72 docs tagged with "Auditing"

Retrieves detailed Hyper-V VHD/VHDX information and stores it as an HTML table in a NinjaRMM Custom Field. "cPVAL Hyper-V Vhdx Details".

Group of machines where BitLocker is disabled.

Group of machines where BitLocker is enabled.

The solution outlines the process of backing up BitLocker recovery keys to Active Directory or Azure Active Directory using CW RMM.

Group of machines where "BitLocker Key Backup" is enabled.

Group of machines where BitLocker Key Backup Failed.

This custom field display the most recent result after pushing the BitLocker recovery keys into AD/AzureAD.

Group of machines where BitLocker Key Backup Successful.

Group of machines where BitLocker Key was not found.

This script verifies whether the device is joined to a domain or Azure AD. For eligible devices, it attempts to back up BitLocker recovery keys to Azure AD or Local AD, depending on the join type. For each drive, it checks for RecoveryPassword protectors and tries to back up the key using the appropriate cmdlet. The output summarizes any failures, including drive letter, key substring, and platform. If all keys are backed up successfully, it reports success. If the device is not domain or Azure AD joined, or the BitLocker module is unavailable, it returns a relevant message. The output is formatted for saving into the CW RMM custom field "BitLocker Key Backup Status".

Stores BitLocker status and key information for all volumes on the device.

The solution outlines the process of auditing BitLocker encryption status and recovery keys using CW RMM with daily scheduled tasks.

This script collects BitLocker encryption details for each drive on the system using the Get-BitLockerVolume cmdlet. It summarizes the protection status, key protector types, encryption percentage, and recovery password (if available). The output is formatted as a single string suitable for saving into the Endpoint-Level custom field "BitLocker Status and Key".

Group of machines where the "BitLocker Status Audit" is enabled.

Group of machines where BitLocker is suspended.

Detects whether the installed Windows OS is a Home edition and updates the NinjaOne custom field with the result.

Enable this checkbox to activate weak credential monitoring for the client's domain. The script will run against the client's primary domain controller.

Stores an HTML-formatted inventory of Hyper-V Virtual Hard Disks (VHD/VHDX). Data is populated via the "Audit Hyper-V VHDX" automation script and includes disk paths, allocation types (Dynamic/Fixed), current file size, and fragmentation percentage.

SentinelOne Installation token.

If the S1 Management URL on the endpoint matches the value stored in the NinjaOne custom field, or if there is any discrepancy between the two.

SentinelOne Management Server Url fetched from the Endpoint

This custom field is used show available video output ports on the system (HDMI, DisplayPort, VGA, DVI, etc.). Detect which ports are actively used by connected monitors.

Stores details of weak and duplicate password credentials identified by the "Test Weak Password [Domain]" automation. This field helps track accounts that require password updates to maintain security compliance.

This custom field checks the OS Caption value to determine whether the installed Windows operating system is a home edition. It displays True if the OS name contains Home otherwise it displays False.

This Script validate the full version of the OS and compares it with Microsofts database of Windows Cumulative Updates to identify which cumulative update the device has. The data is then formatted and stored in the UDF.

Checks for recent DFS Replication errors or warnings within the last hour and reports the current replication state to identify potential sync or replication issues.

Triggers an alert when any errors are detected in DFS Replication on the server, indicating possible replication failures or issues requiring investigation.

Triggers an alert when any errors are detected in DFS Replication on the server, indicating possible replication failures or issues requiring investigation.

Flag this custom field to exclude the endpoint from "BitLocker Key Backup" solution.

Flag this custom field to exclude the site from "BitLocker Key Backup" solution.

Flag this custom field to exclude the endpoint from the BitLocker Status Audit solution.

Flag this custom field to exclude the site from the BitLocker Status Audit solution.

This document provides a comprehensive guide to automate the installation and update of DUO Authentication for Windows Login, including the necessary custom fields, device groups, and tasks for efficient deployment and auditing.

This document outlines the process for automating the installation and update of the DUO Authentication Security Proxy, including the necessary custom fields, dynamic groups, and tasks for effective management and auditing.

Select Operating System to Enable BitLocker Key Backup. The output of the Key Backup will be saved into the endpoint-level custom field "BitLocker Key Backup Status".

Select the Operating System to Enable BitLocker Status Audit. BitLocker status and recovery key will be stored in the device-level custom field "BitLocker Status and Key".

This script will search for ESU licenses present on the endpoint and return information for any licenses found

Stores the result from the ESU Audit script

This component is used to update the UDF with the leneovo warranty information.

Audits and reports on new SQL-related Windows Updates since the last script run.

Executes "Audit Hyper-V VHDX" script once per day against Hyper-V Hosts.

Retrieves detailed Hyper-V VHD/VHDX information and stores it as an HTML table in a NinjaRMM Custom Field.

The script inventories the endpoint for a curated list of remote access utilities by inspecting uninstall keys, running processes, installed services, and known executable paths. Optional exclusions can be provided through the Datto component parameter ToolsToIgnore. When the OutputUDF parameter is supplied, the detected tool names are saved to the specified Datto UDF that is dedicated to this automation and not shared with other components. All findings are also written to the Datto activity log for auditing purposes.

Retrieves and/or applies IISCrypto current details on the system

This script is used to update the Custom filed with the leneovo warranty end date

This Custom filed is used to show the warranty expiration date of any lenovo machine

This document outlines the implementation of a solution to collect and display OneDrive sync status information from Windows machines, specifically for Non-SharePoint Linked Sites. It includes associated content for auditing and alerting, as well as a detailed implementation guide and FAQs regarding potential errors in data retrieval.

This solution automates the detection of new SQL-related Windows Updates on SQL servers and generates tickets in CW RMM for the updates found since the last script execution.

This solution is targeted to compute all the patch management automation together for better understanding.

Determines if Windows Server Update Services (WSUS) settings are configured in the registry and identifies if they are managed via Group Policy (GPO). The result is stored in the custom field WSUS_Status.

Determines if Windows Server Update Services (WSUS) settings are configured in the registry and identifies if they are managed via Group Policy (GPO). The result is stored in the custom field WSUS_Status

This document outlines the implementation steps and associated content for the Patching and Cumulative Update Compliance Metrics dataviews in ConnectWise Automate, focusing on Windows computers with managed patch policies and their compliance scores over the past 30 days.

This ticket template configures how a ConnectWise Manage ticket will be generated in response to the SentinelOne Management Console Validation condition.

The script validates whether the SentinelOne Management Server detected on the computer is different from what is set for the Client in NinjaRMM.

This ticket template configures how a ConnectWise Manage ticket will be generated in response to the SentinelOne Management Console Validation condition.

This solution validates whether the SentinelOne Management Server URL detected on endpoints matches the value configured for the client in NinjaRMM, automatically flagging discrepancies and generating remediation tickets.'

This solution monitors servers for SMB1 protocol usage. It enables SMB1 access auditing (if disabled), scans event logs for recent SMB1 access attempts (Event IDs 1001, 3000) within the past hour, and triggers an alert through a compound condition if SMB1 is enabled and any access attempts are detected.

Enables SMB1 access auditing if disabled and scans event logs for recent SMB1 access attempts (Event IDs 1001, 3000) within the last hour. Returns exit codes for detection or script failure.

This Compound Condition creates an alert on Servers with SMB1 Protocol enabled and if SMB1 access attempts (Event IDs 1001, 3000) is detected within the last hour

Group of SQL Servers.

NinjaRMM implementation wrapper for the agnostic Test-WeakCredentials script that performs Active Directory password auditing with intelligent alerting and platform-specific data formatting.

This dataview shows the complete detail of the TPM of the Windows machines

Detect all available video output ports on the system (HDMI, DisplayPort, VGA, DVI, etc.). Detect which ports are actively used by connected monitors.

Template for creating a CW-Manage ticket from Weak Credentials Monitoring compound conditions.

Runs the "Test Weak Password [Domain]" automation daily on Primary Domain Controllers and creates a CW Manage ticket when a new weak or duplicate password is detected.

This solution monitors Active Directory domains for weak and duplicate passwords, automatically running daily audits on Primary Domain Controllers and generating ConnectWise Manage tickets when new weak credentials are detected.

Automate role to detect if a Windows agent has telemetry enabled

This document provides a comprehensive guide on how to implement and use the Windows Update Report in ConnectWise Automate for auditing and monitoring installed or available patches on local machines. It includes associated content, implementation steps, and FAQs.

This group contains the agents where the WSUS status is detected as disabled.

This group contains the agents where the WSUS status is detected as enabled.

This group contains the agents where the WSUS status is detected as not configured.