Dcomputers/TacticalRMM_Scripts
2
0
Fork 0
Code Activity

Add Check_scripts/Win - UAC status report.ps1

Browse Source
This commit is contained in:
Danny de Kooker
2023-09-06 15:17:38 +02:00
parent 9e4f48285e
commit afc2392556
1 changed files with 51 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
Check_scripts/Win - UAC status report.ps1 Normal file
View File

@@ -0,0 +1,51 @@
<#
.SYNOPSIS
Check the status of Windows UAC and report back to TRMM
.DESCRIPTION
This script will check the status of UAC and report this back, this script shoudl be deployed as a Check Script.
With this configuration you will only receive an error on you check when UAC is turned off completely.
.OUTPUTS
The script will return the obtained values"
Options are:
"UAC is Enabled, NotIfy me only when apps try to make changes to my computer(default)"
"UAC is Enabled, NotIfy me only when apps try to make changes to my computer(do not dim my desktop)"
"UAC is Enabled, Always notIfy"
"UAC is Disabled"
.EXAMPLE
.NOTES
Source: Tactical RMM repository
.CHANGELOG
24-06-2022 - Copied from TRMM repo
27-06-2022 - Added additional Elsif Statement for "Enabled but do not dimm my desktop"
#>
#region Parameters, functions and global variables
$ErrorActionPreference = 'silentlycontinue'
$PSDenabled = (Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System).PromptOnSecureDesktop
$CPAenabled = (Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System).ConsentPromptBehaviorAdmin
#endregion
#region script
if ($PSDenabled -Eq 1 -And $CPAenabled -Eq 5) {
Write-Output "UAC is Enabled, NotIfy me only when apps try to make changes to my computer(default)"
exit 0
}
elseif ($PSDenabled -Eq 0 -And $CPAenabled -Eq 5) {
Write-Output "UAC is Enabled, NotIfy me only when apps try to make changes to my computer(do not dim my desktop)"
exit 0
}
elseif ($PSDenabled -Eq 1 -And $CPAenabled -Eq 2) {
Write-Output "UAC is Enabled, Always notIfy"
exit 0
}
else {
Write-Output "UAC is Disabled"
exit 1
}
Exit $LASTEXITCODE
#endregion