Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM) and Microsoft Intune use Detection Rules to determine the presence of Applications & Win32 Apps. The detection rules ensure that application installations only begin to run if the application is not already installed on the device. This article will serve as an informative guide and give you a clear understanding of how to create an updated custom detection script for each new version of Local Administrator Password Solution (LAPS) using PowerShell.
How to Create a Custom Detection Script for Local Administrator Password Solution (LAPS)
Local Administrator Password Solution (LAPS) (File Detection Method)
- Install the version of Local Administrator Password Solution (LAPS) you want to deploy on a test box or VM
- Check out the following posts for further details
- Open Windows PowerShell ISE by Right-Clicking on Windows PowerShell ISE and selecting Run as Administrator
- Copy the following code into the Windows PowerShell ISE
## Check for Local Administrator Password Solution (LAPS) (File Detection Method) $LAPS = (Get-ChildItem -Path "C:\Program Files\LAPS\CSE\AdmPwd.dll","C:\Program Files (x86)\LAPS\CSE\AdmPwd.dll" -ErrorAction SilentlyContinue) $LAPS.FullName $LAPSPath = $($LAPS.FullName).Replace("C:\Program Files\","").Replace("C:\Program Files (x86)\","") $FileVersion = (Get-Item -Path "$($LAPS.FullName)" -ErrorAction SilentlyContinue).VersionInfo.FileVersion ## Create Text File with Local Administrator Password Solution (LAPS) File Detection Method $FilePath = "C:\Windows\Temp\LAPS_Detection_Method.txt" New-Item -Path "$FilePath" -Force Set-Content -Path "$FilePath" -Value "If([String](Get-Item -Path `"`$Env:ProgramFiles\$LAPSPath`",`"`${Env:ProgramFiles(x86)}\$LAPSPath`" -ErrorAction SilentlyContinue).VersionInfo.FileVersion -ge `"$FileVersion`"){" Add-Content -Path "$FilePath" -Value "Write-Host `"Installed`"" Add-Content -Path "$FilePath" -Value "Exit 0" Add-Content -Path "$FilePath" -Value "}" Add-Content -Path "$FilePath" -Value "else {" Add-Content -Path "$FilePath" -Value "Exit 1" Add-Content -Path "$FilePath" -Value "}" Invoke-Item $FilePath
- Click Run Script (F5)
- A text file will open with the Local Administrator Password Solution (LAPS) Detection Method script required to detect the current version of Local Administrator Password Solution (LAPS) that is installed on the device you are running the script from.
Example:
If([String](Get-Item -Path "$Env:ProgramFiles\LAPS\CSE\AdmPwd.dll","${Env:ProgramFiles(x86)}\LAPS\CSE\AdmPwd.dll" -ErrorAction SilentlyContinue).VersionInfo.FileVersion -ge "6.2.0.0"){ Write-Host "Installed" Exit 0 } else { Exit 1 }
- Copy the Local Administrator Password Solution (LAPS) Detection Method script content into the Custom Detection Rules (Script)
- Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM)
- Microsoft Intune
Local Administrator Password Solution (LAPS) (Registry Detection Method)
- Install the version of Local Administrator Password Solution (LAPS) you want to deploy on a test box or VM
- Check out the following posts for further details
- Open Windows PowerShell ISE by Right-Clicking on Windows PowerShell ISE and selecting Run as Administrator
- Copy the following code into the Windows PowerShell ISE
## Check for Local Administrator Password Solution (LAPS) (Registry Detection Method) $LAPS = Get-ChildItem -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall","HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall" | Get-ItemProperty | Where-Object {$_.DisplayName -match 'Local Administrator Password Solution' } | Select-Object -Property DisplayName, DisplayVersion, PSChildName $LAPS.DisplayVersion $LAPS.PSChildName ## Create Text File with Local Administrator Password Solution (LAPS) Registry Detection Method $FilePath = "C:\Windows\Temp\LAPS_Detection_Method.txt" New-Item -Path "$FilePath" -Force Set-Content -Path "$FilePath" -Value "If([Version](Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$($LAPS.PSChildName)','HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\$($LAPS.PSChildName)' -Name DisplayVersion -ea SilentlyContinue) -ge '$($LAPS.DisplayVersion)') {" Add-Content -Path "$FilePath" -Value "Write-Host `"Installed`"" Add-Content -Path "$FilePath" -Value "Exit 0" Add-Content -Path "$FilePath" -Value "}" Add-Content -Path "$FilePath" -Value "else {" Add-Content -Path "$FilePath" -Value "Exit 1" Add-Content -Path "$FilePath" -Value "}" Invoke-Item $FilePath
- Click Run Script (F5)
- A text file will open with the Local Administrator Password Solution (LAPS) Detection Method script required to detect the current version of Local Administrator Password Solution (LAPS) that is installed on the device you are running the script from.
Example:
If([Version](Get-ItemPropertyValue -Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{97E2CA7B-B657-4FF7-A6DB-30ECC73E1E28}','HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97E2CA7B-B657-4FF7-A6DB-30ECC73E1E28}' -Name DisplayVersion -ea SilentlyContinue) -ge '6.2.0.0') { Write-Host "Installed" Exit 0 } else { Exit 1 }
- Copy the Local Administrator Password Solution (LAPS) Detection Method script content into the Custom Detection Rules (Script)
- Microsoft Endpoint Manager Configuration Manager (MEMCM / SCCM)
- Microsoft Intune
Always make sure to test everything in a development environment prior to implementing anything into production. The information in this article is provided “As Is” without warranty of any kind.