-
Notifications
You must be signed in to change notification settings - Fork 5
Host commands
These are commands that can be run on modern Windows systems.
invoke-command -computername $computer -scriptblock {
try { get-netfirewallprofile | select name,enabled }
catch { netsh advfirewall show all state }
}
This command should show the three default profiles (there might be more though). You will get the profile name and 'enabled' or 'disabled' as results.
Get-MpComputerStatus
This command pulls back basic Windows Defender status. The primary property to check for is "AntivirusEnabled". It should be set to "True"
Get-WmiObject -Class Win32_Product
This is a "dirty" way to do this... please mark this code as "alpha release only". I want to replace with a longer, but faster script that does this based on registry analysis.
(Get-WmiObject Win32_LoggedOnUser).Antecedent
This is a quick and dirty way to pull the current logged in users. FYI: In Windows 10, you will often see your account listed twice.