Identify Devices Failing Client Validation

To identify agent devices that are failing client validation against a Recast Management Server, you can run the following PowerShell script, which creates a CSV file in C:\Recast\ClientValidationFailures\DevicesToReEnroll.csv.

# Get the current date and time, subtract 24 hours to get the start time 
$startTime = (Get-Date).AddDays(-1)
 
# Find all the entries with the matching event ID from the last 24 hours 
$events = Get-WinEvent -FilterHashtable @{Logname='Application'; ID=1000; StartTime=$startTime}
 
# Initialize an array to store the computer names 
$cn_values = @()
 
foreach ($event in $events) {
    # Find 'cn=' and everything after it until a space or end of line
    if ($event.Message -match 'cn=([^\s]*)') {
        # Add the matched string to the array
        $cn_values += $Matches[1]
    }
}

# Remove duplicate values 
$unique_cn_values = $cn_values | Sort-Object | Get-Unique
 
# Create directory if it doesn't already exist
$directory = "C:\Recast\ClientValidationFailures" 
if (!(Test-Path $directory)) {
    New-Item -ItemType Directory -Force -Path $directory
}

# Export the unique values to a CSV file with the column name "Computer Name" 
$unique_cn_values | ForEach-Object { [PSCustomObject]@{"Computer Name"=$_} } | Export-Csv -Path
'C:\Recast\ClientValidationFailures\DevicesToReEnroll.csv'  -NoTypeInformation
Copyright © 2023 Recast Software, LLC. All rights reserved.