20+ years managing Windows Server, Active Directory, and Microsoft 365 environments. I build PowerShell tooling that turns manual runbooks into repeatable, auditable automation.
Universal MCP server that exposes tools from any language to any AI. Manifest-driven, zero dependencies, language agnostic. Auto-discovers PowerShell modules and serves 111+ tools across 22 modules over the Model Context Protocol.
Entra ID (Azure AD) security auditing. Risky users, app permission sprawl, sign-in anomalies, privileged role review, and PIM status.
Microsoft 365 tenant security baseline. MFA enrollment gaps, Conditional Access review, mailbox forwarding rules, guest account hygiene.
Active Directory security and compliance auditing. Stale accounts, local admin sprawl, orphaned SIDs, privileged group review.
AD user lifecycle automation. Template-based provisioning, offboarding with data archival, and flexible reporting.
Windows server infrastructure health dashboard. Disk space, service status, uptime, and pending updates via CIM across your fleet.
Intune compliance and device management reporting. Device compliance, app install failures, policy assignment gaps, and Autopilot readiness.
Exchange to Microsoft 365 migration pre-assessment. Mailbox inventory, distribution groups, mail flow rules, public folder analysis.
Register Linux, macOS, FreeBSD, and any non-Windows system in AD with full OS details. Includes a self-registration agent that boxes install to announce themselves automatically.
Group Policy health auditing. Find stale, empty, and unlinked GPOs, review permission sprawl, and generate cleanup recommendations.
Certificate lifecycle monitoring across your fleet. Expiring certs, weak algorithms, IIS binding audits, and certificate store inventory.
NTFS permission auditing. Broken inheritance, direct user ACEs, nested group analysis, and share permission reporting.
Service account security auditing. SPN analysis, Kerberoasting risk assessment, password age tracking, and usage monitoring.
Microsoft 365 license optimization. Identify inactive licensed users, underutilized subscriptions, and generate cost savings reports.
Export local firewall rules and security policies to Group Policy Objects. Read-only on source — never modifies local policy. Just link the GPO.
Universal user lookup. One command to see AD account, M365 licenses, Intune devices, MFA status, and sign-in history for any user.
Daily admin command center. Locked accounts, disk alerts, security events, expiring certificates — prioritized in one dashboard.
Infrastructure change tracking across AD, GPO, DNS, and server configs. Answers "who changed what and when" with full attribution.
AI-powered living documentation. Feed in old docs, AI extracts facts, PowerShell verifies against reality. Keeps IT documentation accurate forever.
ITSM ticket intelligence. AI-powered summaries from ServiceNow or Jira. CI history, recurring issue detection, and knowledge gap analysis.
Monitor GitHub repos and PSGallery for new issues, comments, PRs, stars, and downloads. Scheduled email digests so you never miss feedback.
Automated runbook execution engine with YAML decision trees, AI-generated runbooks, blast radius checks, approval workflows, health scores, and cross-module integration.
Auto-tag VMware vSphere and Hyper-V VMs with OS, hardware tier, compliance status, and custom categories. YAML profiles, compliance checks, stale VM detection, drift detection, HTML dashboards.