Larry Roberts

Enterprise IT Automation & Security

20+ years managing Windows Server, Active Directory, and Microsoft 365 environments. I build PowerShell tooling that turns manual runbooks into repeatable, auditable automation.

Active Directory Entra ID / Azure AD Microsoft 365 PowerShell Exchange Online VMware ESXi Windows Server Cisco Meraki Group Policy Intune Security Auditing Infrastructure Monitoring

Open-Source Projects

ToolBridge-MCP

Universal MCP server that exposes tools from any language to any AI. Manifest-driven, zero dependencies, language agnostic. Auto-discovers PowerShell modules and serves 111+ tools across 22 modules over the Model Context Protocol.

MCPAIPowerShellPythonBashUniversal
python run_server.py

EntraID-SecurityAudit

Entra ID (Azure AD) security auditing. Risky users, app permission sprawl, sign-in anomalies, privileged role review, and PIM status.

Entra IDIdentityMFAPIM
Install-Module EntraID-SecurityAudit

M365-SecurityBaseline

Microsoft 365 tenant security baseline. MFA enrollment gaps, Conditional Access review, mailbox forwarding rules, guest account hygiene.

M365SecurityMFACompliance
Install-Module M365-SecurityBaseline

AD-SecurityAudit

Active Directory security and compliance auditing. Stale accounts, local admin sprawl, orphaned SIDs, privileged group review.

ADSecuritySOC2HIPAA
Install-Module AD-SecurityAudit

AD-UserLifecycle

AD user lifecycle automation. Template-based provisioning, offboarding with data archival, and flexible reporting.

ADProvisioningOffboardingAutomation
Install-Module AD-UserLifecycle

Infra-HealthDashboard

Windows server infrastructure health dashboard. Disk space, service status, uptime, and pending updates via CIM across your fleet.

InfrastructureMonitoringCIMHealth
Install-Module Infra-HealthDashboard

Intune-ComplianceReport

Intune compliance and device management reporting. Device compliance, app install failures, policy assignment gaps, and Autopilot readiness.

IntuneMDMComplianceAutopilot
Install-Module Intune-ComplianceReport

Exchange-MigrationAssessment

Exchange to Microsoft 365 migration pre-assessment. Mailbox inventory, distribution groups, mail flow rules, public folder analysis.

ExchangeMigrationM365Assessment
Install-Module Exchange-MigrationAssessment

AD-LinuxInventory

Register Linux, macOS, FreeBSD, and any non-Windows system in AD with full OS details. Includes a self-registration agent that boxes install to announce themselves automatically.

ADLinuxmacOSSelf-Register
Install-Module AD-LinuxInventory

GPO-HealthAudit

Group Policy health auditing. Find stale, empty, and unlinked GPOs, review permission sprawl, and generate cleanup recommendations.

GPOGroup PolicyCleanupAudit
Install-Module GPO-HealthAudit

Certificate-LifecycleMonitor

Certificate lifecycle monitoring across your fleet. Expiring certs, weak algorithms, IIS binding audits, and certificate store inventory.

PKICertificatesIISExpiration
Install-Module Certificate-LifecycleMonitor

NTFS-PermissionAudit

NTFS permission auditing. Broken inheritance, direct user ACEs, nested group analysis, and share permission reporting.

NTFSPermissionsACLShares
Install-Module NTFS-PermissionAudit

ServiceAccount-Audit

Service account security auditing. SPN analysis, Kerberoasting risk assessment, password age tracking, and usage monitoring.

SecuritySPNKerberosService Accounts
Install-Module ServiceAccount-Audit

M365-LicenseOptimizer

Microsoft 365 license optimization. Identify inactive licensed users, underutilized subscriptions, and generate cost savings reports.

M365LicensingCost SavingsOptimization
Install-Module M365-LicenseOptimizer

LocalPolicy-ToGPO

Export local firewall rules and security policies to Group Policy Objects. Read-only on source — never modifies local policy. Just link the GPO.

GPOFirewallMigrationSecurity Policy
Install-Module LocalPolicy-ToGPO

Admin-UserLookup

Universal user lookup. One command to see AD account, M365 licenses, Intune devices, MFA status, and sign-in history for any user.

UserADM365IntuneMFA
Install-Module Admin-UserLookup

Admin-MorningBrief

Daily admin command center. Locked accounts, disk alerts, security events, expiring certificates — prioritized in one dashboard.

DashboardAlertsMorning BriefMonitoring
Install-Module Admin-MorningBrief

Infra-ChangeTracker

Infrastructure change tracking across AD, GPO, DNS, and server configs. Answers "who changed what and when" with full attribution.

Change TrackingADGPODNSAudit
Install-Module Infra-ChangeTracker

Infra-LivingDoc

AI-powered living documentation. Feed in old docs, AI extracts facts, PowerShell verifies against reality. Keeps IT documentation accurate forever.

AIDocumentationDriftVerification
Install-Module Infra-LivingDoc

ITSM-Insights

ITSM ticket intelligence. AI-powered summaries from ServiceNow or Jira. CI history, recurring issue detection, and knowledge gap analysis.

ServiceNowAIITSMTicketsKnowledge
Install-Module ITSM-Insights

GitHub-RepoWatch

Monitor GitHub repos and PSGallery for new issues, comments, PRs, stars, and downloads. Scheduled email digests so you never miss feedback.

GitHubPSGalleryMonitoringEmail
Install-Module GitHub-RepoWatch

Infra-RunbookEngine

Automated runbook execution engine with YAML decision trees, AI-generated runbooks, blast radius checks, approval workflows, health scores, and cross-module integration.

RunbookYAMLAIAutomation
Install-Module Infra-RunbookEngine

VM-AutoTagger

Auto-tag VMware vSphere and Hyper-V VMs with OS, hardware tier, compliance status, and custom categories. YAML profiles, compliance checks, stale VM detection, drift detection, HTML dashboards.

VMwareHyper-VPowerCLIvSphereTagsCompliance
Install-Module VM-AutoTagger

By the Numbers

20+
Years in Enterprise IT
23
Open-Source Projects
5.1+
PowerShell (& PS7)
0
Get-WmiObject in My Code