Skip to main content

I recently came across and issue in my organization that involved me enabling the .NET Framework 3.5 and 4.8 optional features for a user on Windows 10. The issue caused some of our in-house created software to crash and I was informed by my manager after resolving the issue that this user is not alone and he has had to help users with this same issue before.

I tasked myself with creating a Worklet that would check if these optional features are enabled on a Windows 10 machine, and if they are not, enable them! With the help of Ask Otto, this task was a breeze and dramatically cut down the time it took to create both of the scripts.

(Granted, a few tweaks did need to be made to the syntax of some commands but Ask Otto was able to make a pretty solid script with just a few detailed instructions).

If you notice something that could be improved or that could be changed to improve either script please let me know, I’m fairly green when it comes to creating scripts and I’m open to suggestions for improvement! :)
 

Evaluation Script:

# ======================
# Otto AI Generated Code
# ======================
# Check if .NET Framework 3.5 is enabled
$dotnet35Status = Get-WindowsOptionalFeature -Online -FeatureName "NetFx3"
$dotnet35Enabled = $dotnet35Status.State -eq "Enabled"

# Check if .NET Framework 4.8 is enabled
$dotnet48Status = Get-WindowsOptionalFeature -Online -FeatureName "NetFx4-AdvSrvs"
$dotnet48Enabled = $dotnet48Status.State -eq "Enabled"

# Enable .NET Framework 3.5 if it is disabled
if (-not $dotnet35Enabled) {
    Enable-WindowsOptionalFeature -Online -FeatureName "NetFx3" -NoRestart
    if ($?) {
        Write-Host ".NET Framework 3.5 has been enabled."
	exit 0
    } else {
        Write-Host "Error occurred while enabling .NET Framework 3.5."
        exit 1
    }
}

# Enable .NET Framework 4.8 if it is disabled
if (-not $dotnet48Enabled) {
    Enable-WindowsOptionalFeature -Online -FeatureName "NetFx4-AdvSrvs" -NoRestart
    if ($?) {
        Write-Host ".NET Framework 4.8 has been enabled."
	exit 0
    } else {
        Write-Host "Error occurred while enabling .NET Framework 4.8."
        exit 1
    }
}

# Check if both frameworks are enabled
if ($dotnet35Enabled -and $dotnet48Enabled) {
    Write-Host "Both .NET Framework 3.5 and 4.8 are enabled."
    exit 0
} else {
    Write-Host "Error occurred while enabling .NET Frameworks."
    exit 1
}



 

Remediation Script:

# ======================
# Otto AI Generated Code
# ======================
# Check if .NET Framework 3.5 is enabled
$dotNet35Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx3 | Select-Object -ExpandProperty State

# Check if .NET Framework 4.8 is enabled
$dotNet48Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx4-AdvSrvs | Select-Object -ExpandProperty State

# Enable .NET Framework 3.5 if disabled
if ($dotNet35Enabled -ne 'Enabled') {
    Enable-WindowsOptionalFeature -Online -FeatureName NetFx3 -All -NoRestart
}

# Enable .NET Framework 4.8 if disabled
if ($dotNet48Enabled -ne 'Enabled') {
    Enable-WindowsOptionalFeature -Online -FeatureName NetFx4-AdvSrvs -All -NoRestart
}

# Check if both frameworks are enabled
$dotNet35Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx3 | Select-Object -ExpandProperty State
$dotNet48Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx4-AdvSrvs | Select-Object -ExpandProperty State

# Exit with appropriate exit code and message
if ($dotNet35Enabled -eq 'Enabled' -and $dotNet48Enabled -eq 'Enabled') {
    Write-Host "Both .NET Framework 3.5 and 4.8 are enabled."
    exit 0
} else {
    Write-Host "Error: Failed to enable one or both .NET Framework versions."
    exit 1
}

Yo! @ChaseFDLIC I ran it on my test box with .net disabled and it did it’s magic! 

I’m so excited you made this! it even lays the groundwork for future worklets that deploy apps/& modify services that require .net. 
Excited to see more!!!

I would say, in-practice. We’d want to see a different message to explain if it performed the enabling vs it already being enabled and exiting at the Eval stage. 

Changing eval Exit to “Both .NET Framework 3.5 and 4.8 are already enabled” in the evaluation block, and changing remediation Exit to “Both .NET Framework 3.5 and 4.8 have been successfully enabled” would give this a “chef's kiss” touch. 
 

Hey David, thanks for the input, I didn’t think about that. I’ll have to go back in my companies environment and make those changes, that would make seeing if the .NET frameworks were already enabled on a machine much easier! 

I look forward to using this tool a lot more in the future when I encounter situations where script writing is going to be pretty heavy.

Hi Chase,

One item I want to point out for efficiency sake is the Evaluation code is only ever utilized to determine compliance. At the moment, the Evaluation code is set to do the enabling which means each time the device is scanned, a redundant script is executed on the endpoint to enable 3.5 and 4.8.

 

The approach you will want to take is to essentially say ‘are both of these enabled? yes/no’ 

THEN 

Remediation - enable 3.5 and or 4.8. 


Something like this should replace the Eval code.

# Check if .NET Framework 3.5 is enabled
$dotNet35Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx3 | Select-Object -ExpandProperty State

# Check if .NET Framework 4.8 is enabled
$dotNet48Enabled = Get-WindowsOptionalFeature -Online -FeatureName NetFx4-AdvSrvs | Select-Object -ExpandProperty State


# Check if both frameworks are enabled
if ($dotnet35Enabled -and $dotnet48Enabled) {
    Write-Host "Both .NET Framework 3.5 and 4.8 are enabled."
    exit 0
} else {
    exit 1 #queue up Remediation to do this work.
}

Let me know if I can clarify anything.

Regards,

Hey Mark, I didn’t think about that, thanks for the suggestion and for helping me improve the scripts I have created. I’ll have to go back and take a look at my environment and test it out and make some changes to my script to help improve it.

Awesome job on this Worklet, Chase! We’d love to send you some swag! Keep an eye out for a DM from me here. 

Reply


Terms & ConditionsCookie settings