Baseline Gold Images for Windows Approved Applications and System Files
0 Votes |
Description
Property Details
10553 | |
Production - Fully Tested and Ready for Production | |
Baseline Gold Images for Windows Approved Applications and System Files | |
BESC | |
RES Software | |
3/21/2016 12:00:00 AM | |
True | |
RESQA on 3/24/2016 5:00:37 AM | |
RESQA on 3/24/2016 5:00:37 AM | |
2928 Views / 3 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Relevance
Actions
Action 1 (default)
Action Link Click
here to deploy this action.
Script Type
BigFix Action Script
//SourceReleaseDate: 20160321-102103
action uses wow64 redirection false
action parameter query "bigfixserver" with description "Please enter your BigFix server name (bigfix.contoso.com)"
action parameter query "algo" with description "Please enter the encription algorithm"
action parameter query "cont" with description "Please enter the baseline container"
delete __createfile
delete "{(value of variable "temp" of environment) & "\whitebaseline.ps1"}"
delete {(value of variable "temp" of environment)}\{(computer name)}.txt
createfile until __done
Function hashSHA {"%7b"}
Param(
[parameter(Mandatory=$True)]$file,
[parameter(Mandatory=$false)][ValidateSet("SHA1","SHA256")]$encr = "SHA256"
)
$command = '$encr_alg = [Security.Cryptography.HashAlgorithm]::Create("$encr")'
Invoke-Expression $command
try{"%7b"}
$Hashstring = ([System.BitConverter]::ToString( $encr_alg.ComputeHash([System.IO.File]::ReadAllBytes($file)))) -replace ("-","")
$info = @{"%7b"}{"%7d"}
$info.Hash=$Hashstring
$info.Path=$file
$result = New-Object –TypeName PSObject –Prop $info
return $result
{"%7d"}
catch{"%7b"}{"%7d"}
{"%7d"}
cd c:\
$f = "${"%7b"}env:Temp{"%7d"}" + "\whitebaseliner.csv"
try{"%7b"}
Get-ChildItem -force -recurse "C:\" *.exe -erroraction silentlycontinue |%{"%7b"}hashSHA -encr {parameter "algo" of action} -file $_.FullName{"%7d"}|select-object @{"%7b"}Name="Path"; Expression={"%7b"}$_.Path{"%7d"}{"%7d"},@{"%7b"}Name="Hash"; Expression={"%7b"}$_.Hash{"%7d"}{"%7d"}, @{"%7b"}Name="Process"; Expression={"%7b"}"*"{"%7d"}{"%7d"},@{"%7b"}Name="Status"; Expression={"%7b"}"allow"{"%7d"}{"%7d"},@{"%7b"}Name="Container"; Expression={"%7b"}{"%22"}{parameter "cont" of action}{"%22"}{"%7d"}{"%7d"}|export-csv -delimiter "`t" -path $f -NoTypeInformation
{"%7d"}
catch{"%7b"}{"%7d"}
$csv = Get-Content $f
$csv = $csv[1..($csv.count - 1)]
$csv > $f
(Get-Content $f) | % {"%7b"}$_ -replace "`"", ""{"%7d"} | out-file -FilePath $f -Force -Encoding ascii
__done
delete "{(value of variable "temp" of environment) & "\whitebaseliner.csv"}"
delete "{(value of variable "temp" of environment) & "\whitebaselinerlog.txt"}"
copy __createfile "{(value of variable "temp" of environment) & "\whitebaseline.ps1"}"
waithidden powershell.exe -executionpolicy unrestricted -file "{(value of variable "temp" of environment) & "\whitebaseline.ps1"}"
move {(value of variable "temp" of environment)}\whitebaseliner.csv {(value of variable "temp" of environment)}\{(computer name)}.txt
setting "_BESClient_ArchiveManager_FileSet-authfiles"="{(value of variable "temp" of environment)}\{(computer name)}.txt" on "{parameter "action issue date" of action}" for client
setting "_BESClient_ArchiveManager_OperatingMode"="2" on "{parameter "action issue date" of action}" for client
setting "_BESClient_ArchiveManager_SendAll"="1" on "{parameter "action issue date" of action}" for client
archive now
delete {(value of variable "temp" of environment)}\{(computer name)}.txt
delete "{(value of variable "temp" of environment) & "\whitebaseline.ps1"}"
delete "{(value of variable "temp" of environment) & "\whitebaseliner.csv"}"
delete "{(value of variable "temp" of environment) & "\whitebaselinerlog.txt"}"
Success Criteria
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
Social Media: |