Jump to content

Mark Hodges

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

My Information

  • Agent Count
    750 - 1000 Agents
  1. hmm...Bitdefender is blocking the powershell script that creates the Automate.bat file....not sure how to work around that without putting environments at risk. It obviously doesn't like system calling powershell (we've had that problem using a batch file with BD to deploy automate). Kinda makes sense...system running a powershell command to download something from internet. its exactly what we do not want to be happening..until we do
  2. I believe right now that if you are patched, the deployment will no longer work due to the blocking of the default agent. I believe Darren has been working on a new update to the package to allow us to do this a little more securely with tokens. I think its just in testing.
  3. so, as part of this, I was thinking to call the "Install all approved Patches" script, however I can't actually tell what this script does. It's calling the builtin Action of Patch Install All, which uses All Microsoft Missing approved Patches but not sure if this calls the reboot action thats applied to the group the Machine is a part of, or if its just a silent patching with no reboots.
  4. check your automate using the qualys SSL testing site...it will tell you if your certs are chained correctly. I've also seen chrome give this error if TLS 1.0 and 1.1 are enabled....
  5. @bcarp89 -so did you switch lines 12 and 20 from run powershell command to run script to call those sections?
  6. I am having same problem as Darrell_Null...I am using an account on CWC that is NOT SSO enabled and running it on my on premise Automate Server so in theory things should be working....
  7. have you looked at the history tab within the automate patch manager...it should tell you the source of the actual installation. When its working correctly it should saw CW Automate as install source.
  8. thanks for that...I have just started getting into automate so I wasn't aware of the RAWSQL monitor (but I've seen lots of people mention the word)
  9. Asking for a Friend... I've been looking at this and I know how to go in and create a monitor and select the fields, etc however I suspect that there is a much easier way to do this by actually using the SQL code above then trying to go through the dropdowns and select all the right options...
  10. I downlaoded Steve's and it bitched that it was newer version of Labtech...pretty neat trick as I am on 2019.6
  11. yeah, I've been going through the list and query results and sorting and looking for those commonalities like Microsoft*, firefox*,etc Its all those oddball crap that's listed that is annoying... :)
  12. So, the more I go through this whole unclassified, whitelisted and blacklisted app list, the more I think that the simpliest and smartest way to handle this is really to have a weekly task of reviewing the unclassified list, finding anything that I want to blacklist, using the wildcard to blacklist and then run a script that copies everything that exists in the unclassified to whitelist. I mean its probably going to help to setup the wildcard values for most of the common apps, but damn there way too many unique apps to do it for most of the apps.
  13. Just so I am clear, with this new monitor, do we still goto a machine, and whitelist or blacklist an application as per normal or do we goto the Dashboard and add an Entry with the wildcard (like Firefox%)? Edit - Not that I've actually READ the whole post, it looks like I should be adding entries manually...
  14. Invanti Security control is another solution for patching (ninja rmm uses it as well as their patch manager). However, if you found a bug in windows update agent regarding the October Security Rollups shouldn't you be resolving that with Microsoft, not spending money to work around the bug)
×
×
  • Create New...