Back in July 2016 Microsoft released Security Compliance Manager 4.0 with support for Windows 10 and Server 2016. For some reason (at the moment) it seems to be hard to find so here are all the bits one might need to get started.
Solution Accelerator Article about SCM4:
Security Compliance Manager (SCM)
A TechNet blog announcing SCM4 availability:
Security Compliance Manager 4.0 now available for download!
An article about the security baselines available and links to download them:
Windows Security Baselines
Download: Windows 10, version 1607 and Windows Server 2016 security baseline
Download: Microsoft Security Compliance Manager 4.0
SQL is needed to install it (yay) and it comes with SQL Express 2008, but here’s a link to SQL 2016 Developer with SP1, which is free now:
MSDN article: Developer Guides for SQL Server
Download: SQL Server Management Studio 16.5.3
Download: SQL 2016 Developer with SP1 (2,590MB ISO)
There’s an interesting web service that could be used to pull reporting data from Office 365, assuming you can authenticate using your tenancy’s service admin. Here the URL for the service:
Microsoft provide a plug-in to Excel that uses this service and it can be used to pull mail protection statistics from your Office 365 tenancy: https://www.microsoft.com/en-us/download/details.aspx?id=30716
Just discovered a handy Microsoft KB article that can help you keep tabs on the latest VC++ redist packages.
Here it is: http://support.microsoft.com/kb/2019667
Now that Windows 8 has hit RTM there is a slightly newer version of Orca the MSI editing tool available. This one is version 5.0.9200.0, but when it’s installed, in the Programs and Features dialog it’ll show up as 8.59.25584.
To grab yourself a copy get the Windows SDK for Windows 8, install using the option to ‘download for installation on a separate computer‘, and make sure only ‘Windows Software Development Kit‘ is selected in the features list. You won’t be able to de-select the .NET 4 download.
After your download is complete you can either install Orca from the download directory, or collect up the files you need to keep a copy for use later on. The files you’ll need are listed here and are linked directly to Microsoft download location for ease of collection:
To install Orca just double-click on Orca-x86_en-us.msi and allow it to install. Job done!
I finally realised where to get hold of version 5 of Orca – the one most suitable for Windows 7 able to validate .msi files for Windows Installer 5. It was of course in the Windows SDK for Windows 7 and .NET Framework 4. Unfortunately there’s no mini-download for the msi sdk like with version 4.5, so for simplicity I’ve acquired the .msi for orca and put it online for download…
Orca 5.0.7693.0 (2.1MB)
If you would rather download the official version from Microsoft you need to install the debugging tools from the Windows SDK, then go in to Program Files\Windows SDK\7.1\Bin and orca.msi will be in there.
[Update 2012-09-08: there’s now a slightly newer version available here]
I just discovered an answer to something I’ve been trying to work out for a while. I need to run a script that can do some work on Vista machines, but I don’t want the person running the script to have to right-click and do a run-as admin. No easy way of doing that in vbscript, and definitely no way of doing it from the command line that I know yet. If you don’t deal with it in your script then the command will simply fail or Vista will do it’s folder redirect thing.
Anyway I just investigated a tool from Microsoft called STRACE (a socket/SSL tracer designed to generate a trace log for Internet Explorer) and realised it came with a little program called “runelevate.exe”. Intrieged I tried running it from a script in Vista and sure enough whatever you put after the command will request admin privilages, and up pops the UAC dialog 🙂
So just get hold of the strace program from the link above, install it, go to program filesstrace and grab runelevate.exe and you can use it in your scripts in Vista to force a command to run with admin rights like this:
And notepad will run with admin rights!