divetennis
asked on
Windows Powershell script help to check if IIS_IUSRS group have access to the iisWasKey revoked
Hi there,
i need help to write a windows power shell script to run a command to check if IIS_IUSRS group have access to the iisWasKey revoked.
- I need the script to pull the windows server <MachineGUID> dynamically before running the command:
- Obtain the machine GUID at the Registry Value "MachineGuid" in the Registry Key: HKEY_LOCAL_MACHINE\SOFTWAR E\Microsof t\Cryptogr aphy
Next, open a command prompt and run the following icacls command, ensuring that BUILTIN\IIS_IUSRS(R) has been removed:
Refernce to this is: 3.11 Ensure 'encryption providers' are locked down of https://benchmarks.cisecurity.org/tools2/iis/CIS_Microsoft_IIS_7_Benchmark_v1.8.0.pdf
Great thanks!
i need help to write a windows power shell script to run a command to check if IIS_IUSRS group have access to the iisWasKey revoked.
- I need the script to pull the windows server <MachineGUID> dynamically before running the command:
- Obtain the machine GUID at the Registry Value "MachineGuid" in the Registry Key: HKEY_LOCAL_MACHINE\SOFTWAR
Next, open a command prompt and run the following icacls command, ensuring that BUILTIN\IIS_IUSRS(R) has been removed:
icacls %ALLUSERSPROFILE%\Microsoft\Crypto\RSA\MachineKeys\76944fb33636aeddb9590521c2e8815a_<MachineGUID>
Refernce to this is: 3.11 Ensure 'encryption providers' are locked down of https://benchmarks.cisecurity.org/tools2/iis/CIS_Microsoft_IIS_7_Benchmark_v1.8.0.pdf
Great thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.