Jump to content


Popular Content

Showing content with the highest reputation since 04/16/19 in all areas

  1. 1 point
    The horribleness that is the new Agent UI Script tile has made Script Log reading a painful experience, but it started a conversation about combining SCRIPT LOG entries when possible. One method would be to defer logging, using a variable to accumulate information and then logging it all at once. Another would be to call your own SQL to append information into an existing entry. I believe this script is superior to both methods. With this script you would use the SCRIPT LOG step as normal. Each time it is used, a new entry will be recorded as normal, no special treatment of logging is needed. At the end of your script you just call this function script;. This script will combine all the script log lines recorded on this computer under the current script id, since the start of this script into 1 entry and delete the other entries. The combined result will also be returned in a variable named "@SCRIPTLOGS@" in case you wanted to email them, attach them to a ticket, etc. Download Here: FUNCTION - Consolidate Script Log Entries.zip Here is an example before the script is called, with the individual SCRIPT LOG entries. Here is the Script Log entry after running. Thank you @johnduprey for the work you did on this idea, which inspired me to create and share this! combine merge join bundle multiple script log logs logging message messages entries scriptlog scriptlogs entry
  2. 1 point
    I've hacked one together that works fairly well (albeit not an officially supported uninstall method from Symantec). We use this as a last resort when the official ways to remove does not work... This uses CEDAR from Symantec to clean the agent from the system. I do some other stuff such as pre-removing the registry values that usually stop Symantec from uninstalling when it complains about pending actions. I do this via an embeded batch file called from the LabTech Script: :: 04/02/2019 :: Clears PendingFileRenameOperations Registry Key to allow Symantec AntiVirus to Uninstall :: Delete Key REG Delete "HKEY_LOCAL_MACHINE\System\currentcontrolset\control\session manager" /v PendingFileRenameOperations /f 2> nul Here's the two important parts of the script (NOTE: The -silent is case sensitive and undocumented). Let me know if you want the full thing and I will clean it up and export it.
  3. 1 point
    If a script is marked online, it will be queued, but will not start until the computer checks in. If the computer is offline, obviously the script just sits waiting. If the script is an online script and the machine goes offline after the script starts, the script will hang on the next remote command until it comes online, OR until the script engine cleans house and kills the script (within an hour I think). If the script is offline, it will run without waiting. If there is a remote command in the script, the script will hang until the computer checks in, or the script engine kills it (after 2 days?) To test the computer status, check out my Scriptlets pack in the downloads area. One of them is to verify that the agent is online.
  4. 1 point
    I'm guilty of grabbing @DarrenWhite99's scripts previously and modifying and using them but never posting back. First off, Darren, YES these work on macOS quite well (or did back then). One thing we discovered recently was that the program directory on macOS was changed during a a mid-6.9 release of CW Control. So we updated our "Get GUID" script to properly grab the GUID from the old location AND the new location. This has been working well for us. Here's our updated "Get GUID" script. Technically is still supports Windows, but due to the plugin handling that directly now, we really only use this for macOS clients. We just call this script at the end of our "install" script on macOS machines to update the CWA database so the link from CWA to CWC exists for Mac agents just like it does for Windows agents. CW Control Get GUID - ERG.xml
  5. 1 point
    from our experience with 2019.3 Is it possible to lock out an Active Directory account from too many failed login attempts via Automate web client or desktop client? Yes I have seen this happen Is the technician still able to login to Automate after their Active Directory account has been disabled? I have not tried this but i know if AD is locked out then they are blocked form logigng into labtech so i would imagine that is the case but should be of course tested Is the technician still able to login to Automate after their Active Directory account has been deleted? Yes as the labtech account will remain active just not synced to AD
  6. 1 point

    Version 1.1.0


    Once a role has been detected for an agent, it will remain in the list of roles for that system even if the detection rule no longer applies. There are no timestamps recorded for role changes so it is impossible to know if the non-detection state is short term or permanent. This Internal Monitor will identify inactive roles on an agent, which creates a separate active alert for each role on the agent with a timestamp for when the role was first found missing. The RAWSQL monitor is three queries in one. The first one checks for any role that was reported missing more than 7 days ago, and deletes the role from the agent (based on the alert timestamp). The second query deletes role alerts from the history if the role is found to be active, or no longer exists on that agent. The last query is what actually detects missing roles to generate alerts. With the expired roles and alerts removed from the agent by the first queries, the active alert in the monitor will clear (heal) for that role also. The role must be continuously non-detected.. If it is ever found to be a detected role before 7 days has passed, the alert will clear (query #2) and the monitor will start the clock again the if the role becomes missing again. Manually assigned "Apply" and "Ignore" Roles are preserved, only automatically detected roles are candidates for cleanup. If you want your roles to clear quicker, change the date adjustment in the first query from "-7 DAY" to whatever interval you believe is appropriate. This monitor has been updated/improved since it was first released. The attached SQL should safely update any existing version of this monitor and it is recommended that you update even if you have this monitor in place and working as this specific configuration may not have ever been published before.
  7. 1 point
    Right click LTSvcMon.exe and go to properties GO to certificates and view the properties of sha1, if its not trusted follow these steps: https://secure.globalsign.net/cacert/Root-R1.crt Install this cert in your computer store Don't let windows choose a spot Manually set it to Trusted Root Certification Authorities. This fixed our issue. OR Set this key to 0: HKLM\Software\Policy\Microsoft\SystemCertificates\AuthRoot\DisableRootAutoUpdate Reinstall automate agent