IT Audit

The Ultimate Server Audit: Deep-Dive Inventory to Excel (VBScript) | Lazy Admin Blog

Posted on March 22, 2026 Updated on April 15, 2026

If you are facing a massive compliance audit or a data center migration, “basic” info isn’t enough. You need to know exactly what is under the hood: What roles are active? How much disk space is actually left? What random software was installed three years ago?

This VBScript is a one-stop-shop. It checks network connectivity and then scrapes WMI and the Registry to build a massive, multi-column Excel report.

What this Script Collects:

Hardware: Manufacturer, Model, CPU Type, and RAM (converted to GB).
OS Details: Version, Caption, and the exact Installation Date.
Storage: Total Size vs. Free Space (with a Red-Alert highlight if space is < 20%).
Network: DHCP status, IP, Subnet, and Gateway.
Software & Roles: Every Windows Server Role/Feature and every application listed in the Registry’s Uninstall key (including version and install date).

Preparation

Directory: Create C:\Temp on your local machine.
Input: Create a file named ServerList.txt in C:\Temp with your server names (one per line).
Excel: Ensure Microsoft Excel is installed.

The Script: Server_Inventory.vbs

' Save as Server_Inventory.vbs in C:\Temp
' lazyadminblog.com - Ultimate Inventory Script
On Error Resume Next 
dtmDate = Date
strMonth = Month(Date)
strDay = Day(Date)
strYear = Right(Year(Date),2)
strFileName = "C:\Temp\ServerInventory_" & strMonth & "-" & strDay & "-" & strYear & ".xls"
Set objExcel = CreateObject("Excel.Application") 
objExcel.Visible = True 
objExcel.Workbooks.Add 
Set fso1 = CreateObject("Scripting.FileSystemObject") 
Set pcfile = fso1.OpenTextFile("C:\Temp\ServerList.txt",1) 
Wscript.Echo "Audit in progress... Please wait!"
'--- Setup Header Row ---
Sub SetupHeader(col, text)
    objExcel.Cells(1, col).Value = text 
    objExcel.Cells(1, col).Font.Colorindex = 2
    objExcel.Cells(1, col).Font.Bold = True 
    objExcel.Cells(1, col).Interior.ColorIndex = 23 
    objExcel.Cells(1, col).Alignment = -4108 ' Center
End Sub
SetupHeader 1, "Computer Name"
SetupHeader 2, "Manufacturer"
SetupHeader 3, "Model"
SetupHeader 4, "RAM (GB)"
SetupHeader 5, "Operating System"
SetupHeader 6, "Installed Date"
SetupHeader 7, "Processor"
SetupHeader 8, "Drive"
SetupHeader 9, "Drive Size (GB)"
SetupHeader 10, "Free Space (GB)"
SetupHeader 11, "Adapter Description"
SetupHeader 12, "DHCP Enabled"
SetupHeader 13, "IP Address"
SetupHeader 14, "Subnet"
SetupHeader 15, "Gateway"
SetupHeader 16, "Roles & Features"
SetupHeader 17, "Installed Software"
SetupHeader 18, "Install Date"
SetupHeader 19, "Version"
SetupHeader 20, "Size"
y = 2 
Do While Not pcfile.AtEndOfStream 
    computerName = pcfile.ReadLine 
    Err.Clear 
    Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & computerName & "\root\cimv2") 
    
    If Err.Number = 0 Then 
        ' Fetch Queries
        Set colSettings = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem") 
        Set colOSSettings = objWMIService.ExecQuery("SELECT * FROM Win32_OperatingSystem")
        Set colProcSettings = objWMIService.ExecQuery("SELECT * FROM Win32_Processor")
        Set colDiskSettings = objWMIService.ExecQuery("Select * from Win32_LogicalDisk Where DriveType=3")
        Set colAdapters = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = True")
        
        For Each objComputer In colSettings 
            strManufacturer = objComputer.Manufacturer 
            strModel = objComputer.Model 
            strRAM = FormatNumber((objComputer.TotalPhysicalMemory / (1024^3)), 2)
        
            For Each objOS In colOSSettings
                strOS = objOS.Caption
                OSinstDate = CDate(Mid(objOS.InstallDate,1,4)+"/"+Mid(objOS.InstallDate,5,2)+"/"+Mid(objOS.InstallDate,7,2))
        
                For Each objProc In colProcSettings
                    strProc = objProc.Name
                    
                    ' Populate Static Info
                    objExcel.Cells(y, 1).Value = computerName 
                    objExcel.Cells(y, 2).Value = strManufacturer 
                    objExcel.Cells(y, 3).Value = strModel 
                    objExcel.Cells(y, 4).Value = strRAM 
                    objExcel.Cells(y, 5).Value = strOS 
                    objExcel.Cells(y, 6).Value = OSinstDate
                    objExcel.Cells(y, 7).Value = strProc 
                    ' Drive Logic
                    a = y
                    For Each objDisk In colDiskSettings
                        objExcel.Cells(a, 8).Value = objDisk.DeviceID
                        sz = objDisk.Size / (1024^3)
                        fr = objDisk.FreeSpace / (1024^3)
                        objExcel.Cells(a, 9).Value = FormatNumber(sz, 2)
                        objExcel.Cells(a, 10).Value = FormatNumber(fr, 2)
                        If fr < (sz * 0.2) Then objExcel.Cells(a, 10).Interior.ColorIndex = 3 ' Low Space Alert
                        a = a + 1
                    Next  
                    ' Network Logic
                    b = y
                    For Each objAdapter In colAdapters
                        objExcel.Cells(b, 11).Value = objAdapter.Description
                        objExcel.Cells(b, 12).Value = objAdapter.DHCPEnabled
                        If Not IsNull(objAdapter.IPAddress) Then objExcel.Cells(b, 13).Value = objAdapter.IPAddress(0)
                        If Not IsNull(objAdapter.IPSubnet) Then objExcel.Cells(b, 14).Value = objAdapter.IPSubnet(0)
                        If Not IsNull(objAdapter.DefaultIPGateway) Then objExcel.Cells(b, 15).Value = objAdapter.DefaultIPGateway(0)
                        b = b + 1
                    Next
                    ' Roles & Features
                    x = y
                    Set colRoleFeatures = objWMIService.ExecQuery("Select * from Win32_ServerFeature")
                    If colRoleFeatures.Count > 0 Then
                        For Each objRole In colRoleFeatures
                            objExcel.Cells(x, 16).Value = objRole.Name
                            x = x + 1
                        Next
                    Else
                        objExcel.Cells(x, 16).Value = "None Found"
                    End If
                    ' Software Registry Scan
                    s = y
                    Const HKLM = &H80000002
                    strKey = "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\"
                    Set objReg = GetObject("winmgmts://" & computerName & "/root/default:StdRegProv")
                    objReg.EnumKey HKLM, strKey, arrSubkeys
                    For Each strSubkey In arrSubkeys
                        objReg.GetStringValue HKLM, strKey & strSubkey, "DisplayName", strVal1
                        If strVal1 <> "" Then
                            objExcel.Cells(s, 17).Value = strVal1
                            objReg.GetStringValue HKLM, strKey & strSubkey, "InstallDate", strVal2
                            objExcel.Cells(s, 18).Value = strVal2
                            objReg.GetDWORDValue HKLM, strKey & strSubkey, "VersionMajor", vMaj
                            objReg.GetDWORDValue HKLM, strKey & strSubkey, "VersionMinor", vMin
                            objExcel.Cells(s, 19).Value = vMaj & "." & vMin
                            s = s + 1
                        End If
                    Next
                    ' Advance Row to next available empty spot
                    y = a
                    If b > y Then y = b
                    If x > y Then y = x
                    If s > y Then y = s
                    y = y + 1 ' Buffer line
                Next
            Next
        Next
    Else 
        objExcel.Cells(y, 1).Value = computerName 
        objExcel.Cells(y, 2).Value = "OFFLINE" 
        objExcel.Cells(y, 2).Interior.ColorIndex = 3
        y = y + 1 
    End If 
Loop 
' Final Formatting
For col = 1 To 20: objExcel.Columns(col).AutoFit: Next
objExcel.ActiveWorkbook.SaveAs strFileName
Wscript.Echo "Complete! Report saved to " & strFileName

Why it’s a Game Changer

The “Red Flag” Feature: It automatically highlights any disk with less than 20% free space in Red. This instantly tells you which servers need urgent cleanup.
Software Archeology: Most scripts skip software lists because they are messy. This script pulls directly from the Uninstall registry keys, capturing even the apps that don’t show up in standard WMI queries.
Intelligent Row Management: Because software, roles, and disks all have different counts, the script calculates the “max row” used for each server and jumps to the next clear space for the next machine.

This entry was posted in Active Directory, Scripts and tagged Capacity Planning, Excel Automation, Infrastructure Management, IT Audit, Server Inventory, Software Asset Management, SysAdmin Tools, VBScript, Windows Registry, WMI.

The Ultimate IT Compliance & Terminology Encyclopedia (2026 Edition) | Lazy Admin Blog

Posted on June 15, 2015 Updated on March 23, 2026

In the enterprise world, “Standard” is a myth. Every system you touch falls into a bucket that defines how you patch it, who can access it, and how long you keep the logs. If you misclassify a system, you’re not just breaking a rule—you’re inviting an auditor to move into your office for a month.

1. The “Big Three” of Regulatory Compliance

Sarbanes-Oxley (SOx)

Industry: Finance / Publicly Traded Companies (US).
The Focus: Preventing financial fraud.
IT Impact: Controls over who can modify financial data. If a system supports a key business financial process (ERP, Payroll, Billing), it is In-Scope for SOx.
The Issue: A failure to rotate admin passwords or an unlogged manual change to a database.

GxP (Good Practice)

Industry: Life Sciences / Pharmaceuticals / Medical Devices.
The Focus: Product safety and human life. (GMP = Manufacturing, GLP = Lab, GCP = Clinical).
IT Impact: Systems must be Validated (proven to do exactly what they say). Any uncontrolled change can “De-validate” the environment.
The Issue: Loss of clinical data or unscheduled downtime during a manufacturing run.

GDPR / CCPA / LGPD

Industry: Global / Consumer Data.
The Focus: Individual Privacy.
IT Impact: The “Right to be Forgotten.” You must be able to delete a specific user’s data from all production systems and backups upon request.
The Issue: A data leak of personal information or failing to delete data within the legal timeframe.

2. Industry-Specific Verticals

Compliance	Industry	Key Requirement
HIPAA	Healthcare (US)	Protection of ePHI (Electronic Protected Health Information). Encryption is non-negotiable.
PCI-DSS	Retail / Finance	Security of the CDE (Cardholder Data Environment). Strict network isolation for credit card traffic.
FERPA	Education (US)	Protection of student records and privacy.
FISMA	Government (US)	Security standards for federal agencies and contractors.

3. Internal Quality vs. Security Issues

Quality Issue (Non-Conformance)

A failure to follow internal Standard Operating Procedures (SOPs).

Example: You applied a patch during a blackout period without CAB approval. The server didn’t break, and it’s not a legal breach, but it is a Quality Issue because you ignored the process.

Security Issue (Breach)

An uncontrolled event that compromises the Confidentiality, Integrity, or Availability of data.

Example: Social engineering (phishing), unauthorized root access, malicious code (Trojans/Worms), or theft of hardware.

4. Technical Audit Terminology

ALCOA+: The gold standard for data integrity. Data must be Attributable, Legible, Contemporaneous, Original, and Accurate.
Segregation of Duties (SoD): The person who requests a change cannot be the same person who approves it or implements it.
SOC 2 (Type I & II): An audit report demonstrating that a service provider manages data securely (Common for SaaS).
SLA (Service Level Agreement): The promised uptime. Exceeding downtime isn’t just a technical fail; it’s a Quality Issue.
Tombstone Lifetime: In AD, the number of days a deleted object is kept before being physically removed from the database (usually 60–180 days).

Lazy Admin Tip 💡

Always keep a “Compliance Map” of your server rack. Knowing which VLAN is PCI-In-Scope versus which one is just Dev/Test will save you from accidentally triggering a massive audit trail for a routine reboot.

#ITCompliance #GDPR #CyberSecurity #SysAdmin #ITAudit #EnterpriseIT #LazyAdmin #CareerDevelopment

This entry was posted in ITIL and tagged Compliance, Data Integrity, GDPR, GxP, HIPAA, Information Security, IT Audit, PCI-DSS, SOx, SysAdmin.