2 Replies Latest reply on Apr 7, 2014 9:04 AM by wanman0621

    Query machines for Access to network share

    Rookie

      We are migrating from Novell Zenworks to Landesk.  In the Zenworks world, we can associate applications to users, in the Landesk world its not quite the same.  Although you can assign a distribution/scheduled task to the primary owner or ldap group, it doesnt mean that the primary owner is the currently logged in user.

       

      I would like to emulate that behavior so that the applications that I assign to a user, will be available to the user no matter which workstation they log into (regardless wether they are the primary owner or not).

       

      All of our users receive access rights to an application folder (that exists on a network share) only after their user account has been placed in the associated application group.  Therefore, if a user can’t see a file in a specific application folder (lets say Adobe Photoshop) then it can be determined that the user is not in the application group and therefore should not have the application available to them.

       

      I need to be able to run a query on all workstations that can check if a specific file can be seen within an application folder (that exists on a network share).  This needs to run as the logged in user in order to verify that the user has these rights and not the workstation.  The results should be a list of workstations where the currently logged in user can see a specific file that exists on a network share.

       

      In order to emulate the "Zenworks Like" behavior, I would create a scheduled task and target the query of users that can see a file in the Adobe Photoshop network share.

       

      Anyone know of a way I can generate this type of query?

       

        • 1. Re: Query machines for Access to network share
          Apprentice

          I think you can accomplish something simlar but not identical by doing the following:

           

          1. Create a security group in AD for each application and add the users to the corresponding groups
          2. Change the inventory setting so that the primary owner is based on the last logon (not the last 5-10 which is the default)
          3. Create a portal task for each of your apps and assign LDAP queries for each of the applications you want to make available (from #1)
          4. Change how often inventory scans happen to match your requirements of how fast users should get these apps advertised to them
          5. Change the interval of how often queries get re-calculated from every hour to every 15-30 minutes (depending on how many you have, this might be a heavy load on your Database server and/or domain controller) again to match your requirements of how fast users should get these apps advertised to them.

           

          Good luck

          1 of 1 people found this helpful
          • 2. Re: Query machines for Access to network share
            Rookie

            This is a good option and I may have to do this.  However if anyone knows of a way to Query machines for the results I mentioned in my inital post, I would appreciate it.