Windows compliance

Contents

Windows compliance

Description

With two dedicated Nexthink Act remote actions, compute a hash of the Trusted Root Certification Authorities certificate store and the HOSTS file, and display the list of elements present in each container. Useful for retrieving a unique fingerprint from all devices to ensure that the installed Trust Root Certificate Authorities and HOSTS file are in accordance with company policy.

Platforms

  • Windows 10 and 7.

License modules

  • Nexthink Act.

Compatibility

  • Nexthink V6.14 and later.

Script Trusted Root Certification Authorities certificate store integrity check

  • Version 2.0.0.0 - Included new output fields with the list of thumbprints
  • Version 1.0.0.0 - Initial release

Script Description

Returns the hash of the Trusted Root Certification Authorities certificate store, as well as a list containing all their thumbprints. Useful for retrieving a unique fingerprint from all devices to ensure that the installed Trust Root Certificate Authorities are in accordance with company policy. A Finder investigation should be used to compare the retrieved fingerprints against that of a known, trusted device.

Execution context and suggested scheduling

Run the script manually as interactive user.

Parameters

None.

Outputs

ID Label Type Description
1 RootCAsHash String Hash of the Trusted Root Certification Authorities certificate store
2 RootCAsThumbprints StringList List of thumbprints for the Trusted Root Certification Authorities
3 OtherRootCAsThumbprints StringList Continuation list of thumbprints (used only if character count exceeded 1020)


Script HOSTS file integrity check

  • Version 1.0.0.0 - Initial release

Script Description

Returns the hash of the HOSTS file, as well as a list containing all entries. Useful for retrieving a unique fingerprint from all devices to ensure that the HOSTS file is in accordance with company policy. A Finder investigation should be used to compare the retrieved fingerprints against that of a known, trusted device.

Execution context and suggested scheduling

Run the script manually as local system.

Parameters

None.

Outputs

ID Label Type Description
1 HostsFileEntriesHash String Hash of the HOSTS file
2 HostsFileEntries StringList List of entries of the HOSTS file