Get-DepPolicy

1.1

Get-DepPolicy.ps1

                                <#PSScriptInfo

.VERSION 1.1

.GUID 58c1bea5-bda9-450d-afb4-7693f433c71a

.AUTHOR Chris Carter

.COMPANYNAME 

.COPYRIGHT 2016 Chris Carter. All rights reserved.

.TAGS DataExecutionPrevention DEP DEPSupportPolicy 

.LICENSEURI http://creativecommons.org/licenses/by-sa/4.0/

.PROJECTURI https://gallery.technet.microsoft.com/Get-the-Data-Execution-c693e5c1

.ICONURI 

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES 

#>

<#

.SYNOPSIS

Gets the Data Execution Prevention (DEP) Support Policy.

.DESCRIPTION

Retrieves the Data Execution Prevention (DEP) Support Policy for the computer specified to the ComputerName parameter (local computer by default). Using the Byte parameter results in the output being only the low level byte value reported by the system, and the PolicyLevel parameter outputs its string representation. Otherwise a DepSupportPolicy custom object is returned.

.PARAMETER ComputerName

The name of the computer to get the DEP Support Policy from.

.PARAMETER Byte

Causes the output to be the low level byte reported by the system.

.PARAMETER PolicyLevel

Causes the output to be the string representation of the setting.

.INPUTS

System.String

Accepts the property name ComputerName from the pipeline.

.OUTPUTS

DepSupportPolicy or System.Byte

Using the AsNumber causes the script to return a Byte object representing the low level byte reported by the system.

.EXAMPLE

Get-DepPolicy -ComputerName Server01

This command will return the DEP Support Policy of the computer Server01 as a DepSupportPolicy object.

.EXAMPLE

Get-DepPolicy -Byte

This command will return the DEP Support Policy of the local computer as a byte.

.EXAMPLE

Get-DepPolicy -PolicyLevel

This command will return the string representation of the DEP Support Policy level.

.LINK

Get-WmiObject

.LINK

Add-Type

.LINK

System.Enum

#>

#Requires -Version 2.0

[CmdletBinding(DefaultParameterSetName='Byte',HelpURI='https://gallery.technet.microsoft.com/Get-the-Data-Execution-c693e5c1')]

Param(

    [Parameter(Position=0,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]

        [Alias("CN")][String[]]$ComputerName=$env:COMPUTERNAME,

    [Parameter(ParameterSetName='Byte')]

        [Switch]$Byte,

    [Parameter(ParameterSetName='String')]

        [Alias("PL")]

        [Switch]$PolicyLevel

)

Begin {

    #Add custom C# type with nested enum type to hold the result.

    Add-Type -TypeDefinition @'

        public class DepSupportPolicy

        {

            //Auto-Implemented properties used

            public string ComputerName {get; set;}

            public byte Value {get; set;}

            public DepSupportPolicyLevel PolicyLevel {get; set;}

            public string Description {get; set;}

            //Constructor

            public DepSupportPolicy(string name, byte val, DepSupportPolicyLevel level, string desc)

            {

                ComputerName = name;

                Value = val;

                PolicyLevel = level;

                Description = desc;

            }

            //Nested enum for Policy Level

            public enum DepSupportPolicyLevel

            {

                AlwaysOff,AlwaysOn,OptIn,OptOut

            }

        }

'@

    #Creates the custom defined C# object.

    Function New-CSharpObject ($byte, $computername) {

        #Convert byte to enum member; '+' denotes accessing a nested type

        $level = $byte -as [DepSupportPolicy+DepSupportPolicyLevel]

        #Switch on the byte to provide a description

        switch ($byte) {

            0 {$desc='DEP is not enabled for any processes.'}

            1 {$desc='DEP is enabled for all processes.'}

            2 {$desc='Only Windows system components and services have DEP applied.'}

            3 {$desc='DEP is enabled for all processes. Administrators can manually create a list of specific applications which do not have DEP applied.'}

        }

        #Create the new custom object

        New-Object -TypeName DepSupportPolicy -ArgumentList $computername, $byte, $level, $desc

    }

}

Process {

    foreach ($comp in $ComputerName) {

        try {

            #Retrieve WMI class containing desired property and condense it down to just that property.

            $result = Get-WmiObject Win32_OperatingSystem -ComputerName $comp | 

                        Select-Object -ExpandProperty DataExecutionPrevention_SupportPolicy

        }

        catch {

            #If no WMI retrieval, continue to next object in the pipe.

            $_; continue

        }

        #Provide a full object if an output of the byte or policy level is not desired.

        if (!$Byte) {

            #Send the DEP byte and the current computer name in the pipe to create the object.

            $result = New-CSharpObject -byte $result -computername $comp

            #Only display PolicyLevel if desired

            if ($PolicyLevel) { [string]$result = $result | Select-Object -ExpandProperty PolicyLevel }

        }

        #Output result.

        $result

    }

}