I am using prerequisite queries to determine if software packages are already installed. When I run the tasks, the clients that have it installed will display a failed status saying that the client does not meet the prerequisite requirements. While this is ok, I was just curious if there was a better way to do this so that clients with the package already installed will show a successful status saying that the package is already installed. Similar to how security and patch scan works that a machine not needing any of the updates you push out will still show successful.
That always bugged me too - LOL. I don't know of any way to change it while using query. You could script the detection in the main package, but that would be a PITA. However, you may be able to change the target query for the task - only include targets you want rather than a prereq query. This will only work with machine based targets and not ldap. Others may have some better ideas.
I thought I saw/heard something about 8.8 giving an option of not dispalying the results, but could be wrong.
1 of 1 people found this helpful
With Pre Req queries this is what you would expect. Some people use a reg command in their package to write an inventory value to the Custom Fields registry key so that they can gage success with that. For what you are doing I think a Custom Vulnerability might be the best answer. See the link below for information about creating a custom vulnerability
Yeah, I'm ok with writing custom defs and figured I could use it, but I really don't want to do it if I don't have to. Haven't had too much of a chance to mess with 8.8 yet, anyone out there running it that might know?
Well, thanks for the help, I kind of figured this was the design I was stuck with. I would really like to see the ability to define 2 queries, the prerequisite query to determine if everything needed for the package is there, like .NET or something, and then a detection query for the package to determine if it's already installed or not.
I think I will just use your advice and stick with using a target query to weed out the machines that already have it installed. I don't feel like going through the work of writing anymore scripts if I dont need.
The only thing to look out for in using self-decrementing target queries in lieu of prereq queries is timing. Depending on how you have your inv scanner setup (how often you scan for software) there may be a black hole. Prereqs run at the time of the job and the software scan may only run once a day. So :
Software Scan takes place
Sally installs the software you are looking for - App X - optionally
You push it out as a required policy - she is still a target.
BTW I actually saw Jack make Chuck cry
One really good method is to use Detection. I know, I know, detection doesn't work for the Primary package.
So create a blank batch file package, add the software as a dependent package and you will always get a desired status when you push it out and the software is there or installs successfully. You still get a failed if it fails to install the software.
If the software is there, it won't install, if it is not there, it will install. Yes, you transfer and run a needless blank batch file and run it, but that should not be a big deal.
It would be nice if detection could work for the primary package, but it currently doesn't and while I hope for this feature, the blank batch file primary package with the package I want as a dependent is a good workaround.