deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-08 02:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Cleanup bash snippets

Browse Source
This commit is contained in:
Tudor Dobrila 2019-09-25 15:29:21 -07:00
parent c8e9a1e962
commit 2492957c19
5 changed files with 26 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
View File

@ -48,11 +48,11 @@ Download the installation and onboarding packages from Windows Defender Security
Extract the contents of the .zip files: Extract the contents of the .zip files:
```bash ```bash
ls -l $ ls -l
total 721152 total 721152
-rw-r--r-- 1 test staff 6185 Mar 15 10:45 WindowsDefenderATPOnboardingPackage.zip -rw-r--r-- 1 test staff 6185 Mar 15 10:45 WindowsDefenderATPOnboardingPackage.zip
-rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg
mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip $ unzip WindowsDefenderATPOnboardingPackage.zip
Archive: WindowsDefenderATPOnboardingPackage.zip Archive: WindowsDefenderATPOnboardingPackage.zip
inflating: WindowsDefenderATPOnboarding.py inflating: WindowsDefenderATPOnboarding.py
``` ```
@ -92,7 +92,7 @@ If you did not enable Microsoft's driver during installation, then the applicati
You can also run ```mdatp --health```. It reports if Real-Time Protection is enabled but not available: You can also run ```mdatp --health```. It reports if Real-Time Protection is enabled but not available:
```bash ```bash
mdatp --health $ mdatp --health
... ...
realTimeProtectionAvailable : false realTimeProtectionAvailable : false
realTimeProtectionEnabled : true realTimeProtectionEnabled : true
@ -112,7 +112,7 @@ In this case, you need to perform the following steps to enable Real-Time Protec
1. In Terminal, attempt to install the driver. (The operation will fail) 1. In Terminal, attempt to install the driver. (The operation will fail)
```bash ```bash
sudo kextutil /Library/Extensions/wdavkext.kext $ sudo kextutil /Library/Extensions/wdavkext.kext
Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" } Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" } Kext rejected due to system policy: <OSKext 0x7fc34d528390 [0x7fffa74aa8e0]> { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" }
Diagnostics for /Library/Extensions/wdavkext.kext: Diagnostics for /Library/Extensions/wdavkext.kext:
@ -125,13 +125,13 @@ In this case, you need to perform the following steps to enable Real-Time Protec
4. In Terminal, install the driver again. This time the operation will succeed: 4. In Terminal, install the driver again. This time the operation will succeed:
```bash ```bash
sudo kextutil /Library/Extensions/wdavkext.kext $ sudo kextutil /Library/Extensions/wdavkext.kext
``` ```
The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real-Time Protection is both enabled and available: The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real-Time Protection is both enabled and available:
```bash ```bash
mdatp --health $ mdatp --health
... ...
realTimeProtectionAvailable : true realTimeProtectionAvailable : true
realTimeProtectionEnabled : true realTimeProtectionEnabled : true
@ -145,20 +145,20 @@ realTimeProtectionEnabled : true
The client machine is not associated with orgId. Note that the *orgId* attribute is blank. The client machine is not associated with orgId. Note that the *orgId* attribute is blank.
```bash ```bash
mdatp --health orgId $ mdatp --health orgId
``` ```
2. Run the Python script to install the configuration file: 2. Run the Python script to install the configuration file:
```bash ```bash
/usr/bin/python WindowsDefenderATPOnboarding.py $ /usr/bin/python WindowsDefenderATPOnboarding.py
Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password) Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password)
``` ```
3. Verify that the machine is now associated with your organization and reports a valid *orgId*: 3. Verify that the machine is now associated with your organization and reports a valid *orgId*:
```bash ```bash
mdatp --health orgId $ mdatp --health orgId
E6875323-A6C0-4C60-87AD-114BBE7439B8 E6875323-A6C0-4C60-87AD-114BBE7439B8
``` ```

11
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
View File

@ -50,28 +50,29 @@ Download the installation and onboarding packages from Microsoft Defender Securi
Extract the contents of the .zip files: Extract the contents of the .zip files:
```bash ```bash
mavel-macmini:Downloads test$ ls -l $ ls -l
total 721688 total 721688
-rw-r--r-- 1 test staff 269280 Mar 15 11:25 IntuneAppUtil -rw-r--r-- 1 test staff 269280 Mar 15 11:25 IntuneAppUtil
-rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip -rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip
-rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg
mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip $ unzip WindowsDefenderATPOnboardingPackage.zip
Archive: WindowsDefenderATPOnboardingPackage.zip Archive: WindowsDefenderATPOnboardingPackage.zip
warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators
inflating: intune/kext.xml inflating: intune/kext.xml
inflating: intune/WindowsDefenderATPOnboarding.xml inflating: intune/WindowsDefenderATPOnboarding.xml
inflating: jamf/WindowsDefenderATPOnboarding.plist inflating: jamf/WindowsDefenderATPOnboarding.plist
mavel-macmini:Downloads test$
``` ```
7. Make IntuneAppUtil an executable: 7. Make IntuneAppUtil an executable:
```mavel-macmini:Downloads test$ chmod +x IntuneAppUtil``` ```bash
$ chmod +x IntuneAppUtil
```
8. Create the wdav.pkg.intunemac package from wdav.pkg: 8. Create the wdav.pkg.intunemac package from wdav.pkg:
```bash ```bash
mavel-macmini:Downloads test$ ./IntuneAppUtil -c wdav.pkg -o . -i "com.microsoft.wdav" -n "1.0.0" $ ./IntuneAppUtil -c wdav.pkg -o . -i "com.microsoft.wdav" -n "1.0.0"
Microsoft Intune Application Utility for Mac OS X Microsoft Intune Application Utility for Mac OS X
Version: 1.0.0.0 Version: 1.0.0.0
Copyright 2018 Microsoft Corporation Copyright 2018 Microsoft Corporation

13
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
View File

@ -51,17 +51,16 @@ Download the installation and onboarding packages from Windows Defender Security
5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so: 5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so:
```bash ```bash
mavel-macmini:Downloads test$ ls -l $ ls -l
total 721160 total 721160
-rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip -rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip
-rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg
mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip $ unzip WindowsDefenderATPOnboardingPackage.zip
Archive: WindowsDefenderATPOnboardingPackage.zip Archive: WindowsDefenderATPOnboardingPackage.zip
warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators
inflating: intune/kext.xml inflating: intune/kext.xml
inflating: intune/WindowsDefenderATPOnboarding.xml inflating: intune/WindowsDefenderATPOnboarding.xml
inflating: jamf/WindowsDefenderATPOnboarding.plist inflating: jamf/WindowsDefenderATPOnboarding.plist
mavel-macmini:Downloads test$
``` ```
## Create JAMF policies ## Create JAMF policies
@ -166,7 +165,7 @@ Once the policy is applied, you'll see the Microsoft Defender ATP icon in the ma
You can monitor policy installation on a device by following the JAMF log file: You can monitor policy installation on a device by following the JAMF log file:
```bash ```bash
mavel-mojave:~ testuser$ tail -f /var/log/jamf.log $ tail -f /var/log/jamf.log
Thu Feb 21 11:11:41 mavel-mojave jamf[7960]: No patch policies were found. Thu Feb 21 11:11:41 mavel-mojave jamf[7960]: No patch policies were found.
Thu Feb 21 11:16:41 mavel-mojave jamf[8051]: Checking for policies triggered by "recurring check-in" for user "testuser"... Thu Feb 21 11:16:41 mavel-mojave jamf[8051]: Checking for policies triggered by "recurring check-in" for user "testuser"...
Thu Feb 21 11:16:43 mavel-mojave jamf[8051]: Executing Policy WDAV Thu Feb 21 11:16:43 mavel-mojave jamf[8051]: Executing Policy WDAV
@ -179,7 +178,7 @@ You can monitor policy installation on a device by following the JAMF log file:
You can also check the onboarding status: You can also check the onboarding status:
```bash ```bash
mavel-mojave:~ testuser$ mdatp --health $ mdatp --health
... ...
licensed : true licensed : true
orgId : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45" orgId : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45"
@ -195,7 +194,7 @@ orgId : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45"
You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status: You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status:
```bash ```bash
mdatp --health healthy $ mdatp --health healthy
``` ```
The above command prints "1" if the product is onboarded and functioning as expected. The above command prints "1" if the product is onboarded and functioning as expected.
@ -219,6 +218,8 @@ Create a script in **Settings > Computer Management > Scripts**.
This script removes Microsoft Defender ATP from the /Applications directory: This script removes Microsoft Defender ATP from the /Applications directory:
```bash ```bash
#!/bin/bash
echo "Is WDAV installed?" echo "Is WDAV installed?"
ls -ld '/Applications/Microsoft Defender ATP.app' 2>/dev/null ls -ld '/Applications/Microsoft Defender ATP.app' 2>/dev/null

6
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
View File

@ -31,7 +31,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
1. Increase logging level: 1. Increase logging level:
```bash ```bash
mdatp --log-level verbose $ mdatp --log-level verbose
Creating connection to daemon Creating connection to daemon
Connection established Connection established
Operation succeeded Operation succeeded
@ -42,7 +42,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
3. Run `mdatp --diagnostic --create` to backup Microsoft Defender ATP's logs. The files will be stored inside of a .zip archive. This command will also print out the file path to the backup after the operation succeeds. 3. Run `mdatp --diagnostic --create` to backup Microsoft Defender ATP's logs. The files will be stored inside of a .zip archive. This command will also print out the file path to the backup after the operation succeeds.
```bash ```bash
mdatp --diagnostic --create $ mdatp --diagnostic --create
Creating connection to daemon Creating connection to daemon
Connection established Connection established
``` ```
@ -50,7 +50,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
4. Restore logging level: 4. Restore logging level:
```bash ```bash
mdatp --log-level info $ mdatp --log-level info
Creating connection to daemon Creating connection to daemon
Connection established Connection established
Operation succeeded Operation succeeded

2
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
View File

@ -69,7 +69,7 @@ To test that a connection is not blocked, open [https://x.cp.wd.microsoft.com/ap
If you prefer the command line, you can also check the connection by running the following command in Terminal: If you prefer the command line, you can also check the connection by running the following command in Terminal:
```bash ```bash
curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping' $ curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping'
``` ```
The output from this command should be similar to the following: The output from this command should be similar to the following: