Powershell Command | Out-File

0

1

Problem: Determine remote computers Data Execution Prevention (DEP) status and pipe the results to a txt file including the machine name.

Current Solution:

BCDEdit /enum "{current}" | out-file \\FILESHARE\DEP\DEP.txt -Append

I'm pushing the script out through SCCM so my only issue is getting the machine name included with the results. SCCM allows you to run the script on each machine remotely as System so I don't have to worry about "get-content" with a list of PC's just point to a collection and run the script on those systems.

Alternatively, I tried to run Powershell command outside of SCCM such as:

$XenServers = get-content -path 'C:\PC_List.txt'

$Results= ForEach ($XenServer in $XenServers)
{
BCDEdit /enum "{current}"
}

$Results | Out-File \\FILESHARE\DEP\DEP.txt

Shawn

Posted 2019-10-15T19:24:06.200

Reputation: 1

Don't forget to ask your question. – Bill_Stewart – 2019-10-18T17:41:32.207

Answers

1

I'd recommend using an entirely PowerShell solution. According to the link below, the Win32_OperationSystem class contains the value you are looking for in the DataExecutionPrevention_SupportPolicy property. The objects returned from WMI queries also include the PSComputerName property so it's an easy way to keep track of the results. I'm not a fan of this kind of formatting so I am including another recommendation.

get-WmiObject Win32_OperatingSystem |
  Select-Object PSComputerName, DataExecutionPrevention_SupportPolicy |
  Export-Csv -Path \\FILESHARE\DEP\DEP.csv -Append -NoTypeInformation

https://support.microsoft.com/en-us/help/912923/how-to-determine-that-hardware-dep-is-available-and-configured-on-your

Scott Heath

Posted 2019-10-15T19:24:06.200

Reputation: 136

1Thank you so much for the reply! So after some time, I finally got your code to work. Apparently after the file was initially created on the file share, it would allow one entry from the first machine and nothing else would append. It wasn't until I changed the inhereted permissions for "Users" to be able to also modify, that all the other machines begain to populate. I also added -force before changing the "Users" permission to try and resolve the issue. – Shawn – 2019-10-30T17:01:00.773

get-WmiObject Win32_OperatingSystem | Select-Object PSComputerName, DataExecutionPrevention_SupportPolicy | Export-Csv -Path \FILESHARE\Deployments\Temp\DEP\DEP_Status.csv -append -notypeinformation | start-sleep -s 5 – Shawn – 2019-11-01T14:51:16.203

Asked: 2019-10-15T19:24:06.200

Viewed: 58 times

Active: 2019-10-19T03:35:25.403