Open utterances-bot opened 2 years ago
sikkepitje
commented
2 years ago There's one loophole that you didn't cover; What if in your detection script , the try clause succeeds and the if returns false. It will not execute any "exit" and falls through to the end of the script. What is the exit code then?
1Asterix
commented
2 years ago Thank you very much for the explanation :-)
simonkeen19
commented
2 years ago Awesome thanks Jake - nice one!
The only missing thing I was looking for when running through this was where to look in Event Viewer for proactive remediation script events on a target machine
Thanks! Simon
simonkeen19
commented
2 years ago I went back to the Intune Training video to find it
Correction: Not Event Viewer - local copy of the script with GUID and results saved in the Registry:
{ "PolicyId":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "UserId":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "PolicyHash":null, "Result":3, "ResultDetails":"{\"Version\":1,\"SigningCode\":649,\"SigningMsg\":\"(Success) AccountId:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, PolicyId:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, Type:6, Enforce: Enforcement2. OSVersion:10.0.22000, AgentVersion:1.60.206.0. \"}", "InternalVersion":1, "ErrorCode":0, "ResultType":1, "PreRemediationDetectScriptOutput":"Success", "PreRemediationDetectScriptError":"", "RemediationScriptErrorDetails":null, "RemediationScriptOutputDetails":null, "PostRemediationDetectScriptOutput":null, "PostRemediationDetectScriptError":null, "RemediationStatus":4, "Info":{"RemediationExitCode":null, "FirstDetectExitCode":0, "LastDetectExitCode":null, "ErrorDetails":null}, "TargetType":1, "RunAsAccount":1, "AssignmentFilterIds":["00000000-0000-0000-0000-000000000000"], "BiosMetadata":null }
Intune/Autopilot Proactive Remediation-SysManSquad | Systems Management Squad
A community blog and subsidiary of WinAdmins.io
https://sysmansquad.com/2020/07/07/intune-autopilot-proactive-remediation/