1 Reply Latest reply on Mar 31, 2014 9:52 AM by Tanner Lindsay

    Geofencing and adaptive settings in LDMS 9.5 SP2

    Apprentice

      Hi there,

       

      I'm trying find a way to delete the HDD or part of the HDD data when a managed workstations (different models and makers and all of these with GPS enabled features), changes its localization out of certain defined geographical boundaries.

       

      I have seen that LANDESK geofencing functionality  is able to perform some “one time actions” using the adaptive setting in the LDMS agent, but none of these seems to be related to remove files from the HDD or eventually to format the whole drive altogether.

       

      Any ideas on this?

        • 1. Re: Geofencing and adaptive settings in LDMS 9.5 SP2
          Tanner Lindsay SupportEmployee

          This isn't a direct action available in adaptive settings right now. However, there is a possible option you can try - at your own risk. :) Automatically deleting files scares me sometimes.

           

          Create one or more Custom Definitions in Patch Manager. These definitions should have detection logic that will "Detect" when the files you want to delete are on the machine. Then, in the repair options, create the appropriate delete command(s). I would recommend against setting this to Autofix.

           

          Create a new Custom Group in Patch and Compliance groups and name it something very scary. We don't want people running this on accident. Put all the definitions you made in this group. Once this is created, make a new Scan and Repair settings, and name it something even scarier. In those settings, configure it to scan the custom group you just created and set it to immediately install (repair) all applicable items. With this set, any time this Scan and Repair setting is used, any machines that have the files/folders you want removed will be "Detected" and immediately "Repaired" - meaning the files will be deleted. That is why you want this named very well so that it isn't run where it shouldn't be.

           

          With all that done, you can go to your Adaptive Settings, create a new trigger and rule, and use the "Run security scan" in the one time actions section. Set it to use your newly created Scan and Repair settings and that should be it.

           

          One thing to be aware of, is that for this to work, the client machine has to be able to communicate with the Core either directly or via the CSA to complete the security scan, but not much traffic is required.

           

          Hope that helps. Not sure if anyone else has any ideas on this