I can confirm that Write-Host does work. This is a baseline detection script
that I am using to remove Skype4Business Helper:
officePaths = 'C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.DLL',
'C:\Program Files\Microsoft Office\Office15\OCHelper.DLL'
$regPaths = 'HKLM:\SOFTWARE\Wow6432Node', 'HKLM:\SOFTWARE'
$OCHelperInstalled = $false
$bhoInstalled = $false
$extensionsInstalled = $false
foreach ($officePath in $officePaths) {
if (Test-Path -Path $officePath) {
$OCHelperInstalled = $true
}
}
foreach ($regPath in $regPaths) {
if (Test-Path -Path
"$regPath\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}") {
$bhoInstalled = $true
}
if (Test-Path -Path "$regPath\Microsoft\Internet
Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}") {
$extensionsInstalled = $true
}
}
if (($OCHelperInstalled) -or ($bhoInstalled) -or ($extensionsInstalled)) {
} else {
Write-Host 'Removed'
}
This is what the Compliance Rule looks like:
[cid:[email protected]]
I could have simplified this process and returned $true or $false for
compliant/ not-compliant. This would tell DCM to look for a Boolean value
rather than having to do a string comparison.
$tb = Get-Item -Path
"HKCU:Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"
$tb.GetValue("Start_NotifyNewApps")
If($tb.GetValue("Start_NotifyNewApps") -eq $null)
{
Return $false
}
else
{
Return $true
}
Hope this helps...
Thanks,
Chris Brucker
From: [email protected] [mailto:[email protected]] On
Behalf Of Chris Carbone
Sent: Tuesday, March 29, 2016 4:16 PM
To: [email protected]
Subject: [mssms] RE: Config Baseline Keeps Failing
I have another config baseline where write-output seems to work. And the
remediation has been defined in the deployed baseline.
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Jerousek, Jeff
Sent: Tuesday, March 29, 2016 2:42 PM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
Not sure if it matters but write-host writes to the screen. You may want to use
write-output or return instead.
You also need to specify remediation in the deployed baseline as well as the
compliance item.
Thanks,
Jeff Jerousek
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Chris Carbone
Sent: Tuesday, March 29, 2016 2:20 PM
To: '[email protected]'
<[email protected]<mailto:[email protected]>>
Subject: [mssms] RE: Config Baseline Keeps Failing
Or did you mean this?
[cid:[email protected]]
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Jason Sandys
Sent: Tuesday, March 29, 2016 11:12 AM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
Sorry, that's not what I'm asking. In the compliance item, on the setting tab
(I think), you need to set a value to compare the results of the script to. So
what is this configured to? Screenshots work well.
J
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Chris Carbone
Sent: Tuesday, March 29, 2016 10:42 AM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
The value of $null, this is just checking if a registry key exists or not.
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Jason Sandys
Sent: Monday, March 28, 2016 3:01 PM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
What value are comparing against?
J
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Chris Carbone
Sent: Monday, March 28, 2016 2:18 PM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
Value equals compliant. Box is checked to run the specified remediation script
when this setting is noncompliant.
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Jason Sandys
Sent: Monday, March 28, 2016 11:55 AM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] RE: Config Baseline Keeps Failing
What's the corresponding compliance setting rule?
J
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]] On Behalf Of Chris Carbone
Sent: Monday, March 28, 2016 10:39 AM
To: [email protected]<mailto:[email protected]>
Subject: [mssms] Config Baseline Keeps Failing
And I have no idea why. If I run both of these manually they work fine but in
SCCM I keep getting this error.
Setting Discovery Error 0x87d00329 Application requirement evaluation or
detection failed
I have checked the DCMAgent.log, CIAgent.log, and DCMReporting.log and not
finding anything that relates to this error.
All I am trying to do is detect if a reg key exists or not, and if not to run
the remediate script.
Discovery script:
$tb = Get-Item -Path
"HKCU:Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"
$tb.GetValue("Start_NotifyNewApps")
If($tb.GetValue("Start_NotifyNewApps") -eq $null)
{
write-host "Non-Compliant"
}
else
{
write-host "Compliant"
}
Remediation script:
New-ItemProperty
'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\' -Name
Start_NotifyNewApps -Value 0 -PropertyType DWord -Force
This electronic mail transmission may contain confidential information intended
only for the use of the individual(s) identified as addressee(s). If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking of any action in reliance on the contents
of this electronic mail transmission is strictly prohibited. If you have
received this transmission in error, please notify me by telephone immediately.
This electronic mail transmission may contain confidential information intended
only for the use of the individual(s) identified as addressee(s). If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking of any action in reliance on the contents
of this electronic mail transmission is strictly prohibited. If you have
received this transmission in error, please notify me by telephone immediately.
This electronic mail transmission may contain confidential information intended
only for the use of the individual(s) identified as addressee(s). If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking of any action in reliance on the contents
of this electronic mail transmission is strictly prohibited. If you have
received this transmission in error, please notify me by telephone immediately.
This electronic mail transmission may contain confidential information intended
only for the use of the individual(s) identified as addressee(s). If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking of any action in reliance on the contents
of this electronic mail transmission is strictly prohibited. If you have
received this transmission in error, please notify me by telephone immediately.
This electronic mail transmission may contain confidential information intended
only for the use of the individual(s) identified as addressee(s). If you are
not the intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking of any action in reliance on the contents
of this electronic mail transmission is strictly prohibited. If you have
received this transmission in error, please notify me by telephone immediately.
**********************************************************************
The information contained in this message from First Financial Bancorp or its
affiliates and any attachments are confidential. It is not intended for
transmission to, or receipt by, anyone other than the addressee(s), or a person
authorized to deliver it to the named addressee(s). If you have received this
message in error, you are prohibited from copying, distributing or using the
information. Please contact the sender immediately by return email and delete
the original message.
