A script to have handy to tell you which schannel protocols are enabled / disabled for PCI or certificate compliance. $path = "HKLM://SYSTEM/CurrentControlSet/Control/SecurityProviders/Schannel/Protocols" Push-Location Set-Location -Path $path Get-ChildItem . | Select-Object @ { Name = "Protocol" Expression = { Split-Path $_ .PSPath -leaf } } ,@ { Name = "Client Enabled" Expression = { ( Get-ItemProperty -Path ( Join-Path $_ .PSPath 'Client' ) -ErrorAction silentlycontinue ) .Enabled } } ,@ { Name = "Client DisabledByDefault" Expression = { ( Get-ItemProperty -Path ( Join-Path $_ .PSPath 'Client' ) -ErrorAction silentlycontinue ) .DisabledByDefault } } ,@ { Name = "Server Enabled" Expression = { ( Get-ItemProperty -Path ( Join-Path $_ .PSPath 'Server' ) -ErrorAction silentlycontinue ) .Enabled } } ,@ { Name = "Server DisabledByDefault" Expression = { ( Get-ItemProperty -Path ( Join-Path $_ .PSPath 'Server' ) -ErrorAction silentlycontinue ) .DisabledByDefault } } | ft -autosize Pop-Location
↧