Detect-SecureBootCA2023SCCM
1.0.0
This discovery script evaluates the Secure Boot CA 2023 certificate update status on Windows 11 devices.
It reads UEFI servicing registry values and returns a single string output suitable for SCCM CI rules.
Possible return values:
Compliant
PendingRemediation
PendingRestart
ManualReview
NotApplicable
Recommended SCCM CI configuration:
Settin
It reads UEFI servicing registry values and returns a single string output suitable for SCCM CI rules.
Possible return values:
Compliant
PendingRemediation
PendingRestart
ManualReview
NotApplicable
Recommended SCCM CI configuration:
Settin
This discovery script evaluates the Secure Boot CA 2023 certificate update status on Windows 11 devices.
It reads UEFI servicing registry values and returns a single string output suitable for SCCM CI rules.
Possible return values:
Compliant
PendingRemediation
PendingRestart
ManualReview
NotApplicable
Recommended SCCM CI configuration:
Setting type : Script
Data type : String
Rule : Equals "Compliant"
Show more
It reads UEFI servicing registry values and returns a single string output suitable for SCCM CI rules.
Possible return values:
Compliant
PendingRemediation
PendingRestart
ManualReview
NotApplicable
Recommended SCCM CI configuration:
Setting type : Script
Data type : String
Rule : Equals "Compliant"
Installation Options
Owners
Copyright
(c) 2026 Mert Efe Kanlikilic. All rights reserved.
Package Details
Author(s)
- Mert Efe Kanlikilic
Tags
SecureBoot Windows11 SCCM ConfigMgr ConfigurationManager ComplianceBaseline SecureBootCertificate UEFI
Dependencies
This script has no dependencies.
Release Notes
Initial release for SCCM / Configuration Manager Configuration Item discovery.
FileList
- Detect-SecureBootCA2023SCCM.nuspec
- Detect-SecureBootCA2023SCCM.ps1
Version History
| Version | Downloads | Last updated |
|---|---|---|
| 1.0.0 (current version) | 10 | 6/24/2026 |