51 lines
1.9 KiB
PowerShell
51 lines
1.9 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Check the status of Windows UAC and report back to TRMM
|
|
|
|
.DESCRIPTION
|
|
This script will check the status of UAC and report this back, this script shoudl be deployed as a Check Script.
|
|
With this configuration you will only receive an error on you check when UAC is turned off completely.
|
|
|
|
.OUTPUTS
|
|
The script will return the obtained values"
|
|
|
|
Options are:
|
|
"UAC is Enabled, NotIfy me only when apps try to make changes to my computer(default)"
|
|
"UAC is Enabled, NotIfy me only when apps try to make changes to my computer(do not dim my desktop)"
|
|
"UAC is Enabled, Always notIfy"
|
|
"UAC is Disabled"
|
|
|
|
.EXAMPLE
|
|
|
|
.NOTES
|
|
Source: Tactical RMM repository
|
|
|
|
.CHANGELOG
|
|
24-06-2022 - Copied from TRMM repo
|
|
27-06-2022 - Added additional Elsif Statement for "Enabled but do not dimm my desktop"
|
|
#>
|
|
|
|
#region Parameters, functions and global variables
|
|
$ErrorActionPreference = 'silentlycontinue'
|
|
$PSDenabled = (Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System).PromptOnSecureDesktop
|
|
$CPAenabled = (Get-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System).ConsentPromptBehaviorAdmin
|
|
#endregion
|
|
#region script
|
|
if ($PSDenabled -Eq 1 -And $CPAenabled -Eq 5) {
|
|
Write-Output "UAC is Enabled, NotIfy me only when apps try to make changes to my computer(default)"
|
|
exit 0
|
|
}
|
|
elseif ($PSDenabled -Eq 0 -And $CPAenabled -Eq 5) {
|
|
Write-Output "UAC is Enabled, NotIfy me only when apps try to make changes to my computer(do not dim my desktop)"
|
|
exit 0
|
|
}
|
|
elseif ($PSDenabled -Eq 1 -And $CPAenabled -Eq 2) {
|
|
Write-Output "UAC is Enabled, Always notIfy"
|
|
exit 0
|
|
}
|
|
else {
|
|
Write-Output "UAC is Disabled"
|
|
exit 1
|
|
}
|
|
Exit $LASTEXITCODE
|
|
#endregion |