DOCSLIB.ORG

Using Powershell Script to Manage the Windows 10 Update Policy

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Using Powershell Script to Manage the Windows 10 Update Policy Using PowerShell Script to Manage the Windows 10 Update Policy Introduction The main objective of this article is to provide step-by-step instructions on how to use PowerShell script to set and modify the Windows update policy using a Windows bundle. The Windows 10 update settings can be easily re-configured using this bundle. This document includes the following information: • Prerequisites • Creating the Bundle • Deploying the Bundle • Logging Results Prerequisites Prior to deploying the bundle, you need be aware of the following: • The Windows bundle can be deployed only on Windows 10 devices. • Using the bundle, you can modify the update settings for Windows 10 devices. However, if the same setting is controlled by a group policy, the latter will prevail. • Prior to deploying the bundle, you must enable script execution by running the following command: Set-ExecutionPolicy <Unrestricted / AllSigned / RemoteSigned>). By default, the value set as Restricted. Creating the Bundle To create the Windows bundle: 1. In ZENworks Control Center, create a Windows bundle and add the modifyWindowsUpdateConfiguration.ps1, the settings.xml and the Setupconfig.ini files. For the Setupconfig.ini file, ensure that you specify the Destination Directory as %systemdrive%\Users\Default\AppData\Local\Microsoft\Windows\WSUS\ For information on how to create Windows bundles, see https://www.novell.com/documentation/zenworks-2017-update- 1/zen_cm_software_distribution/data/ba480hx.html 2. In the Bundles page, click the bundle that was created in the previous step and click Actions > Launch. 3. Click the Run Script Action link and in the Edit Action – Script dialog, specify the Action Name, Script File Name, Script Parameters and Path to Script Engine. 4. Click the Advanced tab and select the Run as secure system user (Don’t allow system to interact with desktop) option. For information on Bundle Actions, see https://www.novell.com/documentation/zenworks- 2017-update-1/zen_cm_software_distribution/data/ba4pobn.html 5. After specifying the relevant values, click OK and then Publish the bundle. Note: While creating the bundle, ensure that the path for the install files is correct and it is the same as that specified in the run script. Deploying the Bundle To deploy the bundle, assign the bundle to the specific users or devices and specify the deployment schedule. After the bundle is deployed, the required settings will be modified based on the settings.xml file. For information on how to assign bundles, see https://www.novell.com/documentation/zenworks- 2017-update-1/zen_cm_software_distribution/data/bs8c8lh.html Logging Results Results of the script execution can be viewed in the %ZENworks_home%/logs/windowsUpdateConfigurationLog file. In this file you can view the settings that have been successfully set and those which could not be set due to errors. The log file will also include the updated policy settings. Power-shell Script content Create “modifyWindowsUpdateConfiguration .ps1” file and copy below code to it. $settingPath=$args[0] $logfile = $Env:zenworks_home+"\logs\windowsUpdateConfigurationLog.txt" function Write-Log([string]$logMsg) { [string]$logMessage = [System.String]::Format("[$(Get-Date)] - {0}", $logMsg) Add-Content -Path $logfile -Value $logMessage } Write-Log "Started with the script execution. Current Windows Update Settings will be modified according to the settings provided." $namespaceName = "Root\CIMv2\MDM\DMMap" $className = "MDM_Policy_Config01_Update02" $initialObjectValues = @{ParentID="./Vendor/MSFT/Policy/Config";InstanceID="Update"} $settingsData = [Xml] (Get-Content $settingPath) try { $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className if($obj -eq $null) { Write-Log "Didn't find any running instance. Creating a new instance for MDM_Policy_Config01_Update02." $obj = New-CimInstance -Namespace $namespaceName -ClassName $className -Property $initialObjectValues } } catch [System.Management.Automation.ParameterBindingValidationException] { Write-Log "Didn't find any running instance. Creating a new instance for MDM_Policy_Config01_Update02." $obj = New-CimInstance -Namespace $namespaceName -ClassName $className -Property $initialObjectValues } foreach($property in $settingsData.settings.property) { try { If($property.key -eq "ParentID" -Or $property.key -eq "InstanceID") { continue } $obj.($property.key)=$property.value Set-CimInstance -CimInstance $obj } catch { $ErrorMessage = $_.Exception.Message Write-Log $ErrorMessage } } Write-Log "Updated Config policy to:" Write-Log ( $obj | Format-List | Out-String) The SetupConfig.ini file Content Create “Setupconfid.ini” file and copy below content to it. [SetupConfig] NoReboot ShowOobe=None Telemetry=Enable ReflectDrivers = < path of folder containing INF and SYS files for the encryption drivers > The settings.xml file The files is attached. Right click on clip icon and Choose “Save Embedded File to Disk…” .
Load more

Recommended publications
  • Steps to Disable Or Uninstall Skype for Business Method 1: Disable Skype for Business Via Skype Settings
    Steps to Disable or Uninstall Skype for Business Method 1: Disable Skype for Business via Skype Settings To disable this feature to prevent it from starting up, please following the instruction below. Step 1: Open the Settings of Skype for Business, navigate to the Tools tab and choose the Options option. Step 2: Select the Personal option from the left side, and uncheck Automatically start the app when I log on to Windows 10 and Start the app in the foreground, and then click the OK button to confirm the changes. Step 3: Click the Settings button again on the Skype for Business interface and choose File then Exit. After the three steps, you have successfully disabled Skype for Business from your PC and you will no longer see it although it is still on your computer. Method 2: Uninstall Skype for Business via Control Panel This method requires you to clear all your profile cache for the Skype for Business account and then uninstall it from Windows 10 via Control Panel. Here is the detailed tutorial on uninstalling Skype for Business. Step 1: Open your Skype for business and then sign out of this application. Step 2: In the Sign in interface, please click the Delete my sign-in info option. Note: This step will clear all your profile cache for the Skype for Business account and will disable the auto sign-in when the application opens. Step 3: Close Skype for Business. Step 4: You should uninstall Skype for Business like any other software on your computer. Click on the Windows button in the bottom left of your screen and type Control Panel.
    [Show full text]
  • Opening Skype on Windows 10
    Skype Opening Skype on Windows 10 ................... 1 Making a Video Call ..................................... 3 Checking Your Audio & Video .................... 2 Accepting a Video Call .................................4 Using Skype ................................................. 3 Installing Skype ........................................... 5 Finding Someone ........................................ 3 Opening Skype on Windows 10 1. On a Windows 10 computer, in the lower left corner click the Windows icon. 2. Type in “Skype” and as soon as you see “Skype” click on that selection, and enter your Skype username and password if prompted. If you do not already have a Skype account, you can easily create one—they are free. You can even create a Microsoft account just for Skype at https://outlook.live.com/owa Checking Your Audio & Video 1. Open Skype. 2. In the left pane, in the top right corner, click on the ellipse (…). 3. Your Settings open. 4. In the left pane, select Audio & Video. 5. In the Camera section your live picture should appear. If it does not, see if there is an option above your picture, and try selecting a different web camera. 6. Scroll down until you see the Audio section. Test your microphone and speakers and adjust the volume as needed. 7. Close the dialog box by clicking the X in the top left corner. Using Skype Once you open Skype, you will select someone to call from the left pane. You have some important options there: Search, Chats, Contacts The first couple times you use Skype you may need to search for your friends and family. You can search by name or email address associated with their Skype account.
    [Show full text]
  • Microsoft Windows 10 Update Hello, Microsoft Has Begun
    Subject Line: Microsoft Windows 10 Update Hello, Microsoft has begun pushing a warning message to Windows 10 computers that a critical security update must be performed. Several clients have informed us that they are seeing the warning message. It will appear as a generic blue screen after your computer has been powered up, and it states that after April 10, 2018 Microsoft will no longer support your version of Windows 10 until the critical security update has been performed. Please note if your UAN computer has not been recently connected to the internet, you would not have received this message. UAN has confirmed that the warning message is a genuine message from Microsoft, and UAN strongly encourages all clients to perform this critical security update as soon as possible. Please note: ‐ This update is a Microsoft requirement and UAN cannot stop or delay its roll out. To perform the critical security updated select the ‘Download update’ button located within the warning message. ‐ This update is very large, for those clients that have metered internet usage at their home may want to perform the update at a different location with unmetered high speed internet, perhaps at another family member’s home. ‐ Several UAN staff members have performed the critical security update on their home computers, and the process took more than an hour to complete. To check that your computer has been updated or to force the update at a time that is convenient to you, go to the windows Start button and click on Settings (the icon that looks like a gear above the Start button) > Update and Security > Windows Update > Check for Updates and then follow the instructions on the screen.
    [Show full text]
  • How to Set up Cortana (Or Remove Her) in Windows 10
    How to set up Cortana (or remove her) in Windows 10 Cortana, the personal digital assistant feature in Windows 10, will help you complete tasks, make it to your appointments on time, send messages and emails on your behalf, research the web and even launch applications. Orignally released with the Windows Phone (and named after the AI character from Microsoft's Halo franchise, looks to be a key element in the Windows 10 operating system. To begin the set up process, click or tap the microphone icon in the search bar and say "Hey Cortana" (if listening is enabled), followed by your question or search term. When properly set up Cortana is a powerful digital assistant. Start by clicking into the Cortana search box, and waiting for the results pane to appear. In the top- left corner of this, click the “hamburger” menu and then open Notebook. This tool allows you to determine what information Cortana can gather about you, and the more data she has, the more she can do. Cortana will have already asked you to input your name, but you can change this and more by opening About Me. Here, set the name you want her to use. Under Settings you can enable tracking info by switching on Find flights and more, which analyses your emails for such details. The Settings screen also enables you to toggle whether Cortana responds to “Hey, Cortana” which is very similar to Android’s “OK, Google“–the system will constantly be on the look-out for you saying this phrase, and will open Cortana when it is detected.
    [Show full text]
  • Guide to Hardening Windows 10 Technical Guide
    NOVEMBER 2020 Guide to Hardening Windows 10 For Administrators, Developers and Office Workers TABLE OF CONTENTS Introduction .......................................................................................................................... 4 Prerequisites ............................................................................................................................ 4 User roles ................................................................................................................................. 4 EFI (BIOS) Configuration ...................................................................................................... 5 To be enabled: ......................................................................................................................... 5 To be disabled: ......................................................................................................................... 5 Windows Defender Firewall .................................................................................................. 6 Enable logging of dropped packets ............................................................................................. 6 Disable enforcement of local rules and disable notifications .......................................................... 7 Block outbound connections by default ....................................................................................... 8 Secure potentially vulnerable protocols ......................................................................................
    [Show full text]
  • Microsoft Service Pack & Security Bulletin Support
    Microsoft Service Pack & Security Bulletin Support ReadMe Revision History Date Revised Changes Made March 23, 2020 March 2020 Microsoft Security Update Contents What’s New? . 1 Microsoft Security Bulletins . 2 Current Microsoft Security Bulletin Status . 2 Enabling Windows Updates on Avid Systems . 6 Using a Microsoft WSUS Server for distributing Windows Updates. 7 Historical List of Microsoft Security Bulletin Exceptions . 7 What’s New? For March security bulletins, see “Current Microsoft Security Bulletin Status” on page 2. The section on “Notification Regarding the January 2020 Windows Updates” on page 3 has been updated to include information on MediaCentral Asset Management and MediaCentral Newsroom Management. See also http://avid.force.com/pkb/articles/en_US/Troubleshooting/en239659. Microsoft Security Bulletins Microsoft Security Bulletins Install Windows Security Patches and Service Packs. To download patches, run Windows Update. By default Avid supports all Windows Service Packs and security patches (sometimes referred to as “hot fixes”) which apply to the environments in which Avid products are deployed. We refer to them as Windows Updates in this document. Customers can schedule the download and installation of Windows Updates whenever they are available and make sense in their production environment. Avid tests the updates within several days of their availability. However, customers do not have to wait for the testing to be complete before installing the updates. Our current testing methodology is to utilize Windows Update on a representative sample of Avid products upon notification of new Security Bulletin availability by Microsoft. These systems are updated and observed while under test. Once the test period has completed (approx.
    [Show full text]
  • Automatic Updates Using Windows Windows Can Updates Automatically ,When You Select the Option On
    Automatic updates using windows Windows can updates automatically ,when you select the option on. In windows XP and Windows 7 are shown here Windows XP : Settings > Control panel > Security center Turn on Automatic updates choose the options you like. In windows 7: Control panel > System and security So how can do all users let updates on system. By default, Windows only allows users with administrator user accounts to install updates. To allow all users to install updates, follow these steps: Click to open Windows Update. In the left pane, click Change settings. Do one of the following: To allow standard users to install updates, select the Allow all users to install updates on this computer check box. To prevent standard users from installing updates, clear the Allow all users to install updates on this computer check box. If you use automatic updating for Important or Recommended updates, those updates are installed regardless of whether the current user is an administrator or not. Different types of updates Updates are classified as Important, Recommended, Optional, and Featured. Important updates offer significant benefits, such as improved security, privacy, and reliability. They should be installed as they become available, and can be installed automatically with Windows Update. Recommended updates address non-critical problems or help enhance your computing experience. While these updates do not address fundamental issues with your computer or Windows software, they can offer meaningful improvements. These can be installed automatically. Optional updates can include updates, drivers, or new software from Microsoft to enhance your computing experience. You can only install these manually.
    [Show full text]
  • Microsoft Windows Server 2019 Version 1809 Hyper-V
    Operational and Administrative Guidance Microsoft Windows Server, Microsoft Windows 10 version 1909 (November 2019 Update), Microsoft Windows Server 2019 version 1809 Hyper-V Common Criteria Evaluation under the Protection Profile for Virtualization, including the Extended Package for Server Virtualization Revision date: January 15, 2021 © 2021 Microsoft. All rights reserved. Microsoft Windows Server and Windows 10 Hyper-V Administrative Guidance Copyright and disclaimer The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs-NonCommercial VLicense (which allows redistribution of the work). To view a copy of this license, visithttp://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The example companies, organizations, products, people and events depicted herein are fictitious.
    [Show full text]
  • Quick Guide Page | 1
    Quick Guide Page | 1 Contents Welcome to Windows 10 ................................................................................................................................................................................................... 3 Key innovations ...................................................................................................................................................................................................................... 3 Cortana ................................................................................................................................................................................................................................. 3 Microsoft Edge .................................................................................................................................................................................................................. 4 Gaming & Xbox ................................................................................................................................................................................................................ 5 Built-in apps ....................................................................................................................................................................................................................... 7 Enterprise-grade secure and fast ...................................................................................................................................................................................
    [Show full text]
  • Feature Description
    NTLM Feature Description UPDATED: 19 March 2021 NTLM Copyright Notices Copyright © 2002-2021 Kemp Technologies, Inc. All rights reserved. Kemp Technologies and the Kemp Technologies logo are registered trademarks of Kemp Technologies, Inc. Kemp Technologies, Inc. reserves all ownership rights for the LoadMaster and Kemp 360 product line including software and documentation. Used, under license, U.S. Patent Nos. 6,473,802, 6,374,300, 8,392,563, 8,103,770, 7,831,712, 7,606,912, 7,346,695, 7,287,084 and 6,970,933 kemp.ax 2 Copyright 2002-2021, Kemp Technologies, All Rights Reserved NTLM Table of Contents 1 Introduction 4 1.1 Document Purpose 6 1.2 Intended Audience 6 1.3 Related Firmware Version 6 2 Configure NTLM Authentication 7 2.1 Configure Internet Options on the Client Machine 7 2.2 Configure the LoadMaster 11 2.2.1 Enable NTLM Proxy Mode 13 2.2.2 Configure the Server Side SSO Domain 13 2.2.3 Configure the Client Side SSO Domain 15 2.2.4 Configure the Virtual Service 15 2.3 Configure Firefox to Allow NTLM (if needed) 17 2.4 Troubleshooting 18 References 19 Last Updated Date 20 kemp.ax 3 Copyright 2002-2021, Kemp Technologies, All Rights Reserved NTLM 1 Introduction 1 Introduction NT LAN Manager (NTLM) is a Windows Challenge/Response authentication protocol that is often used on networks that include systems running the Windows operating system and Active Directory. Kerberos authentication adds greater security than NTLM systems on a network and provides Windows-based systems with an integrated single sign-on (SSO) mechanism.
    [Show full text]
  • The Control Panel and Settings in Windows 10 Most Programs and Apps Have Settings Specific to That Program
    GGCS Introduction to Windows 10 Part 3: The Control Panel and Settings in Windows 10 Most programs and apps have settings specific to that program. For example, in a word processor such as Microsoft Word there are settings for margins, fonts, tabs, etc. If you have another word processor, it can have different settings for margins, fonts, etc. These specific settings only affect one program. The settings in the Control Panel and in Settings are more general and affect the whole computer and peripherals such as the mouse, keyboard, monitor and printers. For example, if you switch the right and left buttons on the mouse in the Control Panel or in Settings, they are switched for everything you click on. If you change the resolution of the monitor, it is changed for the desktop, menus, Word, Internet Explorer and Edge, etc. How to display the Control Panel 1. Right-click the Windows Start button or press the Windows key on the keyboard + X. 2. Click “Control Panel” on the popup menu as shown in the first screen capture. In Windows 10, many of the settings that once were in the Control Panel have moved to Settings. However, there are often links in Settings that take you back to the Control Panel and many other settings that still only exist in the Control Panel. Settings versus Control Panel is an evolving part of Windows design that started with Windows 8. It is not clear at this time whether the Control Panel will eventually go away or whether it will simply be used less frequently by most users.
    [Show full text]
  • Web Server IIS Deployment
    https://www.halvorsen.blog ASP.NET Core Web Server IIS Deployment Hans-Petter Halvorsen Introduction • Introduction to IIS deployment • If you have never used ASP.NET Core, I suggest the following Videos: – ASP.NET Core - Hello World https://youtu.be/lcQsWYgQXK4 – ASP.NET Core – Introduction https://youtu.be/zkOtiBcwo8s 2 Scenario Development Environment Test/Production Environment Local PC with Windows 10 Windows 10/Windows Server ASP.NET Core IIS Web Application SQL Server Visual Studio ASP.NET Core SQL Server Express Web Application Visual Studio Web Server • A web server is server software that can satisfy client requests on the World Wide Web. • A web server can contain one or more websites. • A web server processes incoming network requests over HTTP and several other related protocols. • The primary function of a web server is to store, process and deliver web pages to clients. • The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). • Pages delivered are most frequently HTML documents, which may include images, style sheets and scripts in addition to the text content. https://en.wikipedia.org/wiki/Web_server 4 Web Pages and Web Applications Web Server Client Web Server software, e.g., Internet Information Services (IIS) Request Web Browser, (URL) e.g., Edge, Internet Chrome, Safari, or Local etc. Response Network (LAN) Data- (HTML) base Operating System, e.g., Windows Server PC with Windows 10, macOS or Linux Smartphone with Android or iOS, etc. Web Server Software PHP (pronounced "engine x") Internet Information Services - Has become very popular lately ASP.NET Cross-platform: UNIX, Linux, OS X, Windows, ..
    [Show full text]