Test-MDIConfiguration
Validates the configuration for various Defender for Identity post-deployment required settings.
Syntax
Default (Default)
Test-MDIConfiguration
[-Mode] <String>
[-Configuration] <String[]>
[-GpoNamePrefix <String>]
[-Server <String>]
[<CommonParameters>]
Description
This cmdlet validates the Defender for Identity configuration for settings specified by the Configuration parameter.
Examples
EXAMPLE 1
Test-MDIConfiguration -Mode LocalMachine -Configuration NTLMAuditing
This example validates the NTLMAuditing configuration for the local machine.
EXAMPLE 2
Test-MDIConfiguration -Mode Domain -Configuration NTLMAuditing -GpoNamePrefix 'CONTOSO'
This example validates the NTLMAuditing configurations for the domain, in a GPO with the
prefix of CONTOSO in its name.
EXAMPLE 3
Test-MDIConfiguration -Mode Domain -Configuration All
This example validates all configurations for the domain, including SACLs and GPOs.
Parameters
-Configuration
Specifies the configuration to test. You can specify one or more of the following values:
All(all configurations)AdfsAuditingAdRecycleBinAdvancedAuditPolicyCAsAdvancedAuditPolicyDCsCAAuditingConfigurationContainerAuditingEntraConnectAuditingRemoteSAMDomainObjectAuditingNTLMAuditingProcessorPerformance
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 2 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Domain
Specifies the name of the domain to run the command against. This parameter is optional and defaults to the user's DNS domain.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-GpoNamePrefix
Specifies a prefix for the Group Policy Objects (GPO) names to be searched and tested. Use this parameter for GPO naming convention.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Identity
Specifies the name of the service account to use for the EntraConnectAuditing or RemoteSAM configuration. This parameter is mandatory.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Mode
Specifies the mode to use. You must specify one of the following values:
Domain: Collect settings from the Group Policy objectsLocalMachine: Collect settings from the local machine
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Server
Specifies the name of the server to run the command against. This parameter is optional and defaults to the PDC Emulator in the domain.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Outputs
System.Boolean
The cmdlet returns $true when the settings are configured as required. Otherwise, it returns
$false.