viernes, 12 de septiembre de 2025

WINDOWS. Security. Purple Knight Audit Report

Purpose

Perform a light audit of the AD and obtain a health score

Steps

Install Purple Knight: https://www.semperis.com/purple-knight/ 













Solve problems: 


Command: dir -Path .\PurpleKnight-Community -Recurse | Unblock-File

Step-by-Step Explanation

dir -Path .\PurpleKnight-Community -Recurse

Lists all files and folders within the PurpleKnight-Community directory, including subdirectories (-Recurse).

It is equivalent to Get-ChildItem, which is the actual cmdlet behind dir.
| Unblock-File

Passes each file found to the Unblock-File cmdlet.

This cmdlet removes the security block that Windows applies to files downloaded from the Internet (for example, via browser or email).

The block is based on the file's "origin zone" (Zone.Identifier) ​​and can prevent scripts or binaries from running.

Why use it?

When you download tools like Purple Knight (a security utility for Active Directory), Windows may flag files as potentially dangerous. This command:

Prevents security warnings when running scripts or binaries.
Facilitates automation, eliminating the need to manually unlock each file.



by GoN | Published: Oct 2025 | Last Updated:

No hay comentarios: