Hello,
I have a CI as:
Discovery Script
Set-ExecutionPolicy bypass
$FeatureName = "Windows-Defender"
If (Get-WindowsOptionalFeature -Online | Where {$.State `
-eq "Enabled" -and $.FeatureName -eq $FeatureName}) {
$Compliance = "Compliant"
}
Else {
$Compliance = "NonCompliant"
}
Return $Compliance
Remediation Script:
<#
.DESCRIPTION
Installation/Enabling Windows Defender Feature (Windows Server 2016) / Windows Defender Antivirus (Windows Server 2019)
>
Feature to correct "Windows-Defender"
Set variables to indicate value and key to set
$FeatureName = "Windows-Defender"
Enable-WindowsOptionalFeature -Online -FeatureName $FeatureName
The corresponding CB which was deployed to a collection...
If I check a client I see the CB listed... If I do an "evaluate:
Computer Name: VIPBMXX03
Evaluation Time: 9/21/2022 8:03:04 PM
Baseline Name: ISS - Servers - CB - Windows Defender Feature
Revision: 1
Compliance State: Compliant
Non-Compliance Severity: None
Description: ISS - Servers - CB - Windows Defender Feature for Windows Server 2016 & Windows Server 2019
Summary:
Name Revision Type Baseline
Policy Compliance
State Non-Compliance
Severity Discovery
Failures Non-Compliant
Rules Remediated
Rules Conflicting
Rules
ISS - Servers - CB - Windows Defender Feature
1 Baseline Compliant None 0 0 0 0
ISS - Servers - CI - Windows Defender Feature
7 Operating System
Configuration Item Required Compliant None 0 0 0 0
Details:
Name: ISS - Servers - CB - Windows Defender Feature
Type: Baseline
Revision: 1
Compliance State: Compliant
Non-Compliance Severity: None
Description: ISS - Servers - CB - Windows Defender Feature for Windows Server 2016 & Windows Server 2019
Name: ISS - Servers - CI - Windows Defender Feature
Type: Operating System Configuration Item
Revision: 7
Compliance State: Compliant
Non-Compliance Severity: None
Description: Enable Windows Defender Feature for Windows Server 2016 & WIndows Server 2019
The Remediation which is to enable the "Windows Defender" feature does not happen...
Thanks,
Dom