To identify agent devices that are failing client validation against a Recast Management Server, you can run the following PowerShell script, which creates a CSV file in C:\Recast\ClientValidationFailures\DevicesToReEnroll.csv.
# Get the current date and time, subtract 24 hours to get the start time
$startTime = (Get-Date).AddDays(-1)
# Find all the entries with the matching event ID from the last 24 hours
$events = Get-WinEvent -FilterHashtable @{Logname='Application'; ID=1000; StartTime=$startTime}
# Initialize an array to store the computer names
$cn_values = @()
foreach ($event in $events) {
# Find 'cn=' and everything after it until a space or end of line
if ($event.Message -match 'cn=([^\s]*)') {
# Add the matched string to the array
$cn_values += $Matches[1]
}
}
# Remove duplicate values
$unique_cn_values = $cn_values | Sort-Object | Get-Unique
# Create directory if it doesn't already exist
$directory = "C:\Recast\ClientValidationFailures"
if (!(Test-Path $directory)) {
New-Item -ItemType Directory -Force -Path $directory
}
# Export the unique values to a CSV file with the column name "Computer Name"
$unique_cn_values | ForEach-Object { [PSCustomObject]@{"Computer Name"=$_} } | Export-Csv -Path
'C:\Recast\ClientValidationFailures\DevicesToReEnroll.csv' -NoTypeInformation