Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


DarrenWhite99 last won the day on February 19

DarrenWhite99 had the most liked content!

Community Reputation

307 Excellent

My Information

  • Location
    Redding, California, US
  • Agent Count
    2000 - 3000 Agents


    Senior Systems Engineer

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. DarrenWhite99

    Remove another MSP LT Agent

    I have had trouble before running through psexec.. Try adding " <NUL" to the end (without quotes).. You might need ^<NUL since you want that to be passed to the remote machine.
  2. DarrenWhite99

    @Variable@ not expanding correctly into scripted SQL query?

    I find it helpful to set the query to run into a variable, like @SQLQUERY@. Then you can "Script Log" @SQLQUERY@ to confirm how it is actually being represented, and then SQL EXECUTE [@SQLQUERY@] ... (Or SQL Get Value, or Variable Set: SQL Query, etc..)
  3. DarrenWhite99

    TCP - Suspicious Ports - truncated summary

    If the message is coming from an Event Log, you probably can't get much more. If not, try replacing "%FIELDRESULT%" with "%VERBOSEFIELDRESULT%" in your alert message and see if that does the trick.
  4. DarrenWhite99

    Automate Client Constant Crash

    This registry setting specifically increases logging for LTErrors.txt (from LTSvc.exe) but it might impact LTSVCMon.txt also. REM Increase Verbosity REG ADD "HKLM\SOFTWARE\LabTech\Service\Settings" /v "Debuging" /T REG_SZ /d "1000" REM Reset Verbosity to normal REG ADD "HKLM\SOFTWARE\LabTech\Service\Settings" /v "Debuging" /T REG_SZ /d "1" Maybe try increasing the logging and see if you can learn anything. Other stuffs.. Uninstall the agent. Delete the %Windir%\LTSVC folder, %Windir%\Temp\_ltupdate folder, and the HKLM\Software\LabTech\Service registry key. (Also the WOW6432Node version if you find it). Then try installing. Ensure that nothing creates the registry key or folders before the agent can install. After it installs, examine and raise the debugging level if needed.
  5. DarrenWhite99

    Command won't run in script but fine in CMD

    IIRC, I enable this in my Auvik Probe installer script. I create a text file with the letter y (about 10 lines using a loop). Then I run: winrm quickconfig < y.txt to answer y (yes) to any questions. The -q option might eliminate that need. (It's an old script) Shell in scripts is the same as calling a command in the remote command prompt, with 1 small exception that sometimes is relevant. The remote command prompt always changes to your specified directory. A script Shell command just calls the exe but doesn't change directory so you get a default path as the current folder (usually from Windows\System32). Sometimes programs will use the current directory for temp files, etc. and a path like Windows\System32 may not be suitable. To fix, just add this to the start of your command (echo Hello World in this example): CD /D "%SYSTEMDRIVE%\Somepath\Temp\whatever" && echo Hello World I doubt the current directory matters in your example, but if it reliably works in a remote command prompt but not in a script, maybe it does matter.
  6. I did not find any issues in my testing, but a user reported that it was not working for them. It would successfully rebuild, but then a minute later would rebuild again and fail... Which triggered it to rebuild.. repeating. So until I can confirm the cause I don't think it should be used. I have hidden it pending an investigation to resolve this.
  7. DarrenWhite99

    Problem with RAWSQL internal monitor

    Yes, even if you use computerid for your Identity, you still need a ComputerID column. The comment about Date/Time limits is generally more for event logs, but if you include a time based criteria then when the time elapses the monitor will heal. An example of a "bad idea" monitor that would use a time limiter - Suppose that you require that the time be between 12:00AM and 12:00PM (AND HOUR(NOW())<12). The monitor would alert on some condition while the time is between 12:00AM and 12:00PM. But anytime between 12:01PM and 11:59PM, even if the computer still would meet the criteria it will not be returned and the monitor will heal, closing the ticket.
  8. DarrenWhite99

    Problem with RAWSQL internal monitor

    Not sure on the merged tickets. If you are perhaps using a script to generate the ticket, maybe there is an error there. It doesn't matter what the first two columns returned are named, only their position matters. For every additional column, the position (order) doesn't matter, but the name DOES. So both IDField and IdentityField should work, since the name for that column doesn't matter.
  9. DarrenWhite99

    Access Denied during File Download

    You need to make super sure that the variable does not have a linefeed character in it. (Common outcome when setting to %shellresult%). Using a Script String Regex function to set the variable to amatch for the regex (no quotes) "[^\r\n]*" will give you one line of text with no linefeed as the result.
  10. After a reboot the agent state is forgotten. Just reboot, wait 1-2 minutes, then issue a "FastTalk On" remote command to turn it back on.
  11. DarrenWhite99

    CWA Agent Version Update Monitor

    I have added an FAQ to the file description. Please review and see if your question has been answered.
  12. So, there is a way to do this. #Increase the Agentsversion value. UPDATE agentsversion SET `version`=`version`+1 WHERE agentid IN (SELECT AgentID FROM agents WHERE agents.`ComputerID`='44356' AND (agents.`DataOut` LIKE '%VEEAM%' OR agents.`AlertMessage` LIKE 'VEEAM%')); #Flag the monitor as changed, forcing it to rebuild. UPDATE agents SET `changed`=IFNULL(NULLIF(0-ABS(agents.`Changed`),0),-1) WHERE agentid IN (SELECT AgentID FROM agents WHERE agents.`ComputerID`='44356' AND (agents.`DataOut` LIKE '%VEEAM%' OR agents.`AlertMessage` LIKE 'VEEAM%')); The higher value in agentsversion should break the condition where your change is not considered newer than what is already on the remote agent. No other deleting is needed. This post (and what I discovered while investigating) prompted me to create a monitor to automatically fix remote monitor version mismatches. It is posted here: https://www.mspgeek.com/files/file/46-internal-monitor-for-remote-monitor-version-mismatch/
  13. DarrenWhite99

    Prolonged CPU usage monitoring

    This is what "smoothing" is meant to address. Unfortunately I have only recently begun exploring this and don't have any specific guidance handy.
  14. Using your query, you just want to touch a couple of other tables first: #Break the Group Control (Will re-populate) DELETE FROM groupagentscontrol WHERE AgentID IN (SELECT AgentID FROM agents WHERE agents.`ComputerID`='44356' AND (agents.`DataOut` LIKE '%VEEAM%' OR agents.`AlertMessage` LIKE 'VEEAM%')); #Clear the Agent Version history DELETE FROM agentsversion WHERE AgentID IN (SELECT AgentID FROM agents WHERE agents.`ComputerID`='44356' AND (agents.`DataOut` LIKE '%VEEAM%' OR agents.`AlertMessage` LIKE 'VEEAM%')); #Now remove the agent for the remote monitor. DELETE FROM agents WHERE agents.`ComputerID`='44356' AND (agents.`DataOut` LIKE '%VEEAM%' OR agents.`AlertMessage` LIKE 'VEEAM%'); This will force the monitor to get a new AgentID (with no prior agentid version to conflict) and will remove the old agentid since it isn't found in the database. This will also wipe the monitor history and orphan any open tickets (you will have to manually close them), so it's not a perfect solution.
  15. DarrenWhite99

    Removing ScreenConnect Client

    That's literally the content of the post above yours. Insert a new step at step 10, configured as shown. Replace "XXXXX" with your ID. Jumping to ":RowCheck" will jump to the end of the loop, skipping your instance.