BESClient - SeekList Setting - AD Site - Net Change
Log In or Register to download the BES file, and more.

0 Votes

Description

Update group policy when the network changes (if windows) This will help maintain the AD site proptery

  • makes sure AD site is up to date (windows only)
  • sets relay afiliation

Setting "_BESClient_RelaySelect_Manual" = "true" will remove this fixlet from being relevant.

Property Details

ID23802
StatusQA - Ready for Production Level Testing
TitleBESClient - SeekList Setting - AD Site - Net Change
DomainBESC
SourceInternal
Source Release Date1/26/2016 12:00:00 AM
Keywordsclient SeekList ActiveDirectory
Added by on 3/13/2017 10:53:05 AM
Last Modified by on 3/13/2017 10:53:05 AM
Counters 5026 Views / 5 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Relevance

Used in 5 fixlets and 1 analsis   * Results in a true/false
Show indented relevance
not exists relay service AND not exists main gather service
Used in 1 fixlet   * Results in a true/false
Show indented relevance
(( (not exists setting "_NetSignature" of client OR /* check to see if NetSignature matches the current IP addresses */ value of setting "_NetSignature" of client as string != unique value of concatenations ";" of (it as string) whose(it != "127.0.0.1" and it does not start with "169.") of addresses of ip interfaces of network) ) or ( /* make sure a valid AD Site is in the seeklist */ ((exists setting "AD Site" whose (value of it is not "Default-First-Site-Name" and value of it is not "") of client) and (not exists setting "_BESClient_Register_Affiliation_SeekList" whose (value of it contains (value of setting "AD Site" of client )) of client)) ) or /* AD site of WIN client is up to date */ (if operating system as string as lowercase contains "win" then not exists setting "AD Site" whose (value of it = (value "Site-Name" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine" of registry)) of client else false)) and ( /* show the number of valid IPs is > 0 */ number of ((addresses of ip interfaces of network as string) whose(it != "127.0.0.1" and it does not start with "169.")) > 0 )
Used in 1 fixlet   * Results in a true/false
Show indented relevance
/* set value to remove cleint from automatic relay selection script */ not exists setting "_BESClient_RelaySelect_Manual" whose (value of it equals "true") of client

Actions

Action 1 (default)

Action Link Click here to deploy this action.
Script Type BigFix Action Script 
parameter "_FailOver"="FailOver"

if {operating system as string as lowercase contains "win"}
	//only run gpupdate IF a windows desktop
    if {(exists ("win7";"win8";"win10") whose (operating system as string as lowercase contains it))}
        waithidden cmd /c gpupdate
    endif
    parameter "_ADSite" = "{value "Site-Name" of key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine" of registry}"
    setting "AD Site"="{parameter "_ADSite"}" on "{now}" for client
endif

// Check for valid AD-Site property value
if {exists setting "AD Site" of client}
    parameter "_AD_SiteSet" = "{value of setting "AD Site" of client as string | "N/A"}"
    if {parameter "_AD_SiteSet" = "N/A"}
        parameter "_set" = ""
    else
        parameter "_set" = "{parameter "_AD_SiteSet"}"
    endif
else
    parameter "_set" = ""
endif

// Determine if AD Site is blank
if {parameter "_set" != ""}
    parameter "_set_this" = "{parameter "_set"}"
else
    parameter "_set_this" = "{parameter "_FailOver"}"
endif

//set relay seek list
setting "_BESClient_Register_Affiliation_SeekList"="{parameter "_set_this"}" on "{now}" for client

// Set agents to use automatic relay selection
setting "__RelaySelect_Automatic"="1" on "{now}" for client

// Force client to send update to relay
relay select

// ***************************************************************************
// tattoo the settings with the Network Signature
// ***************************************************************************
setting "_NetSignature"="{unique value of concatenations ";" of (it as string) whose(it != "127.0.0.1" and it does not start with "169.") of addresses of ip interfaces of network as string}" on "{now}" for client

Notify Client ForceRefresh
Success Criteria

This action will be considered successful when the applicability relevance evaluates to false.


Sharing

Social Media:
Share this page on Yammer


Comments

Log In or Register to leave comments!
masonje -
Assuming you have a relay(s) "_BESRelay_Register_Affiliation_AdvertisementList" associated with "FailOver", this works well
 

Content

Search
Share
Learn
Projects

Utilities

View SCM Scripts
Base64 Converter
Shell to Action Script

About

About Us
Tour
FAQ
Terms
Contact Us

BigFix Resources

Download BigFix
Support
Forum
Github/Bigfix
bigfix.me All Content
Hosted on bigfixme-as