Exit codes as per MS requirements?

[l4m3us3r]

Currently https://reg2ps.azurewebsites.net/ seems to output check scripts with: return $false or $true

Whereas MS states that "A remediation script only runs if the detection script uses exit code: exit 1, meaning the issue was detected."(https://learn.microsoft.com/en-us/mem/analytics/remediations)

Forgive my ignorance if return $false is the same as exit 1, but given that I have run across a couple websites that recommend editing the reg2ps output to use exit 1 and some colleagues that claim reg2ps output doesn't work, I thought I would take a second to log it as an issue for your clarification.

cheers,

[rzander]

return $false is not the same as exit 1... Reg2PS returns $true or $false.... if other solutions require different result types, you may have to convert the output...

[GermanKiwi]

HI @rzander, I've just encountered this issue too - I used https://reg2ps.azurewebsites.net to create a PowerShell script to use with Microsoft's Intune remediation feature, only to find that it didn't work, and I've now realised that it's because it returns $true instead of "exit 1".

I'm not skilled enough with PowerShell to be able to confidently modify the script as needed.

Would you be willing to update your tool at https://reg2ps.azurewebsites.net to offer this as an option?

For example, there could be a checkbox there like "Use exit codes instead of $true or $false" - or something like that. What do you think?

[brkdncr]

I made the following changes to get this to work properly as a detection script.

Removed the try { } script block.
added $count = 0 to the beginning of the script.
replaced return $false with $count++
replaced

catch { return $false }
return $true

with

if ($count -eq 0) {
    Write-Output "Compliant"
    exit 0
    } else {
    Write-Output "Non-Compliant"
    exit 1
    }