Jump to content

tvarvais

Members
  • Content Count

    60
  • Joined

  • Last visited

  • Days Won

    6

tvarvais last won the day on July 15

tvarvais had the most liked content!

Community Reputation

13 Good

My Information

  • Location
    Des Moines, IA
  • Agent Count
    > 6000 Agents

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Looks pretty good. One item though "Step 2: Enable the new Group Policy (Domain controller: Allow vulnerable Netlogon secure channel connections) on the domain Controller OU " < Only needs to be done if you have a system(s) that are identified by the 5829 Event and cannot be remediated.
  2. We created a OS Groups for each of the Windows 10 builds so that we have insight into what is out there along with better control over upgrading them. We further narrowed the search to exclude systems not under contract.
  3. Agree with @blckpythn - If you are looking for assistance go to the Slack group - One thing that Connectwise Automate has....is an AWESOME usergroup! Just wish their tech support was better...
  4. tvarvais

    killing a process

    Taskkill should work but.....Have you tried 'Process Kill' in the Script? (After an "IF Process Exists")
  5. (Please not that this is the WORKAROUND not the actual patch) KB4569509: Guidance for DNS Server Vulnerability CVE-2020-1350 - seems to be the talk of the net this afternoon. I wrote a quick script to check for the registry key and set it if the key is not present or set it if the key has the default value. (Microsoft's article does not clarify the type of value to create....had to verify it via another post) For those that prefer batch'n it: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters" /v "TcpReceivePacketSize" /t REG_DWORD /d 0xFF00 /f net stop DNS && net start DNS CVE-2020-1350.xml
  6. MySQL? I am just running a check but perhaps this may help you: SELECT Stage FROM computerpatchingstats WHERE ComputerId = '%computerid%' I look for a '1' to indicate Pilot. I believe 0 is test and 2 production but please verify.
  7. this is on the systems and running a "Check for Updates" - does not show. Therefore does not show in CWA.
  8. KB4562562 is not required for this, it is 'recommended' according to Microsoft but not required.
  9. Has anyone else noticed that KB4561608 on Server 2019 is showing as not required? I have loaded up some fresh servers to test and it installs but am finding that existing servers in production are not showing as requiring the Security patch. Wondering if anyone else is seeing similar. Thanks
  10. "The new Scripts grid enables partners to view and manage the scripts and script folders in their system directly from the Web Control Center." Does anyone have an idea on how to prevent access to this? It shows the full folder structure regardless of permissions on the script(s).
  11. Show script missing for lines 377 and 391 - could you tell me what should be there?
  12. Following... I think most of us do this manually when we setup a server and rarely follow up with an onboarding. Would be interesting to hear what others are doing.
  13. FYI - We recently diagnosed an issue where we were no longer getting notifications for Security Events that we had monitors setup for. It turns out that there has been a change in the monitor that you may want to double check. If you are specifying Source: as "Microsoft Windows security auditing" your monitor is most likely no longer functioning. The monitor that works now requires hyphens in the entry unlike the actual 'Source' in the event log. To get it to work again you should change the entry to: Microsoft-Windows-Security-Auditing Hope this helps
  14. We use an Internal Monitor "Notify When Agent is Online" for this and assign based on EDF Interval is every 5 minutes Send Fail After Success Table to Check: computers Field to check: LastContact Check Condition: LessThan Result: date_add(now(),interval -30 minute) On the Configuration: Identity Field: computers.name,(SELECT `Value` FROM extrafielddata WHERE ExtraFieldID IN (SELECT ID FROM extrafield WHERE `Name`='Notify When Online' AND Form=1) AND ID=Computers.ComputerID) AS `Notify` Additional Condition: Computers.ComputerID IN (SELECT ID FROM extrafielddata WHERE ExtraFieldID IN (SELECT ID FROM extrafield WHERE `Name`='Notify When Online' AND Form=1) AND Value LIKE '%_@_%')
  15. Call sp_DeleteComputer(@computerid@,'Removed by @LTRUNBYUSER@ on %when%') < as an Offline Computer Script This is still working for us but it simply 'Retires' the computer, does not delete. Anybody know how to delete rather than just 'Retire'?
×
×
  • Create New...