Jump to content
[[Template core/front/profile/profileHeader is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]]

DarrenWhite99 last won the day on November 8

DarrenWhite99 had the most liked content!

Community Reputation

392 Excellent

My Information

  • Location
    Redding, California, US
  • Agent Count
    2000 - 3000 Agents

Converted

  • OCCUPATION
    Senior Systems Engineer

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. That looks right, what part isn’t working? When you run the script, you should be prompted for a NewComputerName value.
  2. How about a dataview that shows you if a user is logged in, and how long they have been idle? (I went with Red/Green for the status, no Blue)
  3. If the table has a computerid column, it will automatically join the computers, locations, and clients tables. If it has a locationid column, I think it will just link locations and clients. In your view, just don’t name a column computerid or locationid. (Or, redesign the view so that it can be joined to computers, locations, and clients without error)
  4. ?? In your code @jktech? Betcha it’s Unicode characters in your script. Cleanup the script to only contain ANSI characters, and it should work much better.
  5. The fix is easy. Set the computer account to a valid name that is 15 characters or less.
  6. Any variables included in the script body will be replaced each time the Execute Script step is used. They are just as dynamic as variables used as parameters. The script is deleted as soon as it completes, so while the variables are written into the script body as it is written to disk, the file should be removed quickly. Use discretion either way for sensitive information (command line parameters are easily captured also).
  7. Keep the monitor as is, triggering when over 6 minutes off. Then add this into the additional condition: (omputers.lastcontact<DATE_ADD(NOW(),INTERVAL -20 MINUTE) OR TIME() BETWEEN '07:00:00' AND '18:00:00') The monitor might flip around depending on how often you run it around 6:00PM. Imagine if the monitor ran at 5:59 and a computer was offline for 7 minutes, it would alert as offline. If the monitor ran again at 6:04, the computer would be off for 12 minutes and would be reported as online. Then anytime after 6:13, it would have been off over 20 minutes and would again alert as offline. Other than that little weirdness, it should do just what you requested.
  8. This topic just came up in our company. Windows will let you use names over 15 characters, but as was observed the netbios name is what is reported in Automate. But it’s not just Automate that relies on the netbios name. AD uses it also. So for now, sticking with names 15 characters or under is what we are doing and is what I recommend. The Friendly Name is a good way to adjust how you see the name. It isn’t available universally in Automate, but where it’s not the computerid is generally easily available. You can include HTML markup in an alert message or email and make the computer name a clickable link like: <a href="labtech:open?computerid=%computerid%">%computername%</a> See this post for more information:
  9. MYSQLENCODE just prepares a string for use inside MYSQL queries, by escaping characters with special meanings. Ie., replacing ' with \'. Given the following steps: Step 1, SET: @TypicalStringInput@ = This is a normal sentence. Step 2, SET: @MaliciousInputThatWillDestroyEverything@ = This normal sentence'); DROP DATABASE LABTECH; Step 3, SET: @encInputRenderedHarmless@ = MYSQLENCODE(@MaliciousInputThatWillDestroyEverything@) Step 4, SET: @encTypicalStringInput@ = MYSQLENCODE(@TypicalStringInput@) Step 5, SET: @Test1@ = SQLRESULT[SELECT LENGTH('@TypicalStringInput@');] Step 6, SET: @Test2@ = SQLRESULT[SELECT LENGTH('@encTypicalStringInput@');] Step 7, SET: @Test3@ = SQLRESULT[SELECT LENGTH('@MaliciousInputThatWillDestroyEverything@');] Step 8, SET: @Test4@ = SQLRESULT[SELECT LENGTH('@encInputRenderedHarmless@');] The literal queries would be: Step 5, SET: @Test1@ = SELECT LENGTH('This is a normal sentence.'); Step 6, SET: @Test2@ = SELECT LENGTH('This is a normal sentence.'); Step 7, SET: @Test3@ = SELECT LENGTH('This normal sentence'); DROP DATABASE LABTECH;'); Step 8, SET: @Test4@ = SELECT LENGTH('This normal sentence\'); DROP DATABASE LABTECH;'); The raw and encoded versions of TypicalStringInput are the same. There were no special characters to escape. But the MaliciousInput variable included a single quote, which needs to be escaped to be a literal single quote, otherwise it is a string terminator. The encoded MaliciousInput when used is seen as part of 1 query in Step 8. The raw MaliciousInput in step 7 is seen as 3 queries, and you won't like the result from the second query. Does that help? See also https://bobby-tables.com/
  10. ANY variable used in SQL statements should be handled carefully. YOU MUST ALWAYS USE THE MYSQLENCODE FUNCTION. Failure to do this can make your script vulnerable to SQL Injection. At best it will just fail to work. At worst your server and all of your clients will be compromised, your company will fail and you will have alot of uncomfortable discussions. Just Use "Script String Functions: MYSQL Encode" every time.... Step 1, SET: @encInputRenderedHarmless@ = MYSQLENCODE(@MaliciousInputThatWillDestroyEverything@) Step 2, SET: @encTypicalStringInput@ = MYSQLENCODE(@TypicalStringInput@) I prefer to prefix the output variable with "enc", so that I have the original value (for Script Log, etc.) and the encoded value for use in queries. With that important message out of the way, on to more typical Script Variable tips. A common need is to determine if a variable has a value or not. When a variable doesn't exist it is not blank, but when it is blank it has no value. This means that you cannot just check if the variable is = or Not = to blank. The following three step sequence can be used to ensure that a variable exists and has a known value before checking what the value is. Step 1, IF @VariableToCheck@ Not Exists THEN Jump to line 3 Step 2, IF @VariableToCheck@ Not = THEN Jump to line 4 Step 3, SET: @VariableToCheck@ = MyDefaultValue Step 4, Note: VariableToCheck will now always have a default value or the existing value assigned If you want to treat undefined as blank, just use Step 3 to set VariableToCheck to be blank. Another common need is to check if a variable has a certain numeric value or is greater than or less than another number. The "Script Regex" function can be used to ensure that a value is either a valid number, or is blank. You can then check if it is blank or not, before testing the value. Step 1, SET: @VariableToCheck@ = MATCH(@SignedIntegerVariable@ PATTERN \d+), Continue On Failure Step 2, SET: @VariableToCheck@ = MATCH(@UnsignedIntegerVariable@ PATTERN -?\d+), Continue On Failure Step 3, SET: @VariableToCheck@ = MATCH(@FloatingPointVariable@ PATTERN -?\d*\.?\d+), Continue On Failure Step 4, IF @VariableToCheck@ = THEN Jump to :NotANumber, Exit On Failure It is very important that the Script Regex steps be set to Continue On Failure, so that a blank value is assigned if there is no match. Sometimes the input can be ambiguous. Script Regex can be used to match multiple "valid" responses, and will return a blank for anything else. So if you have a parameter variable such as "ForceOperation", does the technician enter "True", "Yes", "Y", "1", or what? You can determine if they entered any of those options or not, and set the variable to specific values for True or False. Step 1, SET: @ForceOperation@ = MATCH(@ForceOperation@ PATTERN (?i)^(True|Y|1)), Continue On Failure Step 2, IF @ForceOperation@ Not = THEN Jump to line 4, Exit On Failure Step 3, SET: @ForceOperation@ = 0, Exit On Failure Step 4, IF @ForceOperation@ = 0 THEN Jump to line 6, Exit On Failure Step 5, SET: @ForceOperation@ = 1, Exit On Failure Step 6, Note: ForceOperation will now always be 0 or 1., Exit On Failure If you don't need the value later you can just do this: Step 1, SET: @ForceOperation@ = MATCH(@ForceOperation@ PATTERN (?i)^(True|Y|1)), Continue On Failure Step 2, IF @ForceOperation@ = THEN Jump to :DoNotForceOperation, Exit On Failure Step 3, Note: The Operation has been forced, Exit On Failure Script Regex can also be useful for cleaning up variables by removing leading and trailing blanks or ensuring only the first line is kept, with no CR/LF characters. Step 1, SET: @TrimmedVariableWithMultipleLines@ = MATCH(@UnknownInput@ PATTERN (?![\r\n\s]).+(?<![\r\n\s])), Continue On Failure Step 2, SET: @TrimmedVariableWithSingleLine@ = MATCH(@UnknownInput@ PATTERN (?![\s])[^\r\n]+(?<![\s])), Continue On Failure Happy Scripting!
  11. @jktech - There is a known (to me) issue that the “Execute Script” function step will fail to execute the script if a " character is used anywhere in the parameters field. FWIW, I prefer to set variables in the script by embedding them directly instead of attempting to pass them as parameters. For example, in a batch file instead of: SET "BatVar=%~1" with @ScriptVar@ being a parameter, I would just have: SET "BatVar=@ScriptVar@" so that %BatVar% can be set without using any parameters. The equivalent in PowerShell (with more robust value support) is using a here string: $PoshVar=@' @ScriptVar@ '@ The "@ScriptVar@" string will be replaced by the script engine dynamically each time the script is executed, so nothing is hardcoded in the Automate script itself. (The replacement will be written into the temporary file that is executed on the agent)
  12. Deploying Agents: Use a Scheduled+Immediate task to make rollouts a breeze. Using the scheduled/immediate task means you don't have to wait for reboots to get the agent installed, can automatically reinstall if the agent is removed or cannot run, and has other benefits. Stash the .bat file and the Labtech.psm1 file on a dc under a folder under netlogon, setup group policy preferences to do the following: Use GPO Folder Security to create a base folder, secured from being written to by non-admins. Use GPP Folder preferences to create %systemdrive%\basefolder\AgentDeploy - Make it replace, and remove no longer applied. Use GPP File Preferences to copy \\%userdomain%\netlogon\AgentDeploy\*.* to %systemdrive%\basefolder\AgentDeploy if the AgentDeploy folder exists. Use GPP Scheduled Task preferences to create the immediate task to run the batch as SYSTEM from %systemdrive%\basefolder\AgentDeploy\agent.bat if the %systemdrive%\basefolder\AgentDeploy\agent.bat file exists. Do the same for a repeating task, say, running hourly, targeting only if the bat file exists. Make the item remove if no longer applied. That's a short version of what is in the post above, with some minor updates. The post above has attached files you can use as a base GPO and has the script that you can run. The batch file can specify the target location, so each client can be automatically setup in the right location. Don't use a GPO to deploy the MSI as a published app, that just doesn't work very well.
×
×
  • Create New...