Share via

Programatically Set Values for Security Recommendations

Colm McGrath 1 Reputation point
2021-11-02T15:21:01.833+00:00

Hi,
I've been using the following to fix recommendation in security center:
https://raw.githubusercontent.com/Cloudneeti/os-harderning-scripts/master/WindowsServer2016/CSBP_WindowsServer2016.ps1

The registry values are being set, but security center isn't showing these fixes. Am I missing something?

I'm basically going through the "Remediate security configurations" page in security center and came across the above repo which upon going through it covers I would say 90%+ of the CCE / AZ recommendations in security center. Other documents / info I have looked at cover manually setting policies etc in the windows GUI which did seem to work but doing this programmatically does not.

Thanks,
Colm

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Windows for business | Windows Server | User experience | Other
Windows for business | Windows Server | Devices and deployment | Configure application groups
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gary Reynolds 9,626 Reputation points
    2021-11-02T20:27:46.18+00:00

    Hi

    Have look at this post where gpo setting where not being applied because the gpo client side extension where not being added to the gpo when automating with powershell.

    https://learn.microsoft.com/en-us/answers/questions/593885/gpo-updated-but-not-applied.html

    Gary.

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.