Add AD scripts and stage import instructions

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-03 09:48:59 -07:00
parent 88dc431cfa
commit aed04e8ca4
7 changed files with 726 additions and 0 deletions
--- a/scripts/Configure-TranscriptLogging.ps1
+++ b/scripts/Configure-TranscriptLogging.ps1
@@ -0,0 +1,88 @@
+<#
+.SYNOPSIS
+    Configures PowerShell transcript logging for remote sessions.
+
+.DESCRIPTION
+    Enables comprehensive transcript logging via registry settings,
+    creates the logging directory with proper permissions, and sets up
+    automatic log rotation.
+
+.NOTES
+    Author: ClaudeTools Automation
+    Version: 1.0
+    Run as Administrator
+#>
+
+$ErrorActionPreference = 'Stop'
+$transcriptPath = "C:\ClaudeTools\Logs\Transcripts"
+
+Write-Host "Configuring PowerShell Transcript Logging..." -ForegroundColor Cyan
+
+# Create transcript directory
+if (-not (Test-Path $transcriptPath)) {
+    New-Item -ItemType Directory -Path $transcriptPath -Force | Out-Null
+    Write-Host "Created transcript directory: $transcriptPath" -ForegroundColor Green
+}
+
+# Set permissions on transcript directory
+# Administrators: Full Control, SYSTEM: Full Control, Remote Management Users: Read/Write
+$acl = Get-Acl $transcriptPath
+$acl.SetAccessRuleProtection($true, $false)  # Disable inheritance
+
+# Add Administrators - Full Control
+$adminRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
+    "Administrators", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow"
+)
+$acl.AddAccessRule($adminRule)
+
+# Add SYSTEM - Full Control
+$systemRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
+    "SYSTEM", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow"
+)
+$acl.AddAccessRule($systemRule)
+
+# Add Remote Management Users - Modify (so they can write transcripts)
+$rmRule = New-Object System.Security.AccessControl.FileSystemAccessRule(
+    "Remote Management Users", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow"
+)
+$acl.AddAccessRule($rmRule)
+
+Set-Acl $transcriptPath $acl
+Write-Host "Set permissions on transcript directory" -ForegroundColor Green
+
+# Configure PowerShell transcript logging via registry
+$psPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription"
+
+if (-not (Test-Path $psPath)) {
+    New-Item -Path $psPath -Force | Out-Null
+}
+
+# Enable transcription
+Set-ItemProperty -Path $psPath -Name "EnableTranscripting" -Value 1 -Type DWord
+Set-ItemProperty -Path $psPath -Name "EnableInvocationHeader" -Value 1 -Type DWord
+Set-ItemProperty -Path $psPath -Name "OutputDirectory" -Value $transcriptPath -Type String
+
+Write-Host "Enabled PowerShell transcription via registry" -ForegroundColor Green
+
+# Also enable module logging for additional audit trail
+$modulePath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ModuleLogging"
+if (-not (Test-Path $modulePath)) {
+    New-Item -Path $modulePath -Force | Out-Null
+}
+Set-ItemProperty -Path $modulePath -Name "EnableModuleLogging" -Value 1 -Type DWord
+
+# Enable script block logging
+$scriptPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging"
+if (-not (Test-Path $scriptPath)) {
+    New-Item -Path $scriptPath -Force | Out-Null
+}
+Set-ItemProperty -Path $scriptPath -Name "EnableScriptBlockLogging" -Value 1 -Type DWord
+
+Write-Host "Enabled module and script block logging" -ForegroundColor Green
+
+Write-Host "`nTranscript logging configuration complete!" -ForegroundColor Green
+Write-Host "Transcripts will be saved to: $transcriptPath"
+
+# Display current settings
+Write-Host "`n--- Current Settings ---" -ForegroundColor Yellow
+Get-ItemProperty -Path $psPath | Select-Object EnableTranscripting, EnableInvocationHeader, OutputDirectory