User Account Control (UAC) is a technology introduced by Microsoft with Windows Vista to improve security of operating system. By querying a registry setting, UAC enabled status can be determined on the systems. In this exercise we will utilize KACE custom inventory rules to query required registry settings and present it in the SQL custom report. The report can be used as a reference by end user to perform some necessary actions to disable or enable User Account Control on the target systems.
Here are instructions how to implement it:
CODE WRITTEN BY KACE SUPPORT FOR DEMONSTRATION PURPOSES ONLY AND NOT SUPPORTED BY KACE TECHNICAL SUPPORT. CLIENT CONFIRMS THE NEED FOR TESTING AND ACCEPTS ALL RESPONSIBILITY FOR USE AND MISUSE OF CODE. KACE SHALL NOT BE HELD LIABLE FOR DAMAGE OR DOWN TIME RESULTING FROM USE OF THIS OR ANY CODE PRESENTED FOR PURPOSES OF TROUBLESHOOTING OR DEMONSTRATION.
Creating a Custom Inventory Rule:
Name (Title): UAC status
Supported Operating Systems:
Highlight/select Windows Operating Systems for your target.
Custom Inventory Rule:
RegistryValueReturn(HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System,EnableLUA,TEXT)
Creating a Custom SQL report:
Select
MACHINE.NAME as SYSTEM_NAME,
MACHINE.OS_NAME as OPERATING_SYSTEM,
IP as IP_ADDRESS,
REPLACE(MACHINE.USER_LOGGED, '\\', '\\\\') as LOGGED_ON_USER,
CASE
WHEN STR_FIELD_VALUE LIKE '%1%' THEN 'Enabled'
ELSE CASE
WHEN STR_FIELD_VALUE LIKE '%0%' THEN 'Disabled'
ELSE 'Unknown'
END
END AS 'UAC status'
from
MACHINE
inner join
MACHINE_CUSTOM_INVENTORY ON MACHINE_CUSTOM_INVENTORY.ID = MACHINE.ID
inner join
SOFTWARE ON MACHINE_CUSTOM_INVENTORY.SOFTWARE_ID = SOFTWARE.ID
WHERE
SOFTWARE.DISPLAY_NAME = 'UAC status' /* Note: Should Match with CI software name. */
4. Enter the following for “Break on Columns:” UAC status
5. Save the report.
6. Allow the devices to check into the KACE appliance. Run the report as needed.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center