Server Management Suite

 View Only
Expand all | Collapse all

Detection Rule problem Altiris v. 7.1

  • 1.  Detection Rule problem Altiris v. 7.1

    Posted Mar 02, 2012 05:30 AM

    hello all,
    I have problem with a detection rule. I need to create Registry Key Value detection for a value contains %sapini_copy%.
    when i write %sapini_copy% it not working, i was trying  ", ' before % but still not work.
    Any ideas?

    MK



  • 2.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 02, 2012 07:02 AM

    If % gives you trouble (thats probably what you suppose it to do) ... why not just check if the registry key contains (not exact match) sapini_copy ... do you think it will make any difference?



  • 3.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 02, 2012 07:38 AM

    can you tell me how check if the registry key contains (not exact match) sapini_copy.
    i got only this options (look ss)



  • 4.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 02, 2012 10:39 AM

    Registry value: sapini_copy

    Match: Substring



  • 5.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 02, 2012 10:45 AM

    Change the Match from 'Entire String' to 'Substring'



  • 6.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 02:11 AM

    Mclemson,

    i try this "substring" with value %sapini_copy%, sapini_ , and this didnt work



  • 7.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 02:25 AM

    Somehow i have the feeling you should try:

    HKEY_CURRENT_USER\Software\Wow6432Node\SAP\SAPLogon\Options

    as Registry key path.

    Are you deploying the software to a x64 client?



  • 8.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 02:37 AM

    no XP, x32.

    I don't think so it's a problem with a registry kay , when i write other value that don't have %, the detection rule works fine its seems like Altiris have problem with %



  • 9.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 02:58 AM

    Just tested with "%test%" and it was detected successfully.

    I tested "%test%" with entired string -> detected

    I tested "test" with substring -> detected.

     

    As the key is in HKCU, are you executing the policy with the correct "Run As" settings (As the correct user)?



  • 10.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 04:34 AM

    yes, i run as the current user login, when i try %test% and more words it work, so i think it problem is

    because %sapini_copy% is a environment variable, when i try %temp% don't work too.
     any ideas why?



  • 11.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 05, 2012 05:18 AM

    No clue whats wrong ... for me it works with %temp% and %path% also.



  • 12.  RE: Detection Rule problem Altiris v. 7.1

    Posted Mar 06, 2012 11:25 AM

    Hi KMariusz,

    We try to reproduce your issue on ITMS 7.1 SP2. What version of ITMS is installed on your environment?(or define your Software Management Solution version)

    We able to reproduce your issue only if we put in registry value %Sapini_copy% but in rule we use %sapini_copy%. Do you have both values in same case or you have some difference between registry and rule values.

    all next nuances should be met:

    1. Detection rule value is case sensitive

    2. "Run As" MD policy advanced option setting should be set to "Current logged-on user" (if not Detection rule will try to find this value in another registry hive)

    Regards,

    Dmitri