Creating Policy Rule Reports
In Microsoft Internet Security and Acceleration (ISA) Server, reports containing information about policy rules can be created by retrieving the properties of the objects that represent these rules. The Microsoft Visual Basic Scripting Edition (VBScript) code in PolicyRulesReport.vbs (script below) retrieves the collection of system policy rules and the collection of policy rules, and iterates through the collections, generating a report that includes the names of the rules with an indication of whether each rule is enabled. The script can be modified to generate reports that include other properties of the rules.
Usage:Cscript PolicyRulesReport.vbs
To create a policy rules report
Create an instance of the FPC COM object, which provides access to the other ISA Server administration COM objects.
Declare an FPCArray object, two FPCPolicyRules collections, and an FPCPolicyRule object.
Get references to the existing FPCArray object, the FPCPolicyRules collection for the system policy rules, and the FPCPolicyRules collection for the ordinary policy rules.
In a For loop, iterate the objects in the system policy rules collection. For each system policy rule, retrieve the values of the Enabled property and display the name of the rule followed by an indication of whether the rule is enabled or disabled.
In a For loop, iterate the objects in the policy rules collection. For each policy rule, retrieve the values of the Enabled property and display the name of the rule followed by an indication of whether the rule is enabled or disabled.
Script listing: PolicyRulesReport.vbs
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Copyright (c) Microsoft Corporation. All rights reserved.
' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
' HEREBY PERMITTED.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This script retrieves the collection of system policy rules and the
' collection of policy rules and implicitly uses the _NewEnum property to
' iterate through the collections and display the names of the rules with
' an indication of whether each rule is enabled.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Sub IteratePolicyRules()
' Create the root obect.
Set root = CreateObject("FPC.Root")
' Declare the other objects needed.
Dim array ' An FPCArray object
Dim spRules ' An FPCPolicyRules collection
Dim rules ' An FPCPolicyRules collection
Dim rule ' An FPCPolicyRule object
Dim isEnabled ' A string
' Get references to the array object, the system
' policy rules collection, and the policy rules collection.
Set array = root.GetContainingArray()
Set spRules = array.SystemPolicy.PolicyRules
Set rules = array.ArrayPolicy.PolicyRules
' List the system policy rules and indicate whether each
' rule is enabled.
WScript.Echo "***System Policy Rules***"
For Each rule In spRules
If rule.Enabled = True Then
isEnabled = "Enabled"
Else
isEnabled = "Disabled"
End If
WScript.Echo rule.Name & ": " & isEnabled
Next
' List the policy rules and indicate whether each
' rule is enabled.
WScript.Echo vbCrLf & "***Policy Rules***"
For Each rule In rules
If rule.Enabled = True Then
isEnabled = "Enabled"
Else
isEnabled = "Disabled"
End If
WScript.Echo rule.Name & ": " & isEnabled
Next
End Sub
IteratePolicyRules