Get-MDIConfiguration

Gets the configuration for various Defender for Identity post-deployment required settings.

Syntax

Get-MDIConfiguration
   [-Mode] <String>
   [-Configuration] <String[]>
   [-GpoNamePrefix <String>]
   [-Server <String>]
   [<CommonParameters>]

Description

The Get-MDIConfiguration function gets the configuration for various Defender for Identity post-deployment required settings.

Examples

EXAMPLE 1

Get-MDIConfiguration -Mode LocalMachine -Configuration NTLMAuditing

Name         Status Details
----         ------ -------
NTLMAuditing   True {@{Path=HKLM:\System\CurrentControlSet\Services\Netlogon\Parameters\; Name=AuditNTLMInDomain...

This example returns the NTLMAuditing configuration for the local machine.

EXAMPLE 2

Get-MDIConfiguration -Mode Domain -Configuration All -GpoNamePrefix 'CONTOSO'

Name                           Status Details
----                           ------ -------
AdfsAuditing                     True Microsoft ADFS container not found
AdvancedAuditPolicyCAs          False 'CONTOSO - Advanced Audit Policy for CAs' - GPO not found
AdvancedAuditPolicyDCs          False 'CONTOSO - Advanced Audit Policy for DCs' - GPO not found
CAAuditing                      False 'CONTOSO - Auditing for CAs' - GPO not found
ConfigurationContainerAuditing   True Microsoft Exchange Services container not found
DomainObjectAuditing             True {@{Account=Everyone; SecurityIdentifier=S-1-1-0; AccessMask=786464; AccessMaskDet...
NTLMAuditing                    False 'CONTOSO - NTLM Auditing for DCs' - GPO not found
ProcessorPerformance            False 'CONTOSO - Processor Performance' - GPO not found

This example returns all configurations for the domain (including GPOs and their links), using the CONTOSO prefix to search for the GPO names.

Parameters

-Configuration

Specifies the configuration to get. You can specify one or more of the following values:

  • All (all configurations)
  • AdfsAuditing
  • AdvancedAuditPolicyCAs
  • AdvancedAuditPolicyDCs
  • CAAuditing
  • ConfigurationContainerAuditing
  • DomainObjectAuditing
  • NTLMAuditing
  • ProcessorPerformance
Type:System.String[]
Position:2
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-GpoNamePrefix

Specifies a prefix for the Group Policy Objects (GPO) names to be searched. Use this parameter for GPO naming convention.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Mode

Specifies the mode to use. You must specify one of the following values:

  • Domain: Collect settings from the Group Policy objects
  • LocalMachine: Collect settings from the local machine
Type:System.String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Server

Specifies the name of the server to run the command against. This parameter is optional and defaults to the PDC Emulator in the domain.

Type:System.String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False