Home
  •  

Security Protocol Class Discovery

Security.Protocol.Class.Discovery (Discovery)

This discovers our base class for targeting.l

Element properties:

TargetMicrosoft.Windows.OperatingSystem
EnabledTrue
Frequency86400
RemotableFalse

Object Discovery Details:

Discovered Classes and their attribuets:

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.TimedPowerShell.DiscoveryProvider Default

Source Code:

<Discovery ID="Security.Protocol.Class.Discovery" Enabled="true" Target="Windows!Microsoft.Windows.OperatingSystem" ConfirmDelivery="false" Remotable="true" Priority="Normal">

  <Category>Discovery</Category>

  <DiscoveryTypes>

    <DiscoveryClass TypeID="Security.Protocol.Class">

      <Property TypeID="Security.Protocol.Class" PropertyID="KeyPath"/>

      <Property TypeID="System!System.ConfigItem" PropertyID="ObjectStatus"/>

      <Property TypeID="System!System.ConfigItem" PropertyID="AssetStatus"/>

      <Property TypeID="System!System.ConfigItem" PropertyID="Notes"/>

      <Property TypeID="System!System.Entity" PropertyID="DisplayName"/>

    </DiscoveryClass>

  </DiscoveryTypes>

  <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.TimedPowerShell.DiscoveryProvider">

    <IntervalSeconds>86400</IntervalSeconds>

    <SyncTime/>

    <ScriptName>Security.Protocol.Class.Discovery.ps1</ScriptName>

    <ScriptBody><Script>#=================================================================================



			  #  Author: Sean Christie

			  #  v1.0

			  #=================================================================================

			  param($SourceId,$ManagedEntityId,$ComputerName)





			  $ScriptName = "Security.Protocol.Class.Discovery.ps1"

			  $EventID = "1129"







			  $StartTime = Get-Date



			  $whoami = whoami



			  $momapi = New-Object -comObject MOM.ScriptAPI



			  $momapi.LogScriptEvent($ScriptName,$EventID,0,"`n Script is starting. `n Running as ($whoami).")









			  $DiscoveryData = $momapi.CreateDiscoveryData(0, $SourceId, $ManagedEntityId)





			  $key = Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\



			  $keypath = $computername+":HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\"

			  if($key -ne $null){



			  $instance = $DiscoveryData.CreateClassInstance("$MPElement[Name='Security.Protocol.Class']$")

			  $instance.AddProperty("$MPElement[Name='Windows!Microsoft.Windows.Computer']/PrincipalName$", $ComputerName)

			  $instance.AddProperty("$MPElement[Name='Security.Protocol.Class']/KeyPath$", $keypath)

			  $instance.AddProperty("$MPElement[Name='System!System.Entity']/DisplayName$", $ComputerName)

			  $DiscoveryData.AddInstance($instance)



			  }

			  Else

			  {



			  $momapi.LogScriptEvent($ScriptName,$EventID,0,"`n Discovery script returned no discovered objects")

			  }





			  $DiscoveryData



			  # End MAIN script section





			  # End of script section

			  #=================================================================================

			  #Log an event for script ending and total execution time.

			  $EndTime = Get-Date

			  $ScriptTime = ($EndTime - $StartTime).TotalSeconds

			  $momapi.LogScriptEvent($ScriptName,$EventID,0,"`n Script Completed. `n Script Runtime: ($ScriptTime) seconds.")

			  #=================================================================================

			  # End of script

</Script></ScriptBody>

    <Parameters>

      <Parameter>

        <Name>sourceId</Name>

        <Value>$MPElement$</Value>

      </Parameter>

      <Parameter>

        <Name>managedEntityId</Name>

        <Value>$Target/Id$</Value>

      </Parameter>

      <Parameter>

        <Name>computerName</Name>

        <Value>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</Value>

      </Parameter>

    </Parameters>

    <TimeoutSeconds>120</TimeoutSeconds>

    <StrictErrorHandling>false</StrictErrorHandling>

  </DataSource>

</Discovery>