Get-MDIConfiguration
Gets the configuration for various Defender for Identity post-deployment required settings.
Syntax
Get-MDIConfiguration
[-Mode] <String>
[-Configuration] <String[]>
[-GpoNamePrefix <String>]
[-Server <String>]
[<CommonParameters>]Description
The Get-MDIConfiguration function gets the configuration for various Defender for Identity
post-deployment required settings.
Examples
EXAMPLE 1
Get-MDIConfiguration -Mode LocalMachine -Configuration NTLMAuditing
Name Status Details
---- ------ -------
NTLMAuditing True {@{Path=HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\; Name=AuditNTLMInDomain...This example returns the NTLMAuditing configuration for the local machine.
EXAMPLE 2
Get-MDIConfiguration -Mode Domain -Configuration All -GpoNamePrefix 'CONTOSO'
Name Status Details
---- ------ -------
AdfsAuditing True Microsoft ADFS container not found
AdvancedAuditPolicyCAs False 'CONTOSO - Advanced Audit Policy for CAs' - GPO not found
AdvancedAuditPolicyDCs False 'CONTOSO - Advanced Audit Policy for DCs' - GPO not found
CAAuditing False 'CONTOSO - Auditing for CAs' - GPO not found
ConfigurationContainerAuditing True Microsoft Exchange Services container not found
DomainObjectAuditing True {@{Account=Everyone; SecurityIdentifier=S-1-1-0; AccessMask=786464; AccessMaskDet...
NTLMAuditing False 'CONTOSO - NTLM Auditing for DCs' - GPO not found
ProcessorPerformance False 'CONTOSO - Processor Performance' - GPO not foundThis example returns all configurations for the domain (including GPOs and their links), using the
CONTOSO prefix to search for the GPO names.
Parameters
-Configuration
Specifies the configuration to get. You can specify one or more of the following values:
All(all configurations)AdfsAuditingAdvancedAuditPolicyCAsAdvancedAuditPolicyDCsCAAuditingConfigurationContainerAuditingDomainObjectAuditingNTLMAuditingProcessorPerformance
| Type: | System.String[] |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-GpoNamePrefix
Specifies a prefix for the Group Policy Objects (GPO) names to be searched. Use this parameter for GPO naming convention.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Mode
Specifies the mode to use. You must specify one of the following values:
Domain: Collect settings from the Group Policy objectsLocalMachine: Collect settings from the local machine
| Type: | System.String |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Server
Specifies the name of the server to run the command against. This parameter is optional and defaults to the PDC Emulator in the domain.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |