7 Replies Latest reply on Nov 21, 2008 7:04 AM by zman

    Policy to run BrokerConfig based on query?

    Silvercoupe Apprentice

      Afternoon,

       

      I'm about to push the "Create Management Gateway Client Certificate" script to several laptops, but I'm looking for something in the Inventory DB that tracks if Brokerconfig has been run.  Basically, I'd like to set a policy that states:

       

      Query for "Is laptop or portable" then

      query for "has Brokerconfig been configured"

       

      if not

       

      run Brokerconfig -r

       

      or whatever needs to be run.  I'm trying to automate this for any portable on our network to have it done automatically.  I'm modifying our HII image scripts to run both our Laptop LANDesk agent and run "brokerconfig -r" automatically, but I need to get all the units already deployed configured to use the LDMG.

       

      What is best practice for getting this done and automating this procedure?

       

      Thanks.

        • 1. Re: Policy to run BrokerConfig based on query?
          Rookie

          this may be close to what you are looking for.. you can edit to fit your needs...

           

          on error resume next

          Set WshShell = WScript.CreateObject("WScript.Shell")

          Set filesys = CreateObject("Scripting.FileSystemObject")

          CheckKey = WshShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway")

          If CheckKey="Enabled" then
              If filesys.FileExists("c:\Program Files\LANDesk\Shared Files\cbaroot\broker\broker.crt") Then
                  WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "Enabled"
              else
                  If filesys.FileExists("c:\Program Files\LANDesk\ldclient\brokerconfig.exe") Then
                      wshShell.Run "c:\Progra~1\LANDesk\LDClient\brokerconfig.exe -r"
                      wscript.sleep(30000)
                  else
                      Wscript.Echo "Brokerconfig.exe cannot be Lcated.  Please contact LANDesk Support/TACT"
                      WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "NoBroker"
                  end if
                  WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "Enabled"
              end if
          else
              If filesys.FileExists("c:\Program Files\LANDesk\ldclient\brokerconfig.exe") Then
                  wshShell.Run "c:\Progra~1\LANDesk\LDClient\brokerconfig.exe -r"
                  wscript.sleep(30000)
              else
                  Wscript.Echo "Brokerconfig.exe cannot be Lcated.  Please contact LANDesk Support"
                  WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "NoBroker"
              end if
          end if

          If filesys.FileExists("c:\Program Files\LANDesk\Shared Files\cbaroot\broker\broker.crt") Then
              WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "Enabled"

              Wscript.Echo "Managment Gateway Certificate has been obtained."
          else
              WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\CSX\LDClients\ManagedGateway", "NoBroker"
              Wscript.Echo "Managment Gateway Certificate has NOT been obtained.  Please try again or contact LANDesk Support/TACT"
          End if

          wshShell.Run "C:\Progra~1\LANDesk\LDClient\LDISCN32.EXE /NTT=yourserver:5007 /S=
          yourserver /I=HTTP:// yourserver /ldlogon/ldappl3.ldz /F /SYNC /NOUI"

          • 2. Re: Policy to run BrokerConfig based on query?
            Employee

            you could use ldms_client and turn on landesk info. Ron, your script will enable gateway support on non-laptops, which seems like a pointless increase in complexity and traffic (even though dynamic mode _should_ keep them from doing a lot through the gateway, they'll still take the time and bandwidth to figure out if they should use it). A recurring core-side script works better.

            • 3. Re: Policy to run BrokerConfig based on query?
              Rookie

              jack, your assumption is incorrect. This script runs only when called by a master script which formfactor qualifies for a laptop.

               

              thanks for the concern, tho.

              • 4. Re: Policy to run BrokerConfig based on query?
                Employee

                Sorry, didn't see your master script.

                • 5. Re: Policy to run BrokerConfig based on query?
                  zman Master

                  Slightly smaller than a script, how about just using the inventory attribute .System.Has Battery = Yes

                  • 6. Re: Policy to run BrokerConfig based on query?
                    Silvercoupe Apprentice

                    Thanks for all the responses.

                     

                    If I'm reading this correctly, there is no Inventory attribute that states whether the broker has been configured and/or laptop set to use the LDMG?  If this existed, building a policy off a query of "portables not yet configured" would be very simple.

                     

                    First, does this inventory attribute exist (Certificate exists on box = Yes)?  Secondly, if the attribute doesn't exist would a recurring Scheduled Task using a script similar to the one above for all portables be the way to go?