Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

1 Neutral

My Information

  • Location
    Hillsboro OR USA
  • Agent Count
    1500 - 2000 Agents


  1. KKerezman

    CrashPlan Job Log Reporter

    I needed a way to pull the list of "failed" files from the gigantic CrashPlan client logs, and to do so without downloading several gigs of logs locally and eyeballing it myself. So, coupled with the "opportunity" to learn more about how to wrangle things in PowerShell, I have created the attached TESTING script. In a nutshell, it performs the following steps: Checks if the backup_files.log.0 exists in the CP log directory under ProgramData and emails the tech who ran the script a DIR of the directory if it's missing (then bails). Makes a "today's date" variable in a format matching what's in the log. Parses log looking for lines with today's date, twice. Once to pull the timestamp of the latest job run, once to pull the number of failed files in that job. Generates a "working" (just the desired date/time lines) copy of the log file in %tempdir% and parses that for the lines with the actual failed files. (Upon later runs, the working file is checked for and deleted first.) Emails the resulting info to the tech who ran the script. Note that if you do play with this, you should obviously season it to taste. I merely figured somebody somewhere might get some value out of the day I have just spent chasing down syntax errors... CrashPlan Job Log Reporter (TESTING).xml
  2. KKerezman

    Default Browser

    Bill, Some Googling has led me to a lot of not-terribly-useful information but also one thing that MIGHT be worth a look...: http://kolbi.cz/blog/2017/11/10/setdefaultbrowser-set-the-default-browser-per-user-on-windows-10-and-server-2016-build-1607/ I recommend experimentation. I believe that you'll need to run whatever command/utility in the user's context since browser preference is a per-user thing. Good luck!
  3. KKerezman

    Backup Solution Rating

    Dattos have saved our clients' bacon over and over (and thus our agreements with said clients). StorageCraft has been a decent solution for clients who don't want to invest in the full Datto experience, BUT note that their new version 6.8 of the SPX product is basically broken right now. Our Acronis experience is mainly through what's left of our Kaseya environment and... meh.
  4. KKerezman

    Office 365 backup

    We're using a mix of products, though we're looking to whittle that down. My preferred option is the Datto product-formerly-known-as-Backupify solution.
  5. KKerezman

    Device Purge/Retire

    Jason, I'm asking the obvious questions because I'm still new at the Automate way of things: Are your examples a pair of one-liner scripts you'd run as part of Groups populated by an Auto-Join Search looking for agents offline more than 60/90 days? Thanks!
  6. KKerezman

    Service Blacklist - OneSyncSvc_

    Yeah, whatever genius at Microsoft decided that servers should create those per-user services at login needs to be horsewhipped. Anyway! We ended up making a copy of the "SVC - Auto Services Stopped" internal monitor with this tacked onto the end of the Configuration directive: AND Services.name not like '%OneSyncSvc%' We disabled the stock one and enabled our copy in our Servers 24x7 service plan group, and voila. Seems to be working. (We don't have auto-services monitoring enabled at all for workstations, because ain't nobody got that kind of free time.)
  7. KKerezman

    Autojoin Search for Servers Excluding a specific Group

    Yeah, an EDF ("Group B Member" or whatever) sounds like an infinitely easier way to make this work. "IsServer = true, GroupBMember = false" is all the search you need for Group A at that point, especially since you say you're manually adding machines to Group B anyway. If you don't want to open up a bunch of servers in the Computer Management view one at a time to set the EDF, make a quick one-liner offline script to flip that toggle, then you can multi-select servers and run that.
  8. We do, in fact, have the desktop CC client running on our RDS for non-administrative users. It's not fun, but for our Mac guys who have been left in the lurch by the migration to Automate... it's what we've gotta do. Once we get the software running (a lot of "run as Administrator" during initial setup, and every time there's a patch update to the client) it seems to behave okay. It's mostly a case of run-as-Administrator until you don't need to use run-as-Administrator to get in anymore as a local admin account, at which point non-admin users seem to be able to run it again. Yeah, that's a bit confusingly worded, sorry.
  9. KKerezman

    CloudBerry Backup for MSP - WARNING!

    We're only using CloudBerry for one specific client with gigantic data storage/retention needs. Luckily that client's situation is outside of my scope of responsibilities... at least for now.
  10. KKerezman

    Patch Manager Centralization

    Not an expert, but coming off of one RMM and into another RMM, my general impression is that basically you're either relying on a Microsoft system (WUA) to get your patch info & installation done, or you're relying on a Microsoft system (WSUS) to get your patch info and... you get the idea. Kaseya tried to do the "we're going to maintain our own DB and shut out WUA" trick, which was unwieldy as heck AND basically became untenable once MS switched a lot of patches to "Internet install only." Eventually they punted to more-or-less what Automate's doing (albeit not nearly as well), which is just querying and triggering actions via WUA. It's Microsoft's world, we just try to get by in it.
  11. KKerezman

    Which AV - eset / webroot or other

    We've been a Sophos AV shop for years and years now. I love the product, kind of hate the company. When we get protection working on a machine it tends to stay clean. It's keeping things updated and under control that's been a problem. We started with the Enterprise Console in an MSP mode (which almost nobody at Sophos Support understood, so yes I had to educate them on their own product every time we opened a ticket), and now we're migrating clients to Central w/ the HitmanPro/InterceptX feature. The thing about Central is, if you use the multi-tenant model client-by-client, there is no way to push one policy to all clients AND if you goof and use the wrong installer token at the wrong client, you get to fully uninstall and reinstall to get it into the proper tenant. On the upside, the Sophos Central "solution" in Automate does a rather good job of handling Central deployment so as long as you onboard the machine into the right Client\Location you should be fine. And that's my two farthings' worth.
  12. KKerezman

    Automate Client Constant Crash

    Just ran into this with one of our client agent installs. First machine out of over 1600 to exhibit this behavior. Uninstalling the agent, downloading the cert and using the command line above to import it, then reinstalling the agent package worked perfectly. Thanks to everyone in this thread for your work!