Test-HgsServer
Tests if the local computer can function as a Host Guardian Service server node.
Syntax
Test-HgsServer
[[-HgsDomainName] <String>]
[-SafeModeAdministratorPassword <SecureString>]
[-LogDirectory <String>]
[-DatabasePath <String>]
[<CommonParameters>] Test-HgsServer
[[-HgsDomainName] <String>]
[-HgsDomainCredential] <PSCredential>
[-HgsServerIPAddress] <String>
[-SafeModeAdministratorPassword <SecureString>]
[-LogDirectory <String>]
[-DatabasePath <String>]
[<CommonParameters>] Description
The Test-HgsServer cmdlet obtains information about the features, configuration, and state of the local computer, and compares it with the recommended settings to determine whether it can function as a Host Guardian Service (HGS) server node.
The following checks are performed, when applicable:
- HostGuardianServiceRole installation integrity
- BitLocker is enabled on the operating system drive
- SecureBoot is enabled
- Static IP addresses are configured
- Whether a restart is pending
- Prerequisites for installing a new forest or domain controller in Active Directory, this includes a test report
- Active Directory trust settings
- Validation tests for failover cluster hardware and settings
- Attestation application pool state
- Key Protection application pool state
For more information about the scenario terms, see Security and Assurance.
Examples
Example 1: Test the first HGS node
PS C:\> Test-HgsServer -HgsDomainName "Contoso.private"This command tests whether the local computer can be used as the first HGS node.
Example 2: Test an additional HGS node
PS C:\> $Cred = Get-Credential
PS C:\> Test-HgsServer -HgsDomainName "Contoso.private" -HgsServerIPAddress "100.100.100.1" -HgsDomainCredential $CredThis command tests whether the local computer can be used as an additional HGS node.
Parameters
-DatabasePath
Specifies a database path.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HgsDomainCredential
Specifies the Active Directory domain administrator credentials for the primary HGS server.
| Type: | PSCredential |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HgsDomainName
Specifies the name of the Active Directory domain for the HGS server.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HgsServerIPAddress
Specifies the network IP address for the HGS server.
| Type: | String |
| Position: | 3 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LogDirectory
Specifies the output log directory.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-SafeModeAdministratorPassword
Specifies the password for the administrator account when the computer is started in Safe Mode or a variant of Safe Mode, such as Directory Services Restore Mode.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Outputs
Microsoft.Windows.HostGuardianService.PowerShell.TestReport
Related Links
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for