Asset Management Suite

 View Only
Back to Library

Comparing Altiris Data to AD to Determine Missing Clients 

Oct 07, 2015 11:13 AM

One of the hardest tasks of an Altiris Administrator is maintaining agent coverage across the estate and ensuring all Assets have an accurate status. This article will provide a brief guide on how to extend the AD import to include the pwdLastSet and lastLogonTimeStamp attributes of the computer accounts (see http://blogs.technet.com/b/ken_brumfield/archive/2008/09/16/identifying-stale-user-and-computer-accounts.aspx for further details of these attributes) and how to compare that data to the last configuration request data of the Symantec Management Agent to determine if there are any assets that are inactive in both systems. They will then be set to ‘missing’ asset status by a CMDB rule. This will then enable the Symantec Administrator to start an investigation into the correct status of the Asset. The problem with relying purely on Altiris data is that you may retire an active asset that has a broken Altiris agent, by comparing the Altiris data to AD you have 2 data points that will set more accurate statuses.

 

Follow the first 3 steps of the following article - http://www.symantec.com/connect/articles/finding-broken-agents-extending-ad-import. This will walk you through creating the custom data class that is required, assigning it to the 'Computer' resource type and extending the AD import.

 

Building the report

  • In the console browse to Reports > all Reports.

  • Browse to your custom report folder.

  • Right click and select New > SQL Report.

  • Give your report a meaningful name. I have called mine ‘Missing Agents’.

  • Click on Parameterized Query tab and paste the following SQL in;

DECLARE @v1_TrusteeScope nvarchar(max)

   SET @v1_TrusteeScope = N'%TrusteeScope%'

select vce.guid [ResourceGuid], vce.Name, acct.[last pwd change] 'Last Computer Account PWD Change', acct.[last logon] 'Last Computer Logon', mrt.Request 'Last Altiris Config Request' from vComputerEx vce

left join inv_comp_acct_updates acct on acct._resourceguid = vce.Guid

left join (select ccr._resourceguid, MAX(ccr.StartTime) Request from Evt_NS_Client_Config_Request ccr group by ccr._resourceguid)mrt on mrt._ResourceGuid = vce.Guid

where datediff(day,getdate(),mrt.Request) > '30' and (datediff(day,getdate(),acct.[last logon]) > '30' or datediff(day,getdate(),acct.[last pwd change]) > '30')

and vce.guid IN (SELECT [ResourceGuid] FROM [ScopeMembership] WHERE [ScopeCollectionGuid] IN (SELECT [ScopeCollectionGuid] FROM dbo.fnGetTrusteeScopeCollections(@v1_TrusteeScope)))

 

Creating the CMDB Rule

  • In the console browse to Settings > all settings > Notification Server > Connector > CMDB Rules.

  • Right Click CMDB Rules and select New > CMDB Rule.

  • Provide a meaningful name for the CMDB rule. I have called mine ‘Missing Computers’.

  • From the Resource Type drop down select ‘Computer’

  • From the Target Using drop down select ‘Report’

  • Click on Select Report and on ‘Group’ dropdown browse to the folder containing the report created above.

  • Highlight the ‘Missing Agents’ Report and Click the ‘>’ button.

  • Click OK.

  • Under ‘Add resource associations to modify’ click ‘select association…’ for forward associations.

  • On the group drop down select ‘Resource Associations’.

  • Highlight ‘Asset’s Status’ and Click the ‘>’ button.

  • Click OK.

  • On the Lookup Key drop down select '<Value>'.

  • On the Key Column Mappings drop down select 'Missing'.

  • On the schedule drop down select ‘At Date/time’.

  • Select a schedule that runs at the same frequency as your AD import that is after your AD import finishes.

  • Click Save Changes.

 

Reviewing ‘Missing’ Computers

There is an inbuilt report that allows you to view computers that are missing. To execute it;

  • In the console browse to Reports > all Reports > Service and Asset Management > Assets and select ‘Assets by Type, Status, Department, Cost Center and Location’.

  • On the Asset Type drop down select ‘Computer’.

  • On the Asset Status drop down select ‘Missing’.

  • Click on the Refresh button.

 

An article will follow describing how to use an automation policy to email the last logged on user and primary owner to request they confirm the Asset’s status. If the asset is genuinely no longer is use then the asset should be set to retired to free up Altiris licenses and remove the asset from software licensing reports.

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Feb 12, 2016 07:15 AM

Thank you so much for all the articles! set myself up with all three..

cheers

Related Entries and Links

No Related Resource entered.