Import Microsoft Security Baselines into MEMCM

This post is an update to Using Microsoft Security Baselines with System Center Configuration Manager. The Microsoft Security Compliance Manager is no longer supported or updated. Microsoft no longer releases baselines for Windows 10 using this tool.

This blog will go over a method of converting the Microsoft security baselines to configuration items in MEMCM.

I completed this blog using MEMCM 2002.

Requirements

The computer for where you complete this must of the Active Directory PowerShell module and the MEMCM console installed.

To complete this post, you will need to download the security baseline from the Microsoft Security Compliance Toolkit, available here: https://www.microsoft.com/en-us/download/details.aspx?id=55319. Be sure to select the operating system or product you’re working on.

Once downloaded, extract the ZIP file. Make sure to shorten the name.

Next, we need the Convert-GPOtoCI PowerShell script by Sam Roberts, found here: https://github.com/SamMRoberts/Convert-GPOtoCI. Download the code-base by clicking the green Code button.

Extract the downloaded ZIP file.

Convert GPO to MEMCM Configuration Baselines

There are two processes to do to get this to work. First we need to import the Group Policy Object in Group Policy.

  1. Launch the Group Policy Management console.
  2. Right-click on Group Policy Objects and select New.
  3. Name the object for the product you’re configuring, like MSFT Baseline – Windows 2004.
  4. Right-click on the new object and select Import Settings.
  5. Click next until the Backup location screen. Click Browse and find the baseline folder you extracted.
  6. Select the GPOs folder, click OK, then click Next.
  1. Select the product to import and click Next.
  1. Click Next through the rest of the wizard.

Now that we have a GPO, we can export it into MEMCM.

  1. Launch PowerShell window (not ISE) and cd to the folder you downloaded/extracted from GitHub.
  2. Run this Powershell command, inputting the name of your GPO, domain, and MEMCM site code.
.\Convert-GPOtoCI.ps1 -gpotarget "<name of GPO>" -domaintarget "<domain name>" -sitecode "<site code>"

Example:

.\Convert-GPOtoCI.ps1 -gpotarget "MSFT Baseline - Windows 2004" -domaintarget "contoso.com" -sitecode "TST"

After the command runs, open your MEMCM console. You should see a configuration item with the same name as your GPO.

If you view the properties of the configuration item, you can see the settings and compliance rules have been created.

You can now add this configuration item to a baseline and deploy it.

Disclaimer

All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Cybersecurity Briefings No. 014
Cyber Security

WME Security Briefing 14 June 2024

LightSpy Spyware’s macOS Variant Detected with Advanced Surveillance Capabilities Overview Findings reveal a previously undocumented macOS variant of the LightSpy spyware. It was initially thought to target only iOS users. This spyware utilizes a plugin-based system

Read More »
WME Cybersecurity Briefings No. 013
Cyber Security

WME Security Briefing 10 June 2024

CISA Urges Patching of Actively Exploited Linux Kernel Vulnerability Overview CISA just issued an urgent advisory concerning a newly discovered security flaw in the Linux kernel. The flaw is being actively exploited to affect the netfilter component of

Read More »
3 Things to Consider Before You Enable Copilot for Microsoft 365
Microsoft Copilot

3 Things to Consider Before You Enable Copilot for Microsoft 365

In today’s digital landscape, any productivity tool that streamlines workflow and boosts performance is a pleasant addition. With its AI-powered productivity-enhancing capabilities, Microsoft Copilot has emerged as a game-changer for employees, particularly for organizations using Microsoft

Read More »
WME Cybersecurity Briefings No. 012
Cyber Security

WME Security Briefing 03 June 2024

Moroccan Cybercrime Group Exploits Gift Card Systems for Major Financial Gains Overview: Storm-0539, also called Atlas Lion, is a Moroccan cybercrime group that executes advanced email and SMS phishing attacks. They are committing fraud by utilizing

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=