by Alex Verboon
Hello there, These days everyone is trying to identify devices that are vulnerable to the Log4Shell Vulnerability (CVE-2021-44228). If your only systems management tool is Microsoft Endpoint Configuration Manager this blog is for you. You can of course create device Read More …
Hello there, I guess by now, everyone has heard of the Windows Print Spooler Remote Code Execution Vulnerability (CVE-2021-34527). At this time Microsoft recommends disabling the Print Spooler service on domain controllers and on servers where it is not needed Read More …
During the past 5 years I have onboarded a couple of thousand devices into Microsoft Defender for Endpoint and can say that, provided that you done your homework with regards to network connectivity, onboarding devices into Defender for Endpoint usually Read More …
Last week Microsoft released the DRAFT Security baseline for Windows 10 and Windows Server, version 20H2. Although available since Windows 10 1903, the attack surface reduction rule ‘Block persistence through WMI event subscription’ is now being included into the recommended Read More …
During a recent customer engagement I had to collect the size of user profiles across a large number of devices. I was first thinking of using a script that would collect the information we need, store it into a custom Read More …
While working with CMPivot this week, I wanted to find out how locally on the client the data is collected, I already knew that when you execute a CMPivot query from the ConfigMgr console, it will run the query on Read More …
Hello everyone, earlier this week I wrote a blog post how to test Microsoft Defender Cloud Protection Service (MAPS) with PowerShell. Today I would like to share a possible approach how to actively monitor MAPS Connectivity across all your devices Read More …
I’m currently engaged in multiple customer projects where Windows 10 is already in production, but unfortunately without Windows Credential Guard enabled. For those who think “Credential ….what?” Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only Read More …
Here’s a function i wrote recently to retrieve the ConfigMgr Client Policy settings. To use the function you must have the System Center Configuration Manager Cmdlet library installed.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
Function Get-CMclientpolicysettings { <# .Synopsis Get-CMclientpolicysettings .DESCRIPTION Get-CMclientpolicysettings retrieves Configuration Manager client agent policy settings. .PARAMETER Name The ConfigMgr Agent Policy Name .EXAMPLE Get-CMclientpolicysettings .EXAMPLE Get-CMclientpolicysettings -Name "Workstation Settings" .NOTES version 1.1, 21.02.2017, Alex Verboon #> [CmdletBinding()] Param( # ConfigMgr Agent Policy Name [Parameter(Mandatory=$false, ValueFromPipelineByPropertyName=$true, Position=0)] $Name ) Begin{ Write-verbose "Retrieving Policies" if ($PSBoundParameters.ContainsKey("Name")) { $cmpolicies = Get-CMClientSetting | Select-Object Name | Where-Object {$_.Name -eq "$Name"} } Else { $cmpolicies = Get-CMClientSetting | Select-Object Name } } Process{ $Results = @() foreach ($policy in $cmpolicies ) { write-verbose "$($Policy.name)" $xsettings = [Enum]::GetNames( [Microsoft.ConfigurationManagement.Cmdlets.ClientSettings.Commands.SettingType]) foreach ($setting in $xsettings) { Write-verbose $setting $configuration = Get-CMClientSetting -Setting $setting -Name $Pol.name ForEach ($config in $configuration.GetEnumerator()) { write-verbose $config.Key $data = [ordered] @{ PolicyName = $policy.Name Setting = $setting ConfigurationName = $config.Key ConfigurationValue = $config.Value } $Results += (New-Object -TypeName psobject -Property $data) } } } } End{Write-Output $Results} } |
Remember the days when you spend hours if not days just to get a lab environment in place and any time you wanted to use the environment again, you spend another couple of hours to get It updated. About 3 Read More …