A device can look healthy in NinjaOne and still have broken Intune enrollment state in the background.
This script-driven health check validates key Intune enrollment indicators and writes the results to NinjaOne custom fields so you can alert on drift quickly.
Long-running uptime can be useful, but it also increases risk: pending updates remain pending, patch windows get missed, and users eventually get hit with inconvenient restarts.
This script gives you a practical middle ground:
This script uses an undocumented Microsoft 365 API to check the latest version of Microsoft Office / 365 Apps and compares it to the installed version. It then sets a custom field in NinjaOne to indicate whether the latest security release (if there is one) is installed. It also sets fields to indicate the channel, installed version, update status and a card containing more detailed information.
This article uses an undocumented API to check the latest version of Microsoft Office / 365 Apps. This API is subject to change without notice and may stop working at any time. Use at your own risk.
PowerShell 5.1 as shipped with Windows 10 and 11 includes versions 1.0.0.1 of PackageManagement and PowerShellGet this old version cannot install most modern modules, nor can it self update properly.
In most cases fixing this runs into numerous issues with conflicting versions or files in use. This script is an adaptation of a script by Chris Taylor which takes a different approach to downloading the modules, has a bit more error checking and further installs the new PSResourceGet module which is the replacement for PowerShellGet.
This post will hold detection scripts for any serious CVE vulnerability that we write detection scripts for in the future. It will be updated and added to as new vulnerability detection scripts are written.
This post will show you how to deploy the New Teams client using a PowerShell script.
When deploying a password manager, one of the first things you'll want to do is disable the built-in password manager in your browsers. This is a pretty simple task, but it's also one that's easy to forget. It's also a good idea to clear out any passwords that may have been saved before you deployed your password manager.
We automate this for the two browsers we support on managed Windows devices (Edge and Firefox) using PowerShell. Here's how we do it.
Sometimes I get a script idea put in my head that's so irritatingly pervasive that the only fix is to write the damned script. David Szpunar from the NinjaOne Users Discord made a somewhat passing comment about time drift causing issues with a remote support tool and that let to me thinking... You could probably monitor for that with a PowerShell one-liner right?
Wrong! Turns out that it's more than one line!
This post will show you how to use registry keys to test, set and remove target versions for Windows Feature Updates. This allows you to prevent Windows 10 or 11 from updating past your configured limit.
This post and the WinRE patching script on Martin's blog at https://manima.de are the result of a collaboration between Martin and I to help mutually improve our various efforts towards patching CVE-2022-41099.
This article relates to CVE-2022-41099 which is a vulnerability in the Windows Recovery Environment (WinRE) which could allow a successful attacker to bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.