<UnitMonitor ID="Microsoft.SystemCenter.VirtualMachineManager.2016.AttestationWmiMonitor" Accessibility="Public" Enabled="true" Target="VMMBase!Microsoft.SystemCenter.VirtualMachineManager.HyperVHost" ParentMonitorID="Microsoft.SystemCenter.VirtualMachineManager.2016.AttestationMonitor" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.TimedScript.TwoStateMonitorType" ConfirmDelivery="true">
<Category>SecurityHealth</Category>
<OperationalStates>
<OperationalState ID="Error" MonitorTypeStateID="Error" HealthState="Error"/>
<OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>
</OperationalStates>
<Configuration>
<IntervalSeconds>3600</IntervalSeconds>
<SyncTime/>
<ScriptName>CheckAttestationState.vbs</ScriptName>
<Arguments>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</Arguments>
<ScriptBody><Script>' Copyright (c) Microsoft Corporation. All rights reserved.
' Arg 0 : Host name
Option Explicit
On Error Resume Next
Dim oApi
Set oApi = CreateObject("MOM.ScriptAPI")
Dim oBag
Set oBag = oApi.CreatePropertyBag()
Dim strComputerName
strComputerName = WScript.Arguments(0)
if strComputerName = "" Then
Call oAPI.LogScriptEvent("CheckAttestationState.vbs", 101, 1, "CheckAttestationState was called with an invalid computer name and was not executed.")
Call oBag.AddValue("HasNoAttestationProblem", False)
Else
Dim bHasNoAttestationProblems
bHasNoAttestationProblems = DoesHostHaveNoAttestationProblems(strComputerName)
If Err.Number <> 0 Then bHasNoAttestationProblems = False
If Not bHasNoAttestationProblems Then
Call oAPI.LogScriptEvent("CheckAttestationState.vbs", 101, 0, "Host " & strComputerName & " has a problem with attestation.")
End If
Call oBag.AddValue("HasNoAttestationProblem", bHasNoAttestationProblems)
End If
Call oApi.Return(oBag)
Function DoesHostHaveNoAttestationProblems(strComputerName)
Dim oSWbemLocator
Set oSWbemLocator = CreateObject("WbemScripting.SWbemLocator")
On Error Resume Next
Err.Clear
Dim oWmiService
Set oWmiService = oSWbemLocator.ConnectServer(strComputerName, "root\Microsoft\Windows\Hgs")
If Err.Number <> 0 Then
' Failing to find the WMI namespace means that the HGS client feature is not installed. This does not mean that there is a problem.
Err.Clear
On Error GoTo 0
DoesHostHaveNoAttestationProblems = True
Else
On Error GoTo 0
Dim oClass
Set oClass = oWmiService.Get("MSFT_HgsClientConfiguration")
Dim oOutParams
Set oOutParams = oClass.ExecMethod_("Get")
DoesHostHaveNoAttestationProblems = (oOutParams.cmdletOutput.AttestationServerUrl = "" And oOutParams.cmdletOutput.KeyProtectionServerUrl = "") _
Or oOutParams.cmdletOutput.IsHostGuarded
End If
End Function </Script></ScriptBody>
<TimeoutSeconds>60</TimeoutSeconds>
<ErrorExpression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name='HasNoAttestationProblem']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">false</Value>
</ValueExpression>
</SimpleExpression>
</ErrorExpression>
<SuccessExpression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="Boolean">Property[@Name='HasNoAttestationProblem']</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="Boolean">true</Value>
</ValueExpression>
</SimpleExpression>
</SuccessExpression>
</Configuration>
</UnitMonitor>
Home
SVE