Open utterances-bot opened 1 year ago
sikkepitje
commented
1 year ago There's one loophole that you didn't cover; What if in your detection script , the try clause succeeds and the if returns false. It will not execute any "exit" and falls through to the end of the script. What is the exit code then?
1Asterix
commented
1 year ago Thank you very much for the explanation :-)
simonkeen19
commented
1 year ago Awesome thanks Jake - nice one!
The only missing thing I was looking for when running through this was where to look in Event Viewer for proactive remediation script events on a target machine
Thanks! Simon
simonkeen19
commented
1 year ago I went back to the Intune Training video to find it
Correction: Not Event Viewer - local copy of the script with GUID and results saved in the Registry:
{ "PolicyId":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "UserId":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "PolicyHash":null, "Result":3, "ResultDetails":"{\"Version\":1,\"SigningCode\":649,\"SigningMsg\":\"(Success) AccountId:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, PolicyId:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, Type:6, Enforce: Enforcement2. OSVersion:10.0.22000, AgentVersion:1.60.206.0. \"}", "InternalVersion":1, "ErrorCode":0, "ResultType":1, "PreRemediationDetectScriptOutput":"Success", "PreRemediationDetectScriptError":"", "RemediationScriptErrorDetails":null, "RemediationScriptOutputDetails":null, "PostRemediationDetectScriptOutput":null, "PostRemediationDetectScriptError":null, "RemediationStatus":4, "Info":{"RemediationExitCode":null, "FirstDetectExitCode":0, "LastDetectExitCode":null, "ErrorDetails":null}, "TargetType":1, "RunAsAccount":1, "AssignmentFilterIds":["00000000-0000-0000-0000-000000000000"], "BiosMetadata":null }
Intune/Autopilot Proactive Remediation-SysManSquad | Systems Management Squad
A community blog and subsidiary of WinAdmins.io
https://sysmansquad.com/2020/07/07/intune-autopilot-proactive-remediation/