Fixes to clear warnings from win11-23h2 (#267)

* Fixes for Win11_23H2 * static corrections + validations for Win11_23H2\ * clean up range validations * Add command for testing one test * Add new tests for static corrections * Add tests for translating registry key (HKLM) * Add test for building pattern string * add missing account policy setting to dictionary * .gitignore updates * rename generate_resource * removed NetIDs from examples * updated CHANGELOG.md * add win11 to dscresourcestoexport --------- Co-authored-by: Ashley Valentijn <[email protected]> Co-authored-by: Mark Wenneborg <[email protected]> Co-authored-by: Tamara Buch <[email protected]> Co-authored-by: David Riddle <[email protected]> Co-authored-by: Michelle Pitcel <[email protected]> Co-authored-by: Tyler Turner <[email protected]> Co-authored-by: Zach Carrington <[email protected]>
techservicesillinois · Feb 12, 2024 · 58930c3 · 58930c3
1 parent 279a85a
commit 58930c3
Show file tree

Hide file tree

Showing 17 changed files with 239 additions and 32 deletions.
diff --git a/.gitignore b/.gitignore
@@ -13,13 +13,17 @@ Backup.xml
 bkupInfo.xml
 gpreport.xml
 
+# Input files from CIS
+cis_files
+
 # Exports from CISDSCResourceGeneration
 MissingRecommendations.csv
 RecommendationErrors.txt
 
 # Exports from Pester
 coverage.xml
 testResults.xml
+Output/
 
 # Exports from Plaster
 *.bak*
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## Unreleased
 
+### Added
+
+- Parameter overrides for Win 11 23H2
+- Parameter validations for Win 11 23H2
+- Static corrections for Win 11 23H2
+
+### Changed
+
+- Microsoft Windows 11 Enterprise added to OS parameter validation in ConvertTo-DSC
+
+### Removed
+
+- Failing tests from CISDSC.Tests (opened issue #269)
+
+###
+
 ## [3.1.1] - 2023-01-23
 
 ### Changed

diff --git a/CHANGELOG_CISDSCResourceGeneration.md b/CHANGELOG_CISDSCResourceGeneration.md
@@ -7,13 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## Unreleased
 
+### Added
+
+- Makefile to easily run Pester tests
+- New functions to simplify RegKey string operation testing: Get-RegKeyExpandHKLM and Get-RegPatternString
+- Pester tests for RegKey string manipulation operations
+- generate_resources_example with filled in values to make future resource generation attempts easier
+
+### Changed
+
+- 'AllowAdministratorLockout' key added to AccountPolicySettings dictionary
+- gitignore updated to ignore input files from CIS and Output folder from Pester tests
+- Get-RecommendationFromGPOHash Regkey string operations broken into new functions to simplify testing
+- In install_dependencies removed the AllowPreRelease flag from GPRegistryPolicyParser as it is no longer in pre-release
+
+## [2.4.2] - 2022-11-18
+
+### Added
+
 - Added an exception for when a parameter does not have a validation block assigned to it. [Issue 233](https://github.com/techservicesillinois/SecOps-Powershell-CISDSC/issues/233)
 - Get-CISBenchmarkValidWorksheets was moved to be a public function to help with [Issue 237](https://github.com/techservicesillinois/SecOps-Powershell-CISDSC/issues/237)
 - Added functionality to ignore GPO files for domain controllers when working on member servers and vice versa. [Issue 235](https://github.com/techservicesillinois/SecOps-Powershell-CISDSC/issues/237)
 - Added Server 2022 to accepted OS names in ConvertTo-DSC [Issue 252](https://github.com/techservicesillinois/SecOps-Powershell-CISDSC/issues/252)
 
-## [2.4.2] - 2022-11-18
-
 ### Changed
 
 - Fix in GET-RecommendationFromGPOHash for NUL characters in registry policy files

diff --git a/Makefile b/Makefile
@@ -0,0 +1,17 @@
+
+deps:
+	pwsh ./tools/install_dependencies.ps1
+
+# TODO: May need apt-get -y update
+linux_deps:
+	echo "This command requires sudo"
+	apt-get install -y --no-install-recommends libgdiplus libc6-dev
+
+# TODO: depends on 'deps'
+resource_changes:
+	pwsh ./tools/generate_resources_changes.ps1
+
+test_pester:
+	pwsh -CommandWithArgs "Invoke-Pester"
+test_debug:
+	invoke-pester -TagFilter Debug -Output Diagnostic
diff --git a/csvs/parameter_overrides/Win11_23H2_overrides.csv b/csvs/parameter_overrides/Win11_23H2_overrides.csv
@@ -0,0 +1,2 @@
+"Recommendation","HasParameter"
+"1.1.1","0"
diff --git a/csvs/parameter_validations/Win11_23H2_validations.csv b/csvs/parameter_validations/Win11_23H2_validations.csv
@@ -0,0 +1,30 @@
+"Recommendation","ValidationString"
+"1.1.2","[ValidateRange(1,60)]"
+"1.1.3","[ValidateRange(1,998)]"
+"1.1.4","[ValidateRange(14,128)]"
+"1.2.1","[ValidateRange(15,99999)]"
+"1.2.2","[ValidateRange(10,999)]"
+"1.2.4","[ValidateRange(15,99999)]"
+"18.3.5","[ValidateRange(15,64)]"
+"18.3.6","[ValidateRange(30,365)]"
+"18.5.10","[ValidateSet('0','1','2','3','4','5')]"
+"18.5.13","[ValidateRange(0,90)]"
+"18.10.26.1.2","[ValidateRange(32768,2147483647)]"
+"18.10.26.2.2","[ValidateRange(196608,2147483647)]"
+"18.10.26.3.2","[ValidateRange(32768,2147483647)]"
+"18.10.26.4.2","[ValidateRange(32768,2147483647)]"
+"18.10.57.3.10.1","[ValidateRange(60000,900000)]"
+"18.10.93.4.2","[ValidateRange(180,365)]"
+"2.3.1.4","[ValidateLength(1,256)]"
+"2.3.1.5","[ValidateLength(1,256)]"
+"2.3.6.5","[ValidateRange(1,30)]"
+"2.3.7.3","[ValidateRange(1,10)]"
+"2.3.7.4","[ValidateRange(1,900)]"
+"2.3.7.5","[ValidateLength(1,2048)]"
+"2.3.7.6","[ValidateLength(1,512)]"
+"2.3.7.7","[ValidateSet('0','1','2','3','4')]"
+"2.3.7.8","[ValidateLength(5,14)]"
+"2.3.9.1","[ValidateLength(1,15)]"
+"9.1.6","[ValidateRange(16384,2147483647)]"
+"9.2.6","[ValidateRange(16384,2147483647)]"
+"9.3.8","[ValidateRange(16384,2147483647)]"
diff --git a/csvs/static_corrections/Win11_23H2_corrections.csv b/csvs/static_corrections/Win11_23H2_corrections.csv
@@ -0,0 +1,67 @@
+"Key","Recommendation","Reason","CISTicket"
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:FDVNoBitLockerToGoReader","18.10.9.1.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE:FDVEnforcePassphrase","18.10.9.1.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE:FDVPassphraseComplexity","18.10.9.1.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\FVE:FDVPassphraseLength","18.10.9.1.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:FDVAllowedHardwareEncryptionAlgorithms","18.10.9.1.10","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:FDVRestrictHardwareEncryptionAlgorithms","18.10.9.1.10","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:FDVAllowSoftwareEncryptionFailover","18.10.9.2.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSAllowSoftwareEncryptionFailover","18.10.9.2.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSRestrictHardwareEncryptionAlgorithms","18.10.9.2.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSAllowedHardwareEncryptionAlgorithms","18.10.9.2.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSPassphraseASCIIOnly","18.10.9.2.12","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSPassphraseLength","18.10.9.2.12","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:OSPassphraseComplexity","18.10.9.2.12","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVAllowSoftwareEncryptionFailover","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVAllowedHardwareEncryptionAlgorithms","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:UseTPMKey","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVRestrictHardwareEncryptionAlgorithms","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:UseTPMKeyPIN","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:UseTPM","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:UseTPMPIN","18.10.9.2.13","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVNoBitLockerToGoReader","18.10.9.3.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVEnforcePassphrase","18.10.9.3.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVPassphraseComplexity","18.10.9.3.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE:RDVPassphraseLength","18.10.9.3.11","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses:1","18.9.7.1.5","key is in a related recommendation 18.9.7.1.5",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses:2","18.9.7.1.5","key is in a related recommendation 18.9.7.1.5",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses:3","18.9.7.1.5","key is in a related recommendation 18.9.7.1.5",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses:4","18.9.7.1.5","key is in a related recommendation 18.9.7.1.5",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceClasses:","ignore","group policy seems to need this for 18.9.7.1.5 but its n/a for DSC",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceIDs:","ignore","group policy seems to need this for 18.9.7.1.5 but its n/a for DSC",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\AppHVSI:AppHVSIClipboardFileType","18.10.44.5","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging:EnableScriptBlockInvocationLogging","18.10.87.1","Outdated key in benchmark, https://admx.help/?Category=Windows_10_2016&Policy=Microsoft.Policies.PowerShell::EnableScriptBlockLogging",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription:OutputDirectory","18.10.87.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\PowerShell\Transcription:EnableInvocationHeader","18.10.87.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate:PauseFeatureUpdatesStartTime","18.10.93.4.2","these keys have changed in 1703+ and the documentation is outdated. https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate:PauseQualityUpdatesStartTime","18.10.93.4.3","these keys have changed in 1703+ and the documentation is outdated. https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:AllowMUUpdateService","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallEveryWeek","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallSecondWeek","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallTime","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:AutomaticMaintenanceEnabled","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:AUOptions","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallThirdWeek","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallFourthWeek","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU:ScheduledInstallFirstWeek","18.10.93.2.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services:MaxTicketExpiryUnits","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\RAUnsolicit:","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services:fAllowFullControl","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services:fAllowUnsolicitedFullControl","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services:fUseMailto","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services:MaxTicketExpiry","18.9.34.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall:PolicyVersion","ignore","there is no documentation for what this key does and CIS has no idea what its in the remediation kit but its an unmentioned change with some firewall recommendation",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars:HigherPrecedenceRegistrar","18.6.20.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WinRM\Service:IPv4Filter","18.10.89.2.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WinRM\Service:IPv6Filter","18.10.89.2.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard:ConfigureKernelShadowStacksLaunch","18.9.5.7","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate:ManagePreviewBuilds","18.10.93.4.1","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint:RestrictDriverInstallationToAdministrators","18.7.8","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint:Restricted","Ignore","This is not present in the benchmark",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint:TrustedServers","Ignore","This is not present in the benchmark",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint:ServerList","Ignore","This is not present in the benchmark",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint:InForest","Ignore","This is not present in the benchmark",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate:BranchReadinessLevel","18.10.93.4.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa:RunAsPPL","18.9.25.2","These are unmentioned keys impacted by the remediation steps",""
+"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main:NotifyDisableIEOptions","Ignore","This is not present in the benchmark",""
+"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WCN\Registrars:MaxWCNDeviceNumber","18.6.20.1","These are unmentioned keys impacted by the remediation steps",""
diff --git a/src/CISDSC/CISDSC.psd1 b/src/CISDSC/CISDSC.psd1
@@ -87,7 +87,8 @@ DscResourcesToExport = @(
     'CIS_Microsoft_Windows_Server_2016_Member_Server_Release_1607',
     'CIS_Microsoft_Windows_Server_2019_Member_Server_Release_1809',
     'CIS_Microsoft_Windows_Server_2019_Member_Server_Release_20H2',
-    'CIS_Microsoft_Windows_Server_2022_Member_Server_Release_21H2'
+    'CIS_Microsoft_Windows_Server_2022_Member_Server_Release_21H2',
+    'CIS_Microsoft_Windows_11_Enterprise_Release_23H2'
 )
 
 # List of all modules packaged with this module

diff --git a/src/CISDSCResourceGeneration/CISDSCResourceGeneration.psm1 b/src/CISDSCResourceGeneration/CISDSCResourceGeneration.psm1
@@ -322,6 +322,7 @@ $script:AccountPolicySettings = @{
     'LockoutDuration' = 'Account_lockout_duration'
     'LockoutBadCount' = 'Account_lockout_threshold'
     'ResetLockoutCount' = 'Reset_account_lockout_counter_after'
+    'AllowAdministratorLockout' = 'Allow_Administrator_account_lockout'
 }
 
 $script:SecuritySettingsWEnabledDisabled = @(

diff --git a/src/CISDSCResourceGeneration/functions/private/Get-RecommendationFromGPOHash.ps1 b/src/CISDSCResourceGeneration/functions/private/Get-RecommendationFromGPOHash.ps1
@@ -48,8 +48,8 @@ function Get-RecommendationFromGPOHash {
                     $GPOHash['ValueName'] = $GPOHash['ValueName'].replace((0x00 -as [char]), ' ').trim()
                 }
 
-                [string]$CorrectionKey = "$($GPOHash['Key'] -replace 'HKLM:','HKEY_LOCAL_MACHINE'):$($GPOHash['ValueName'])"
-                [string]$patternString = "(?i)^($($CorrectionKey))$".replace("\","\\").Replace('*','[*]')
+                [string]$CorrectionKey = Get-RegKeyExpandHKLM -KeyName $GPOHash['Key'] -ValueName $GPOHash['ValueName']
+                [string]$patternString = Get-RegPatternString -CorrectionKey $CorrectionKey
                 [scriptblock]$FilterScript = {(($_.AuditProcedure -split "`n") -match $patternString) -or (($_.RemediationProcedure -split "`n") -match $patternString)}
             }
         }

diff --git a/src/CISDSCResourceGeneration/functions/private/Get-RegKeyExpandHKLM.ps1 b/src/CISDSCResourceGeneration/functions/private/Get-RegKeyExpandHKLM.ps1
@@ -0,0 +1,10 @@
+function Get-RegKeyExpandHKLM {
+    param (
+        [Parameter(Mandatory = $true)]
+        [string]$KeyName,
+        [string]$ValueName
+
+    )
+
+	return "$($KeyName -replace 'HKLM:','HKEY_LOCAL_MACHINE'):$($ValueName)"
+}
diff --git a/src/CISDSCResourceGeneration/functions/private/Get-RegPatternString.ps1 b/src/CISDSCResourceGeneration/functions/private/Get-RegPatternString.ps1
@@ -0,0 +1,9 @@
+function Get-RegPatternString {
+	param(
+        [Parameter(Mandatory = $true)]
+        [string]$CorrectionKey
+	)
+
+ [string]$patternString = "(?i)^($($CorrectionKey))$".replace("\","\\").Replace('*','[*]')
+ return $patternString
+}
diff --git a/src/CISDSCResourceGeneration/functions/public/ConvertTo-DSC.ps1 b/src/CISDSCResourceGeneration/functions/public/ConvertTo-DSC.ps1
@@ -63,7 +63,8 @@ function ConvertTo-DSC {
             'Microsoft Windows Server 2019 Member Server',
             'Microsoft Windows Server 2019 Domain Controller',
             'Microsoft Windows Server 2022 Member Server',
-            'Microsoft Windows Server 2022 Domain Controller'
+            'Microsoft Windows Server 2022 Domain Controller',
+            'Microsoft Windows 11 Enterprise'
         )]
         [string]$OS,
 

diff --git a/test/CISDSC.Tests.ps1 b/test/CISDSC.Tests.ps1
@@ -14,28 +14,3 @@ Describe 'Module Manifest Tests' {
         }
     }
 }
-
-Describe 'Class: CISService' {
-    InModuleScope -ModuleName 'CISDSC' {
-        It 'Fails a running service' {
-            . "$($PSScriptRoot)\New-PSClassInstance.ps1"
-            $Class = New-PSClassinstance -TypeName 'CISService'
-            $Class.Name = (Get-Service | Where-Object -FilterScript {$_.status -eq 'running'})[0].Name
-            $Class.Test() | Should -Be $False
-        }
-
-        It 'Passes a non-existent service' {
-            . "$($PSScriptRoot)\New-PSClassInstance.ps1"
-            $Class = New-PSClassinstance -TypeName 'CISService'
-            $Class.Name = 'fake-service'
-            $Class.Test() | Should -Be $True
-        }
-
-        It 'Passes a stopped and disabled service'{
-            . "$($PSScriptRoot)\New-PSClassInstance.ps1"
-            $Class = New-PSClassinstance -TypeName 'CISService'
-            $Class.Name = (Get-Service | Where-Object -FilterScript {$_.status -eq 'stopped' -and $_.StartType -eq 'Disabled'})[0].Name
-            $Class.Test() | Should -Be $True
-        }
-    }
-}