Opening Defender Management Shell
You can open the Defender Management Shell by using either of the following procedures. Each procedure loads the Defender Management Shell snap-in into Windows PowerShell. If you do not load the Defender Management Shell snap-in before you run a command (cmdlet) provided by that snap-in, you will receive an error.
To open the Defender Management Shell
- Start a 32-bit version of Windows PowerShell.
- At the Windows PowerShell prompt, enter the following command:
Add-PSSnapin OneIdentity.Defender.AdminTools
Alternatively, you can complete the following steps related to your version of Windows:
Table 33:
Alternative steps to open the Management Shell
|
On the Apps screen (Windows logo key + Q), click the Defender Management Shell tile. |
- Click the Windows Start button, and then scroll through the alphabetical list on the left.
- Click One Identity to expand the list of components of Defender products installed on the system.
- Click Defender Management Shell.
|
Upon the shell start, the console may display a message stating that a certain file published by One Identity is not trusted on your system. This security message indicates that the certificate the file is digitally signed with is not trusted on your computer, so the console requires you to enable trust for the certificate issuer before the file can be run. Either press R (Run once) or A (Always run). To prevent this message from appearing in the future, it is advisable to choose the second option (A).
Getting help
This section provides instructions on how to get help information for the cmdlets added by the Defender Management Shell to the Windows PowerShell environment.
Alternatively, you can get detailed information about the Defender Management Shell cmdlets by viewing the DefenderManagementShell.chm file located in the Defender Management Shell installation folder (by default, this is %ProgramFiles%\One Identity\Defender\Management Shell).
Table 34:
Common help commands
|
A list of all the Defender Management Shell cmdlets available to the shell. |
Get-Command –module OneIdentity.Defender.AdminTools |
|
Information about the parameters and other components of a Defender Management Shell cmdlet. |
Get-Command <CmdletName>
You can use wildcard character expansion. For example, to view information about the cmdlets with the names ending in Token, you can run this command:
Get-Command *Token |
|
Basic help information for a Defender Management Shell cmdlet. |
Get-Help <CmdletName> |
|
Detailed help information for a Defender Management Shell cmdlet, including descriptions of available parameters and usage examples. |
Get-Help <CmdletName> -full |
|
Basic information about how to use the help system in Windows PowerShell, including Help for the Defender Management Shell. |
Get-Help |
Cmdlets provided by Defender Management Shell
For detailed information about the Defender Management Shell cmdlets, please view the DefenderManagementShell.chm file located in the Defender Management Shell installation folder (by default, this is %ProgramFiles%\One Identity\Defender\Management Shell).
Administrative templates
The Defender distribution package includes Group Policy administrative templates, which you can use to configure the additional features and options that are not available in the Defender Administration Console by default.
In the Defender installation package, you can find the below mentioned files in Setup\Group Policy Templates folder.
These administrative templates are supplied in the following files:
Table 35:
Defender Group Policy administrative templates
|
DefenderGroupPolicy.admx |
- An option to limit the maximum configurable expiry time for the Temporary Helpdesk Token response feature.
- Configuration options for programming software tokens through the Active Roles Web Interface.
- An option to include a Send Mail feature allowing the sending of the token activation code by e-mail for a newly programmed software token.
- Allows serverless binding for Defender to read and write data in Active Directory.
|
|
DefenderGroupPolicy.adml |
- Allows Group Policy Object Editor to display a policy setting in the locale.
|
This chapter consists of the following sections.
