We have a handful for users with local admin rights, they are under strict intruction not to install their know software, but we know that some have.


Is there anyway to create a weekly report letting me know what software has been installed on a computer that wasn't pushed from KACE or if i wanted to check one computer directly to see the changes week on week.



0 Comments   [ + ] Show Comments


Please log in to comment



Here's a report that I use to find software installed on computers based on the ASSET_HISTORY table:


This will find software installed in the past 1 day on machines named lib-ic-%, you would want to change the MACHINE.NAME like line to MACHINE.NAME = "computername" if you're looking for installations on just one machine.

Note that this report won't filter out software installed by KACE or Windows Updates. Removing those from the report would be very complicated as far as I know.

Answered 04/10/2014 by: chucksteel
Red Belt

  • This code brought back no results of software.
    • Did you change the machine name to match a computer that you are trying to target?
Please log in to comment

You could "sign" the package using a home-grown algorithm, then place the hash value into a property in the package. No hash means it's not been deployed officially.

A quicker, simpler method might be to permission the local cache folder. That obviates the user copying files into it and running the installation from there. Thus, any package with a source location that's not a folder beneath the local cache is unauthorised.

I don't know Kace scripting at all so I couldn't say if any of that can be done natively in KaceScript but if you're serious about this level of control, knocking up something in VBS or PS shouldn't be too much of an uphill struggle.

Also, why do you have users with local admin rights? Why not permission just the folders that their software needs via the deployment package using SetACL, CACLS, or whatever? I can count on the fingers of one hand the software that I've encountered that insisted users had to be local admin.

Answered 04/10/2014 by: VBScab
Red Belt

Please log in to comment

you can also use custom software inventory to track this info

ShellCommandTextReturn(wmic product where "installdate > "210140000'" get name installdate) will get all software installed this year.  You can also add installsource parameters to see if it was instsalled by kace or not.

In the picture below, the first query shows me all software installed this year that was not installed by kace.  The second query shows me all software installed by kace.

Answered 04/10/2014 by: SMal.tmcc
Red Belt

  • you may also want to look at this for tracking user installed and/or running software.
Please log in to comment
Answer this question or Comment on this question for clarity
Five Steps for Easier- and More Effective- IT Inventorying
Having an accurate inventory of all your IT assets is critical to ensuring that users are productive and that every dollar is well spent. This white paper outlines five steps that improve inventorying both hardware and software.