alexverboon · November 19, 2019 21:34
diff --git a/Get-ADSysVolPolicyFolders.ps1 b/Get-ADSysVolPolicyFolders.ps1
 function Get-ADSysVolPolicyFolders
 {
 <#
 .Synopsis
   Verify-ADSysVolPolicyFolders
 .DESCRIPTION
   Get-ADSysVolPolicyFolders retrieves all the folders within the SYSVOL\Policies folder and checks
   whether it belongs to an existing Group Policy object. 

   Use this script to identify orphan group policy content folders that can be removed.

 .EXAMPLE
   $data = Get-ADSysVolPolicyFolders
   $data | Select-Object FolderSize,Name,GPOName,GPOObjExists 


   FolderSize Name                                   GPOName                                                
    ---------- ----                                   -------                                                
    33470      {00CA0D87-EB0C-4DFD-A8FA-421320446A77} Server-Base01
    60100      {019A6486-6726-49F4-B4BA-164D94269FA5} Server-Base02
    6061       {02BC5F2A-26FA-4DC3-90D8-C41F8301C521} Client-Base01
    -1         {0308D5F0-5126-44A2-8A34-4271F5050C72}                                                        
    -1         {048BB9DE-1B46-43B0-8E08-05F4BEA5C39F}         

 #>
    [CmdletBinding()]
    Param
    (
    )

    Begin
    {
        $GPOModuleName = "GroupPolicy"
        if((Get-Module GroupPolicy) -eq $null)
        {
            if (Get-Module -ListAvailable | Where-Object {$_.Name -eq $GPOModuleName})
            {
                Try{
                Import-Module $GPOModuleName -Verbose
                }
                Catch{
                    Write-Error "There was a problem loading PowerShell module $GPOModuleName"
                    Break
                }
            }
            Else
            {
                Write-Error "PowerShell module $GPOModuleName is not available, check if GPMC is installed"
                Break
            }
        }


        $domain = (Get-WmiObject Win32_ComputerSystem).Domain
        If ([string]::IsNullOrEmpty($domain))
        {
            Write-Error "Could not retrieve domain information"
            Break
        }


        $AllGPOs = get-gpo -all
        $PolDefPath = "\\$domain\SYSVOL\$domain\Policies\"
        $PoliciesFolders = (Get-ChildItem -Path $PolDefPath -Directory -Exclude "Templates","PolicyDefinitions") 
    }
    Process
    {
        ForEach ($PolicyContentFolder in $PoliciesFolders)
        {
            $GPOGuid = "$($PolicyContentFolder.Name)" -replace '\{(.*)\}','$1'
            Write-verbose "Checking: $GPOGuid"
            $GPOInfo = $AllGPOs | Where-Object {$_.id -eq "$GPOGuid"}
            If ([string]::IsNullOrEmpty($GPOInfo))
            {
                $GPOObjExists = $false
                $GPOName = ""
                $GPODomainName = ""
                $GPOStatus = ""
                $GPOModificationTime = ""
            }
            Else
            {
                $GPOObjExists = $true
                $GPOName = $GPOInfo.DisplayName
                $GPODomainName = $GPOInfo.DomainName
                $GPOStatus = $GPOInfo.GpoStatus
                $GPOModificationTime = $GPOInfo.ModificationTime
            }

            Try{
                $PolicyContentFolderSize = 0
                $PolicyContentFolderSize =  ((Get-ChildItem ("$($PolicyContentFolder.FullName)") -Recurse) | Measure-Object -Property Length -Sum -ErrorAction Stop).Sum
                $PolicyContentFolderSize = [math]::Round($PolicyContentFolderSize,2)
            }
            Catch{
                $PolicyContentFolderSize = -1
            }

            # Add GPO Reference Information to 
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "FolderSize" -Value "$PolicyContentFolderSize"
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "GPOObjExists" -Value "$GPOObjExists"
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "GPOName" -Value "$GPOName"
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "GPODomainName" -Value "$GPODomainName"
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "GPOStatus" -Value "$GPOStatus"
            $PolicyContentFolder | Add-Member -MemberType NoteProperty -Name "GPOModificationTime" -Value "$GPOModificationTime"

       }
    }
    End
    {
        $PoliciesFolders 
    }
 }
	function Get-ADSysVolPolicyFolders
	{
	<#
	.Synopsis
	Verify-ADSysVolPolicyFolders
	.DESCRIPTION
	Get-ADSysVolPolicyFolders retrieves all the folders within the SYSVOL\Policies folder and checks
	whether it belongs to an existing Group Policy object.

	Use this script to identify orphan group policy content folders that can be removed.

	.EXAMPLE
	$data = Get-ADSysVolPolicyFolders
	$data \| Select-Object FolderSize,Name,GPOName,GPOObjExists


	FolderSize Name GPOName
	---------- ---- -------
	33470 {00CA0D87-EB0C-4DFD-A8FA-421320446A77} Server-Base01
	60100 {019A6486-6726-49F4-B4BA-164D94269FA5} Server-Base02
	6061 {02BC5F2A-26FA-4DC3-90D8-C41F8301C521} Client-Base01
	-1 {0308D5F0-5126-44A2-8A34-4271F5050C72}
	-1 {048BB9DE-1B46-43B0-8E08-05F4BEA5C39F}

	#>
	[CmdletBinding()]
	Param
	(
	)

	Begin
	{
	$GPOModuleName = "GroupPolicy"
	if((Get-Module GroupPolicy) -eq $null)
	{
	if (Get-Module -ListAvailable \| Where-Object {$_.Name -eq $GPOModuleName})
	{
	Try{
	Import-Module $GPOModuleName -Verbose
	}
	Catch{
	Write-Error "There was a problem loading PowerShell module $GPOModuleName"
	Break
	}
	}
	Else
	{
	Write-Error "PowerShell module $GPOModuleName is not available, check if GPMC is installed"
	Break
	}
	}


	$domain = (Get-WmiObject Win32_ComputerSystem).Domain
	If ([string]::IsNullOrEmpty($domain))
	{
	Write-Error "Could not retrieve domain information"
	Break
	}


	$AllGPOs = get-gpo -all
	$PolDefPath = "\\$domain\SYSVOL\$domain\Policies\"
	$PoliciesFolders = (Get-ChildItem -Path $PolDefPath -Directory -Exclude "Templates","PolicyDefinitions")
	}
	Process
	{
	ForEach ($PolicyContentFolder in $PoliciesFolders)
	{
	$GPOGuid = "$($PolicyContentFolder.Name)" -replace '\{(.*)\}','$1'
	Write-verbose "Checking: $GPOGuid"
	$GPOInfo = $AllGPOs \| Where-Object {$_.id -eq "$GPOGuid"}
	If ([string]::IsNullOrEmpty($GPOInfo))
	{
	$GPOObjExists = $false
	$GPOName = ""
	$GPODomainName = ""
	$GPOStatus = ""
	$GPOModificationTime = ""
	}
	Else
	{
	$GPOObjExists = $true
	$GPOName = $GPOInfo.DisplayName
	$GPODomainName = $GPOInfo.DomainName
	$GPOStatus = $GPOInfo.GpoStatus
	$GPOModificationTime = $GPOInfo.ModificationTime
	}

	Try{
	$PolicyContentFolderSize = 0
	$PolicyContentFolderSize = ((Get-ChildItem ("$($PolicyContentFolder.FullName)") -Recurse) \| Measure-Object -Property Length -Sum -ErrorAction Stop).Sum
	$PolicyContentFolderSize = [math]::Round($PolicyContentFolderSize,2)
	}
	Catch{
	$PolicyContentFolderSize = -1
	}

	# Add GPO Reference Information to
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "FolderSize" -Value "$PolicyContentFolderSize"
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "GPOObjExists" -Value "$GPOObjExists"
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "GPOName" -Value "$GPOName"
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "GPODomainName" -Value "$GPODomainName"
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "GPOStatus" -Value "$GPOStatus"
	$PolicyContentFolder \| Add-Member -MemberType NoteProperty -Name "GPOModificationTime" -Value "$GPOModificationTime"

	}
	}
	End
	{
	$PoliciesFolders
	}
	}