1. Ce site utilise des cookies. En continuant à utiliser ce site, vous acceptez l'utilisation des cookies. En savoir plus.
  2. Bonjour tout le monde ! Veillez consulter la Politique de forum pour comprendre nos règles, Merci a vous !
    Rejeter la notice

Obtenir l'état d'intégrité global du centre de maintenance Windows [Code Source WD]

Discussion dans 'Windev' créé par Pascal, Fev 11, 2018.

  1. Pascal

    Pascal Active Member
    MEMBRE WX

    Inscrit:
    Fev 11, 2018
    Messages:
    82
    J'aime reçus:
    126
    Bonjour tout le monde,

    Pour ma première contribution au forum et si cela vous intéresse ou peut aider quelqu'un d'autre, vous trouverez ci-dessous un code plutôt simple qui permet de récupérer les informations de sécurité du centre de maintenance d'un poste local avec la fonction "WscGetSecurityProviderHealth" de l'API "Wscapi.dll".

    [​IMG]
    Les constantes à déclarer pour utiliser la fonction "WscGetSecurityProviderHealth" :
    Code (Text):

    CONSTANT
       // WSC_SECURITY_PROVIDER enumeration (https://msdn.microsoft.com/en-us/library/bb432509(v=vs.85).aspx)
       WSC_SECURITY_PROVIDER_NONE = 0 // None of the items that WSC monitors (Wscapi.h).
       WSC_SECURITY_PROVIDER_FIREWALL = 1 // The aggregation of all firewalls for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS = 2 // The automatic update settings for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_ANTIVIRUS = 4 // The aggregation of all antivirus products for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_ANTISPYWARE = 8 // The aggregation of all anti-spyware products for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_INTERNET_SETTINGS = 16 // The settings that restrict the access of web sites in each of the Internet zones for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL = 32 // The User Account Control (UAC) settings for this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_SERVICE = 64 // The running state of the WSC service on this computer (Wscapi.h).
       WSC_SECURITY_PROVIDER_ALL = WSC_SECURITY_PROVIDER_FIREWALL + WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS + WSC_SECURITY_PROVIDER_ANTIVIRUS + ...
       WSC_SECURITY_PROVIDER_ANTISPYWARE + WSC_SECURITY_PROVIDER_INTERNET_SETTINGS + WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL + WSC_SECURITY_PROVIDER_SERVICE // All of the items that the WSC monitors (Wscapi.h).
     
       // WSC_SECURITY_PROVIDER_HEALTH enumeration (https://msdn.microsoft.com/en-us/library/bb432510(v=vs.85).aspx)
       WSC_SECURITY_PROVIDER_HEALTH_GOOD = 0 // The status of the security provider category is good and does not need user attention (Wscapi.h).
       WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED = 1 // The status of the security provider category is not monitored by WSC (Wscapi.h).
       WSC_SECURITY_PROVIDER_HEALTH_POOR = 2 // The status of the security provider category is poor and the computer may be at risk (Wscapi.h).
       WSC_SECURITY_PROVIDER_HEALTH_SNOOZE = 3 // The security provider category is in snooze state. Snooze indicates that WSC is not actively protecting the computer (Wscapi.h).
     
       S_FALSE = 0x00000001 // Generic HRESULT pour false (winerror.h).          
    FIN
     
    La fonction à déclarer pour utiliser la fonction "WscGetSecurityProviderHealth" :
    Code (Text):

    // Résumé : The WscGetSecurityProviderHealth function gets the aggregate health state of the security provider categories represented by the specified WSC_SECURITY_PROVIDER enumeration values.
    // Syntaxe :
    //[ <Résultat> = ] WscGetSecurityProviderHealth (<nProviders> est entier sans signe sur 4 octets)
    //
    // Paramètres :
    //   nProviders (entier sans signe sur 4 octets) : One or more of the values in the WSC_SECURITY_PROVIDER enumeration.
    // Valeur de retour :
    //    entier : //    A variable that takes the value of one of the members of the WSC_SECURITY_PROVIDER_HEALTH enumeration. If the WSC service is not running, the return value is always -1.
    //
    // Exemple :
    // https://msdn.microsoft.com/en-us/library/bb432506(v=vs.85).aspx
    //
    PROCEDURE WscGetSecurityProviderHealth(LOCAL nProviders est un entier sans signe sur 4 octets)

    LOCAL
       nError est un entier = 0
       nHealth est un entier = 0
     
    nError = API("wscapi.dll","WscGetSecurityProviderHealth",nProviders,&nHealth)

    SI (nError = S_FALSE) ALORS
       nError = -1
       RENVOYER(nError)
    FIN

    RENVOYER(nHealth)
     
    La DLL à charger :
    Code (Text):

    gnMy_DLL est un entier = 0
    gnMy_DLL = ChargeDLL("Wscapi.dll")
     
    Le code pour utiliser la fonction "WscGetSecurityProviderHealth" :
    Code (Text):

    LOCAL
       nResult est un entier
       nProvider est un entier sans signe sur 4 octets = 0

    POUR x = 1 A 8
     
       SELON x
           CAS 1 : nProvider = WSC_SECURITY_PROVIDER_FIREWALL
           CAS 2 : nProvider = WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS
           CAS 3 : nProvider = WSC_SECURITY_PROVIDER_ANTIVIRUS
           CAS 4 : nProvider = WSC_SECURITY_PROVIDER_ANTISPYWARE
           CAS 5 : nProvider = WSC_SECURITY_PROVIDER_INTERNET_SETTINGS
           CAS 6 : nProvider = WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL
           CAS 7 : nProvider = WSC_SECURITY_PROVIDER_SERVICE
           CAS 8 : nProvider = WSC_SECURITY_PROVIDER_ALL
           AUTRE CAS
               nProvider = WSC_SECURITY_PROVIDER_NONE
       FIN
     
       nResult = WscGetSecurityProviderHealth(nProvider)
     
       SI (nResult <> -1) ALORS
         
           SELON (nProvider)
               CAS WSC_SECURITY_PROVIDER_FIREWALL:
                   Trace("The aggregation of all firewalls for this computer : ")
               CAS WSC_SECURITY_PROVIDER_AUTOUPDATE_SETTINGS:
                   Trace("The automatic update settings for this computer : ")
               CAS WSC_SECURITY_PROVIDER_ANTIVIRUS:
                   Trace("The aggregation of all antivirus products for this computer : ")
               CAS WSC_SECURITY_PROVIDER_ANTISPYWARE:
                   Trace("The aggregation of all anti-spyware products for this computer : ")
               CAS WSC_SECURITY_PROVIDER_INTERNET_SETTINGS:
                   Trace("The settings that restrict the access of web sites in each of the Internet zones for this computer : ")
               CAS WSC_SECURITY_PROVIDER_USER_ACCOUNT_CONTROL:
                   Trace("The User Account Control (UAC) settings for this computer : ")
               CAS WSC_SECURITY_PROVIDER_SERVICE:
                   Trace("The running state of the WSC service on this computer : ")
               CAS WSC_SECURITY_PROVIDER_ALL:
                   Trace("All of the items that the WSC monitors : ")
               CAS WSC_SECURITY_PROVIDER_NONE:
                   Trace("None of the items that WSC monitors : ")        
           FIN
         
           SELON nResult
               CAS WSC_SECURITY_PROVIDER_HEALTH_GOOD:
                   Trace("The status of the security provider category is good and does not need user attention.")
               CAS WSC_SECURITY_PROVIDER_HEALTH_NOTMONITORED:
                   Trace("The status of the security provider category is not monitored by WSC.")
               CAS WSC_SECURITY_PROVIDER_HEALTH_POOR:
                   Trace("The status of the security provider category is poor and the computer may be at risk.")
               CAS WSC_SECURITY_PROVIDER_HEALTH_SNOOZE:
                   Trace("The security provider category is in snooze state.")    
           FIN
         
           Trace(RC)
       SINON
           Trace("the WSC service is not running or WscGetSecurityProviderHealth function is failed.")
       FIN
    FIN
     
    La DLL à décharger :
    Code (Text):

    SI (gnMy_DLL) ALORS DéchargeDLL(gnMy_DLL)
     
    Voila c'est fini. Maintenant vous pouvez connaitre l'état du firewall, de l'antivirus, de l'UAC, etc...
    Si vous avez des commentaires, je suis preneur.

    Bien cordialement,

    Suite :

    Bonjour visiteur, Merci de vous Inscrire ou de vous connectez pour voir les liens!

     
    #1 Pascal, Fev 11, 2018
    Dernière édition: Fev 14, 2018
  2. suenodesign

    suenodesign Well-Known Member
    MEMBRE WX

    Inscrit:
    Jan 1, 2018
    Messages:
    509
    J'aime reçus:
    739
    The aggregation of all firewalls for this computer :
    The status of the security provider category is good and does not need user attention.
    The automatic update settings for this computer :
    The status of the security provider category is good and does not need user attention.
    The aggregation of all antivirus products for this computer :
    The status of the security provider category is good and does not need user attention.
    The aggregation of all anti-spyware products for this computer :
    The status of the security provider category is good and does not need user attention.
    The settings that restrict the access of web sites in each of the Internet zones for this computer :
    The status of the security provider category is good and does not need user attention.
    The User Account Control (UAC) settings for this computer :
    The status of the security provider category is poor and the computer may be at risk.
    The running state of the WSC service on this computer :
    The status of the security provider category is good and does not need user attention.
    All of the items that the WSC monitors :
    The status of the security provider category is poor and the computer may be at risk.
     
    Pascal apprécie ceci.
  3. Pascal

    Pascal Active Member
    MEMBRE WX

    Inscrit:
    Fev 11, 2018
    Messages:
    82
    J'aime reçus:
    126
    Hello cela correspond bien au statut de ton centre de sécurité ?

    Cordialement
     
  4. suenodesign

    suenodesign Well-Known Member
    MEMBRE WX

    Inscrit:
    Jan 1, 2018
    Messages:
    509
    J'aime reçus:
    739
    Oui presque.

    Merci pour le partage.
     
  5. Pascal

    Pascal Active Member
    MEMBRE WX

    Inscrit:
    Fev 11, 2018
    Messages:
    82
    J'aime reçus:
    126

    Bonjour visiteur, Merci de vous Inscrire ou de vous connectez pour voir les liens!

    Oui presque.

    Merci pour le partage.
    Cliquez pour agrandir...
    Pourquoi presque Suenodesign ?
     
  • suenodesign

    suenodesign Well-Known Member
    MEMBRE WX

    Inscrit:
    Jan 1, 2018
    Messages:
    509
    J'aime reçus:
    739
    J'avais pensé que l'UAC était Actif

    The User Account Control (UAC) settings for this computer :
    The status of the security provider category is poor and the computer may be at risk.

    Après vérification : Un ordinateur, ça ne ment jamais :D
     
    Pascal apprécie ceci.
  • Partager cette page

    Chargement...