($hostCheck.Fqdn)
-
         $hostCheck.IpAddress = $hostAddresses.IPAddressToString
-        $hostCheck.Exists = $true
+        
     }
     catch { 
         try {
             $hostAddresses = [System.Net.Dns]::GetHostAddresses($hostCheck.HostName)
 
             $hostCheck.IpAddress = $hostAddresses.IPAddressToString
-            $hostCheck.Exists = $true
         }
         catch {
             $hostCheck.IpAddress = ""
-            $hostCheck.Exists = $false
         }
 
     }
     return $hostCheck
 }
 
+function TestIPConnection ([HostCheck] $hostCheck) {
+    try {
+        if (Test-Connection -TargetName $hostCheck.IpAddress -Count 1 -Quiet) {
+            $hostCheck.Exists = $true
+        }
+        else {
+            $hostCheck.Exists = $false
+        }
+    }
+    catch {
+        $hostCheck.Exists = $false
+    }
+    return $hostCheck
+}
+
 function Effectory-DNSVerify (
     [string] $ZoneName = "effectory.com", 
     [string] $DNSServer = "DC1.effectory.local",
     [string] $ExternalDNSServer = "8.8.8.8",
-    [string] $Type = "CName") {
+    [string] $Type = "CName",
+    [boolean] $DoIpCheck = $false) {
     
     Clear-DnsClientCache
 
@@ -87,8 +189,13 @@ function Effectory-DNSVerify (
         }
         $hostCheck.CName = $cname
 
-        $hostCheck = HostExistsInExternal -host $hostCheck -ExternalDNSServer $ExternalDNSServer
-        $hostCheck = GetIPAddress -host $hostCheck
+        $hostCheck = HostExistsInExternal -hostCheck $hostCheck -ExternalDNSServer $ExternalDNSServer
+        $hostCheck = GetIPAddress -hostCheck $hostCheck
+        if ($DoIpCheck) {
+            $hostCheck = TestIPConnection -hostCheck $hostCheck
+        } else {
+            $hostCheck.Exists = $hostCheck.IpAddress -ne ""
+        }
 
         $Result += $hostCheck
     }
@@ -117,8 +224,9 @@ function Effectory-DNSVerify-Csv (
         $hostCheck.CName = $DNSRecord.Cname
         $hostCheck.Fqdn = $DNSRecord.Fqdn
 
-        $hostCheck = HostExistsInExternal -host $hostCheck -ExternalDNSServer $ExternalDNSServer
-        $hostCheck = GetIPAddress -host $hostCheck
+        $hostCheck = HostExistsInExternal -hostCheck $hostCheck -ExternalDNSServer $ExternalDNSServer
+        $hostCheck = GetIPAddress -hostCheck $hostCheck
+        $hostCheck.Exists = $hostCheck.IpAddress -ne ""
 
         $Result += $hostCheck
     }
@@ -155,10 +263,13 @@ function Effectory-DNSClean-Csv (
     }
 }
 
+#Connect-AzAccount
 
-#Effectory-DNSVerify -ZoneName "effectory.com" -DNSServer "DC1.effectory.local" -ExternalDNSServer "8.8.8.8" | Export-Csv -Path .\DNS-effectory-com.csv
-#Effectory-DNSVerify -ZoneName "effectory.local" -DNSServer "DC1.effectory.local" -ExternalDNSServer "DC2.effectory.local" | Export-Csv -Path .\DNS-effectory-local.csv
-Effectory-DNSVerify-Csv -FileName .\Book1.csv -ExternalDNSServer "8.8.8.8" | Export-Csv -Path .\DNS-vip.csv
+#Effectory-DNSVerify -ZoneName "effectory.com" -DNSServer "DC1.effectory.local" -ExternalDNSServer "8.8.8.8" | Export-Csv -Path ".\2021-06-01 DNS-effectory-com.csv"
+#Effectory-DNSVerify -ZoneName "effectory.local" -DNSServer "DC1.effectory.local" -ExternalDNSServer "DC2.effectory.local" -DoIpCheck $true | Export-Csv -Path ".\2021-06-01 DNS-effectory-local.csv" 
+#Effectory-DNSVerify-Csv -FileName .\vip-effectory-com.csv -ExternalDNSServer "8.8.8.8" | Export-Csv -Path ".\2021-06-01 DNS-vip-effectory-com.csv"
+#Effectory-GetAppServiceHostNames | Export-Csv -Path ".\2021-06-01 AppService Hosts.csv"
+Effectory-GetFrontDoorHostNames | Export-Csv -Path ".\2021-06-01 FrontDoor Hosts.csv"
 
 # | Format-Table
 # | Export-Csv -Path .\DNS-xxxx.csv