Jump to content
[[Template core/front/profile/profileHeader is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]

harryboyne last won the day on March 25 2019

harryboyne had the most liked content!

Community Reputation

2 Neutral

My Information

  • Agent Count
  1. We've been trying the PowerShell script and it's been working well for us. The only adjustment we've need to make is that, if there isn't a patch, it reports the date the OS was installed: Return ([WMI]'').ConvertToDateTime((Get-WmiObject Win32_OperatingSystem).InstallDate).ToString('yyyyMMdd-HHmmss') This way, any feature updates don't cause the script to report incorrect information. However, we've bumped into another issue. A Spanish PC was reporting that it was only installing a very old update. That's because the updates have names like: Actualización de características a Windows 10, versión 1909 2019-11 Actualización acumulativa para Windows 10 Version 1903 Without adding every language under the sun into this script, just wondering if anyone has come across this yet? H
  2. Hi All, Following an update to 1809, we have had issues with definitions for any Windows 10 machine with Intune (or just the vanilla Windows Defender). Turns out the 'RemediationEXE' referenced by the LT default definition no longer exists. I create the below definition which seems to work fine - thought I'd share with you all! 😀 Name: Windows Defender 10 AV Process: msmpeng* Program Location: {%_if|{%_ne|{%-HKLM\SOFTWARE\Microsoft\Windows Defender:DisableAntiVirus-%}|1_%}|{%-HKLM\SOFTWARE\Microsoft\Windows Defender:InstallLocation-%}MsMpEng.exe_%} Definition Location: {%-HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates:SignatureLocation-%}\mpavdlta.vdm Date Mask: (.*) Update Command: "{%-HKLM\SOFTWARE\Microsoft\Windows Defender:InstallLocation-%}\mpcmdrun.exe" -SignatureUpdate -Trace -Grouping 15 -GetFiles
  3. Hi All, Just wondering if any of you logged a ticket with either ConnectWise or BitDefender regarding this issue - they are claiming ignorance but it's clearly a long standing issue! Thanks
  4. Hi Guys We're looking at rolling out some form of monitor to log a ticket when a server reboots. Usually we'll just close the ticket, but it's a good "FYI" ticket for us to have - in case something's up etc. I've tried creating an "uptime is less than 15" monitor, but we found that it then closed the ticket as soon as it no longer met the requirements: So it's looking like the best way is to monitor for event 6006 (logged when a Windows PC reboots). This does seem a bit messy though and removes some control - we'd like for the monitor to not run during maintenance windows, but if we do with an event log monitor it will just log the ticket after the window! Screenshots are attached of both queries. I was wondering if anyone has already done this and if so has any suggestions? Thanks
  • Create New...