Scribd
Upload
13 views

Machine Baseline Compliance

This document describes a machine baseline compliance report and remediation steps for components with failed compliance. The report details compliance status for items like the last logon date, SCCM client installation, hardware and software inventory, and antivirus software installation. Remediation steps include reinstalling the SCCM client and McAfee antivirus through automated tasks or manual processes.

Uploaded by

bpk013repack
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views

Machine Baseline Compliance

This document describes a machine baseline compliance report and remediation steps for components with failed compliance. The report details compliance status for items like the last logon date, SCCM client installation, hardware and software inventory, and antivirus software installation. Remediation steps include reinstalling the SCCM client and McAfee antivirus through automated tasks or manual processes.

Uploaded by

bpk013repack
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Machine Baseline Compliance

Machine Baseline Compliance INTERNAL

Prepared by : Peter Bernath Sign. :


Verified by : Click here and type Position title Sign. :
Approved by : Click here and type Position title Sign. :

Distribution List
From Date Phone /Email

The design approval follows the standard GBS ServiceNow Process.


To Action* Due Date Phone/Email

* Action Types: Approve, Review, Inform, File, Action Required, Attend Meeting, Other (please specify)

Document Version History


Version Version
Number Date Revised By Description Filename
0.1 2021.02.23 Peter Bernath Draft
Version 1.0
Machine Baseline Compliance Page 2 of 6

CONTENTS
1 Introduction ............................................................................................................................ 3
2 Report details ......................................................................................................................... 3
3 Remediation ........................................................................................................................... 5
3.1 SCCM Client Reinstallation ............................................................................................. 5
3.2 McAfee ........................................................................................................................... 6
Version 1.0
Machine Baseline Compliance Page 3 of 6

1 Introduction
This document describes machine baseline compliance report and remediation steps for
components with failed compliance state.
2 Report details

NHY domain:
Machine Baseline - SQL Server 2019 Reporting Services (hydro.com)

NHY domain (Critical machines):


Machine Baseline (Critical Machines) - SQL Server 2019 Reporting Services (hydro.com)

GLOBAL domain:
Machine Baseline - SQL Server Reporting Services (global.to)

Global Domain (Critical Machines):


Machine Baseline (Critical) - SQL Server Reporting Services (global.to)

Last logon date:


Shows the computer last logon date from AD (the AD attribute collected by SCCM and the
query use SCCM DB).
Status:
• Empty: no information is available.
• Yellow: The last logon date is older than 30 days.
• Red: The last logon date is older than 60 days.

Client Installed:
Shows the SCCM client installation status from SCCM server perspective.
Status:
Version 1.0
Machine Baseline Compliance Page 4 of 6

• Yes: SCCM client is installed.


• No: SCCM client is not installed or the client is installed on the computer, but the
communication between the SCCM client and the SCCM server failed.
Remediation: Reinstall SCCM client

Heartbeat:
Shows the SCCM Client’s heartbeat status.
Status:
• OK: The heartbeat not older than 14 days compared to the last logon date.
• OLD: The heartbeat older than 14 days compared to the last logon date.
• N/A: The SCCM client hasn’t sent heartbeat.
Remediation: Reinstall SCCM client

HW inventory:
Shows the SCCM Client’s Hardware inventory status.
Status:
• OK: The HW inventory not older than 14 days compared to the last logon date.
• OLD: The HW inventory older than 14 days compared to the last logon date.
• N/A: The client hasn’t sent HW inventory
Remediation: Reinstall SCCM client

SW inventory:
Shows the SCCM Client’s Software inventory status.
Status:
• OK: The SW inventory not older than 14 days compared to the last logon date.
• OLD: The SW inventory older than 14 days compared to the last logon date.
• N/A: The SCCM client hasn’t sent SW inventory.
Remediation: Reinstall SCCM client

McAfee installed:
Shows the McAfee antivirus installation status.
Status:
• Compliant: McAfee and all required modules are installed on the machine.
• Non-Compliant: McAfee not installed, or some required modules are missing.
Remediation: Install McAfee

Red Cloak installed:


Shows the Red Cloak antivirus installation status.
Status:
• Compliant: Red Cloak installed on the machine.
• Non-Compliant: Red Cloak not installed on the machine.
Version 1.0
Machine Baseline Compliance Page 5 of 6

Remediation: Install Red Cloak

Zscaler installed:
Shows the Zscaler antivirus installation status.
Status:
• Compliant: Zscaler installed on the machine.
• Non-Compliant: Zscaler not installed on the machine.
Remediation: Install Zscaler

Machine Type (by OU):


Shows the machine type based on the OU placed.
Status:
Desktop/Laptop/Production/Critical/Virtual/Tablet/Server/DC/ Tier Computer

3 Remediation

3.1 SCCM Client Reinstallation


Reinstall SCCM agent:
• Open Task Scheduler with elevated privileges
• Browse “Microsoft\Configuration Manager”
• Run “CCMReinstall” Task

Logfiles:
• Script Logfiles:
C:\Windows\Hydro\Logs\CCMClientRemediation

• SCCM Setup Logfiles:


C:\Windows\ccmsetup\Logs

• Installed SCCM agent Logfiles:


C:\Windows\CCM\Logs

Troubleshooting:
• If Corporate connection available run “gpupdate /force”. It should copy the latest binaries
and create the scheduled tasks
Version 1.0
Machine Baseline Compliance Page 6 of 6

• If Scheduled task still missing, copy the installer from

NHY:
\\nhy.hydro.com\SYSVOL\nhy.hydro.com\Policies\{E3BF8148-3742-4264-ADFE-
A46C63FCA63F}\Machine\Script\CCMClientRemediation

Global:
\\global.to\sysvol\global.to\scripts\Scripts\CCMClientRemediation

to a separate temporally folder and run the script with elevated PowerShell Prompt:

powershell.exe -ExecutionPolicy Bypass -command "& '.\CCMClientRemediation.ps1'


-force"

Always use the latest version of the script!


Older versions might have issues.

After successful reinstallation it takes approx. 24 hours to get all SCCM policies and
advertisements.

3.2 McAfee
Automatic remediation:
• The SCCM regularly checks McAfee agent compliance and initiate automatic reinstallation
if any components are missing.
This will force computer restart!

Manual Reinstall:
• Open SCCM device and application Manager tool
• Select “Assign Device Software” TAB
• Add machine to “McAfee Reinstall” Software.
• This initiate automatic reinstallation of McAfee agent

You might also like