Overview: The process of removing a policy is called an UNDO in Third Wall. Under special circumstances it may be advantageous to use Automate's script engine in facilitating the UNDO process. This article will describe the setup and execution of running UNDO's by script.
Steps:
- Use the Computer Screen on a test computer to apply an exception against the policy which is to be removed by script. In this example, we will be removing the Disable Windows Store Policy. Click to apply a permanent exception to the Disable Windows Store policy.
- Once the exception is assigned, change to the Commands pane. There, you will see two newly issued Commands. An 'Update Config' command and a 'Third Wall Command'
- Right-click the 'Third Wall Command' and select 'Create Script' from the available context menu. This will launch the Automate Script Editor and you'll see a one-line script is automatically been generated.
Name and save the script. When run on a target computer, it will remove the Disable Windows Store policy from the target computer. You can expect unrestricted access to the Windows Store immediately after the script is completed.
Additional UNDO's may be appended to the script using the following method.
- Right-click the one and only line in the script and select 'Copy'
- Right-click on the line under the first line and select 'Paste'. This will result in a duplicate line 2 being created.
- Double-click the newly created line. This will bring up the Line Editor. Adjust the value of the Parameters field and only the Parameters field. Command, ID and ID Type should all remain the same
- Valid parameters for the UNDO operation is 0, x where x=the ID of the policy. (Policy ID List below)
Screenshot showing the Line Editor after the appropriate change is made.
Screenshot showing the script after the above change was committed to the script.
Policy IDs:
2 Rename Local Administrator Account
3 Set Local Administrator Password
4 Disable Local Administrator Account
5 Enable Minimum Password Length
6 Enable Maximum Password Age
7 Enable Password Protected Screen Saver
8 Restrict Local Administrator Tools
9 Enable UAC
10 Disable Setup.exe and Install.exe
11 Disable Windows Installer
12 Disable Windows 10 Keylogger
13 Enable Logon Message
15 Enable Smart Screen
16 Enable UPnP
17 Disable AutoPlay (AutoRun)
18 Disable Running Exe from %APPDATA%
19 Disable Write to Optical Devices
20 Disable Read & Write to Optical Devices
21 Disable Write to USB Storage Devices
22 Disable Read & Write to USB Storage Devices
23 Disable Cloud Storage
24 Schedule Free Space Delete
26 Uninstall Blacklisted Software
27 Enforce Complex Passwords
28 Block Common Webmail
29 Block Social Media
30 Disable Windows Store
31 Disable Google Play
32 Disable Apple App Store
33 Disable Office Macros Downloaded from the Internet
34 Disable OLE in Office Documents
35 Enable Windows Firewall = Workstations
36 Enable Windows Firewall = Servers
37 Disable Local LM Hash Storage
38 Audit All NTLM Traffic
39 Disable LM NTLM v1
40 Disable NetBios
41 Disable IPv6
42 Disable IGMP
43 Disable SMB v1
44 Log All Logon Events
45 Enhance Security Logging
46 Monitor Event Log Clearing
47 Alert on Excessive Logon Failures
48 Monitor for Ransomware Attack
49 Alert on Unencrypted Disk
50 Enable User Logon Reporting
51 Disable Guest Account
52 Disable Microsoft Accounts
53 Enable USB Wall
54 Disable Terminal Server
55 Enable USB Watch Services
56 Enable TWAPS
57 Clear Windows Pagefile on Reboot
58 Enable Registry Backup