Scenario: You have a registry key you want to monitor and to alert you if the value changes. We noticed after the install of Exchange 2013 CU11, it enabled SSLv3 which was manually disabled before.
Script:
#Start #Define Server Collection $Servers = Get-ExchangeServer | Where AdminDisplayVersion -like "Version 15*" #Loop for SSLv3 $sslv3_svr = @() #Create Array Variable $Servers | %{ $Reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $_.name) $RegKey= $Reg.OpenSubKey("SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server") $SSLv3 = $RegKey.GetValue("Enabled") If($SSLV3 -ne 0){ $sslv3_svr += $_.name } } #Email it $body ="" $smtp = "smtp.domain.com" [string[]]$to = "steve@domain.com","Batman@domain.com" $from = "SSLv3Monitor@Domain.com" $subject = "SSLv3 monitor" $body += "<b><Font color=#0404B4>SSLv3 is enabled on the following server and needs to be turned off: </b></font><br><br>" $body += "<Font color=red>$sslv3_svr</font><br><br><br>" send-MailMessage -SmtpServer $smtp -To $to -From $from -Subject $subject -Body $body -BodyAsHtml -Priority high
Ex-Shell 