/build/static/layout/Breadcrumb_cap_w.png

Scripting Question


finding computers missing from a security group

01/05/2016 1060 views
Hello. We are moving over to Cisco ISE for our network management. As various people add new computers to the network, they sometimes forget to assign the security group which is now needed to place the switch port in the correct vlan. I am trying to leverage KACE to find machines that are *not* members of specific security groups. For example, if a computer is *not* a member of 'staff-1', 'staff-2', or 'staff-3' then I need to know that. I am thinking that this can be done with an LDAP group for computers that are a member of one of those groups, and then a report for computers that are in inventory but not a part of that smart label, but I am not sure how to write the LDAP query to populate the LDAP label. Any ideas?
Answer Summary:
0 Comments   [ + ] Show comments

Comments


Answer Chosen by the Author

1
to run as a local account:
note:use the path I used that directory allows any user to put files there
You will need to create a kscript run as logged in user and create a text file then use the cir to read that.

g7EoMv.jpeg
1h3z0S.jpeg

CIR
ShellCommandTextReturn(cmd /c type C:\ProgramData\Dell\KACE\user\netlocalgroup.txt)

Answered 01/05/2016 by: SMal.tmcc
Red Belt

  • sorry I forgot net "" needs to run as a user, it will not work when run as system and CIR's run as system
  • also this will need an inventory cycle to run after the kscript prior to populating the CIR
    • This seems to be creating the local file correctly, but it is returning the logged in user's groups, not the computer itself. Is there a different command or switch for that?
      • sorry not paying attention to detail today buried with windows 10 sysprep and imaging

        use this in the script
        /c gpresult /r /scope:computer > C:\ProgramData\Dell\KACE\user\gpresult.txt

        then read that file with CIR

All Answers

This content is currently hidden from public view.
Reason: Removed by member request For more information, visit our FAQ's.
0
SMAL- thank you so much, that worked perfectly! Enjoy Windows 10!!
Answered 01/05/2016 by: rlavin
White Belt

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ